& DNS resources
More info here
https://blog.detectify.com/industry-insights/bypassing-cloudflare-waf-with-the-origin-server-ip-address/
#WAF
@GitBook_s
More info here
https://blog.detectify.com/industry-insights/bypassing-cloudflare-waf-with-the-origin-server-ip-address/
#WAF
@GitBook_s
❤2
🔗 Webhooks online
http://GitBook_s.t.me
A selection of useful services for testing HTTP requests
🔗webhook.link
🔗webhook.site
🔗 webhook-test.com
🔗 webhook.cool
🔗webhookrelay
Example:
curl -X POST https://gitbook-s.webhook.cool -H "Content-Type: application/json" -d '{"hello": "world", "is_true": true}'
#webhook #http #web
http://GitBook_s.t.me
A selection of useful services for testing HTTP requests
🔗webhook.link
🔗webhook.site
🔗 webhook-test.com
🔗 webhook.cool
🔗webhookrelay
Example:
curl -X POST https://gitbook-s.webhook.cool -H "Content-Type: application/json" -d '{"hello": "world", "is_true": true}'
#webhook #http #web
❤3
Bug Bounty - GitBook pinned «#cross promotion https://news.1rj.ru/str/pentesterland1»
وحشتِ تنهایی از همصحبتِ بد خوشترست
سر به صحرا مینهم چون عاقلی پیدا شود
تخم در هر شورهزاری ریختن بیحاصل است
صبر دارم تا زمین قابلی پیدا شود
گوهر خود را مزن صائب به سنگ ناقصان
باش تا جوهرشناس کاملی پیدا شود
از غزلیات صائب - شماره ۲۶۶۰
سر به صحرا مینهم چون عاقلی پیدا شود
تخم در هر شورهزاری ریختن بیحاصل است
صبر دارم تا زمین قابلی پیدا شود
گوهر خود را مزن صائب به سنگ ناقصان
باش تا جوهرشناس کاملی پیدا شود
از غزلیات صائب - شماره ۲۶۶۰
❤8
Sometimes IDOR isn't just about changing 123 to 124
Try changing types.
If there’s an endpoint /api/reset_password that takes {"user_id": 123}
Try :
{"user_id": true}
{"user_id": []}
{"user_id": 0}
{"user_id": “123 “}
true might match the first record in the database which might be admin
http://GitBook_s.t.me
Try changing types.
Try :
{"user_id": true}
{"user_id": []}
{"user_id": 0}
{"user_id": “123 “}
true might match the first record in the database which might be admin
http://GitBook_s.t.me
Telegram
Bug Bounty - GitBook
GitBooks, Notion, medium, Mindmaps, books
bug bounty, pentest, ctf, osint, labs, tools
writeUps, check list, Cheatsheet, tips, GitHub
bug bounty, pentest, ctf, osint, labs, tools
writeUps, check list, Cheatsheet, tips, GitHub
👍9❤3
❤4
@GitBook_s/notion/
Application-A-Example
Reverse-Engineering & Malware-Analysis
Red-Team-Second-Brain
Web-App-Security-Testing-Checklist
A Hacker's Notebook
A Hacker's Notebook Part II
AD-aboud
Red-Team-Certifications-Notes
Recon-Web Language: farsi
zseano Methodology
Final-Collection-of-Advice
Study-Notes
Android-Pentest
VeryLazyTech
Application-A-Example
Reverse-Engineering & Malware-Analysis
Red-Team-Second-Brain
Web-App-Security-Testing-Checklist
A Hacker's Notebook
A Hacker's Notebook Part II
AD-aboud
Red-Team-Certifications-Notes
Recon-Web Language: farsi
zseano Methodology
Final-Collection-of-Advice
Study-Notes
Android-Pentest
VeryLazyTech
Telegram
Bug Bounty - GitBook
https://terrific-dart-70e.notion.site/Application-A-Example-294f4ca0f424810eaf56eb26f6a4ea4e
#notion #bugbounty #checklist
#notion #bugbounty #checklist
❤3