All about bug bounty (bypasses, payloads, and etc)
 
Go to file
Muhammad Daffa 0a16c9d981 fix: remove 1 line on OSRF 2023-05-29 18:30:11 +07:00
Bypass feat: added XSS payloads to bypass WAF 2022-11-08 18:29:04 +07:00
CVEs/2021 added back CVE-2021-36873 2022-12-09 15:26:25 +07:00
Checklist Added Joomla and SSRF, and doing some major changes 2022-07-09 22:35:32 +07:00
Misc feat: added Reflected File Download (RFD) 2023-05-22 07:10:26 +07:00
Reconnaissance Added Joomla and SSRF, and doing some major changes 2022-07-09 22:35:32 +07:00
Technologies Added Joomla and SSRF, and doing some major changes 2022-07-09 22:35:32 +07:00
Arbitrary File Upload.md Added Joomla and SSRF, and doing some major changes 2022-07-09 22:35:32 +07:00
CRLF Injection.md Add 'Where to find' in each readme, add Apache + CRLF + RFI 2022-06-22 11:41:21 +07:00
Cross Site Request Forgery.md feat: added XSS payloads to bypass WAF 2022-11-08 18:29:04 +07:00
Cross Site Scripting.md feat: added XSS payloads to bypass WAF 2022-11-08 18:29:04 +07:00
Denial Of Service.md Added Joomla and SSRF, and doing some major changes 2022-07-09 22:35:32 +07:00
Exposed Source Code.md Add 'Where to find' in each readme, add Apache + CRLF + RFI 2022-06-22 11:41:21 +07:00
Host Header Injection.md Added Joomla and SSRF, and doing some major changes 2022-07-09 22:35:32 +07:00
Insecure Direct Object References.md Added Joomla and SSRF, and doing some major changes 2022-07-09 22:35:32 +07:00
Local File Inclusion.md Add 'Where to find' in each readme, add Apache + CRLF + RFI 2022-06-22 11:41:21 +07:00
Mass Assignment.md Added Joomla and SSRF, and doing some major changes 2022-07-09 22:35:32 +07:00
NoSQL Injection.md Update structure each readme 2022-06-15 17:38:42 +07:00
OAuth Misconfiguration.md updated Oauth Misconfiguration 2022-12-09 15:24:15 +07:00
On Site Request Forgery.md fix: remove 1 line on OSRF 2023-05-29 18:30:11 +07:00
Open Redirect.md Add 'Where to find' in each readme, add Apache + CRLF + RFI 2022-06-22 11:41:21 +07:00
README.md docs: fixed typo on README.md 2023-05-22 07:16:10 +07:00
Reflected File Download.md feat: added Reflected File Download (RFD) 2023-05-22 07:10:26 +07:00
Remote File Inclusion.md Add 'Where to find' in each readme, add Apache + CRLF + RFI 2022-06-22 11:41:21 +07:00
SQL Injection.md feat: added CVEs directory 2022-11-18 18:58:34 +07:00
Server Side Include Injection.md feat: added SSI 2023-02-01 10:22:13 +07:00
Server Side Request Forgery.md Fix ssrf markdown 2022-07-09 22:37:59 +07:00
Web Cache Deception.md feat: added CVEs directory 2022-11-18 18:58:34 +07:00
Web Cache Poisoning.md Add 'Where to find' in each readme, add Apache + CRLF + RFI 2022-06-22 11:41:21 +07:00

README.md

All about bug bounty

These are my bug bounty notes that I have gathered from various sources, you can contribute to this repository too!

List Vulnerability

List Bypass

Checklist

CVEs

Miscellaneous

Technologies

Reconnaissance

To-Do-List

  • Tidy up the reconnaisance folder
  • Added more lesser known web attacks
  • Added CVEs folder
  • Writes multiple payload bypasses for each vulnerability
    • Payload XSS for each WAF (Cloudflare, Cloudfront, AWS, etc)
    • Payload SQL injection for each WAF (Cloudflare, Cloudfront)