A somewhat curated list of links to various topics in application security.
| Item | Date Added | Link | Excerpt |
|---|---|---|---|
| 1 | 2025-08-14 04:30:53 UTC | (Research) Exploiting HTTP Parsers Inconsistencies | The content titled "(Research) Exploiting HTTP Parsers Inconsistencies" likely discusses a study or investigation into vulnerabilities related to inconsistencies in HTTP parsers. This research may explore how these inconsistencies can be manipulated or exploited for various purposes. The focus is likely on understanding the weaknesses in HTTP parsers and potentially finding ways to enhance security measures to mitigate these vulnerabilities. |
| 2 | 2025-08-14 04:30:49 UTC | Top 10 web hacking techniques of 2022 | PortSwigger Research | The content is about the top 10 web hacking techniques of 2022 as researched by PortSwigger. It likely delves into the latest methods and strategies used by hackers to exploit vulnerabilities in web systems. This information can be valuable for cybersecurity professionals, developers, and organizations to understand current threats and enhance their defenses against cyber attacks. |
| 3 | 2025-08-14 04:30:36 UTC | Bug Bounty — Tips / Tricks / JS (JavaScript Files) - InfoSec Write-ups - Me | The content discusses bug bounty tips, tricks, and JavaScript (JS) files in the context of InfoSec write-ups. It likely includes insights, strategies, and techniques related to identifying and exploiting security vulnerabilities in web applications through bug bounty programs. The author may share their experiences, knowledge, and recommendations for effectively finding and reporting bugs in JavaScript files to enhance cybersecurity practices. |
| 4 | 2025-08-14 04:30:34 UTC | https://github.com/dsopas/assessment-mindset | The provided link leads to a GitHub repository named "assessment-mindset" created by dsopas. The repository likely contains information, code, or resources related to developing an assessment mindset. It may include tools, techniques, or strategies for improving assessment skills or approaches. Users can explore the repository to gain insights into fostering a positive mindset towards assessments. |
| 5 | 2025-08-14 04:30:32 UTC | The Hitchhiker’s Guide to Bug Bounty Hunting Throughout the Galaxy. v2 | The content is titled "The Hitchhiker’s Guide to Bug Bounty Hunting Throughout the Galaxy. v2." It suggests a guide or resource for individuals interested in bug bounty hunting, a practice where individuals find and report security vulnerabilities in exchange for rewards. The title alludes to the popular book "The Hitchhiker's Guide to the Galaxy," implying a whimsical or humorous approach to the subject matter. It likely provides tips, strategies, and insights for bug bounty hunters operating in a wide range of environments or platforms. |
| 6 | 2025-08-14 04:30:20 UTC | Bounty Report Generator | The content is concise and simply states the title "Bounty Report Generator." It suggests the existence of a tool or software that is likely designed to create reports related to bounties. The content lacks specific details or information about the functionality, purpose, or features of the generator. |
| 7 | 2025-08-14 04:29:28 UTC | https://link.medium.com/oVNvKnISbdb | I'm unable to access external content such as the one you provided. If you can provide the main points or key ideas from the content, I'd be happy to help summarize it for you in 100 words or less. |
| 8 | 2025-08-14 04:29:18 UTC | Security Tools | Curated list of security tools for Hackers & Builders! | The content is a curated list of security tools designed for both hackers and builders. It provides a collection of tools that can be used for enhancing security measures, whether for offensive or defensive purposes. The list likely includes a variety of software, applications, or resources that can help individuals improve their cybersecurity practices. |
| 9 | 2025-08-14 04:29:14 UTC | Bug Bounty Hunting Tips #4 — Develop a Process and Follow It - Craig Hays | The content is about bug bounty hunting tips, specifically emphasizing the importance of developing a process and adhering to it. Following a structured approach can help bug bounty hunters stay organized, efficient, and focused on finding vulnerabilities. By establishing a clear process and consistently following it, hunters can improve their chances of successfully identifying and reporting bugs. Craig Hays highlights the significance of having a systematic method in bug bounty hunting to enhance effectiveness and productivity. |
| 10 | 2025-08-14 04:29:12 UTC | (224) @Th3G3nt3lman Shares His Recon Methodology and How He Consistently Co | @Th3G3nt3lman discusses his recon methodology and how he maintains consistency. The content likely delves into strategies, techniques, or processes used by @Th3G3nt3lman for reconnaissance activities. It may touch on the importance of having a structured approach to gathering information and how this contributes to achieving consistent results. |
| 11 | 2025-08-14 04:29:10 UTC | stevemcilwain/quiver: Quiver is an opinionated and curated collection of co | "Quiver" is a project by stevemcilwain that offers an opinionated and curated collection of something. The content does not provide specific details about what the collection includes or its purpose. |
| 12 | 2025-08-14 04:29:06 UTC | Bug-bounty/bugbounty_checklist.md at master · sehno/Bug-bounty | The content refers to a checklist file named "bugbounty_checklist.md" in a repository called "Bug-bounty" on the GitHub account of user "sehno." The file likely contains a checklist of items related to bug bounty programs, which are initiatives that reward individuals for finding and reporting software vulnerabilities. This checklist may serve as a guide for bug bounty hunters to ensure they cover all necessary steps in their bug hunting activities. |
| 13 | 2025-08-14 04:29:04 UTC | https://link.medium.com/KEEGBSNPf3 | I'm sorry, but I am unable to access external content such as the Medium link provided. If you can provide me with the main points or key ideas from the content, I would be happy to help summarize it for you. |
| 14 | 2025-08-14 04:29:02 UTC | https://medium.com/@know.0nix/hunting-good-bugs-with-only-html-d8fd40d17b38 | The content discusses a method of finding security vulnerabilities in websites using only HTML, focusing on the concept of "good bugs" or vulnerabilities that can be reported to website owners for ethical hacking purposes. It explains how to identify and report these bugs, emphasizing responsible disclosure to help improve website security. The article provides insights into the ethical hacking process and encourages individuals to contribute positively to cybersecurity by reporting vulnerabilities to website owners for remediation. |
| 15 | 2025-08-14 04:29:00 UTC | https://link.medium.com/S5MFTthfV2 | I'm unable to access external content such as the one you provided. If you can provide a brief overview or key points from the content, I'd be happy to help summarize it for you in 100 words or less. |
| 16 | 2025-08-14 04:28:58 UTC | https://github.com/arkadiyt/bounty-targets-data?utm_source=Unsupervised+Learning+Subscribers&utm_campaign=e0ab2b9f11-EMAIL_CAMPAIGN_10_6_2019_8_57_COPY_01&utm_medium=email&utm_term=0_49fdb7d723-e0ab2b9f11-495714773&mc_cid=e0ab2b9f11&mc_eid=f84b93e60d | The content is a link to a GitHub repository called "bounty-targets-data" by arkadiyt. The link includes tracking parameters related to an email campaign. The repository likely contains data related to bounty targets. |
| 17 | 2025-08-14 04:28:56 UTC | https://payhip.com/b/wAoh | I'm sorry, but I cannot access external content or links. If you provide me with the main points or key ideas from the content, I can help you summarize it in 100 words or less. |
| 18 | 2025-08-14 04:28:54 UTC | dsopas/assessment-mindset: Security Mindmap that could be useful for the in | The content mentions a security mind map created by dsopas/assessment-mindset that could be beneficial for individuals interested in security assessments. The mind map likely contains valuable information and insights related to security assessments. It is a resource that could help individuals understand and navigate the complexities of security assessments more effectively. |
| 19 | 2025-08-14 04:28:52 UTC | https://link.medium.com/4kQ2DKcf60 | I'm sorry, but I am unable to access external content such as the one you provided. If you can provide me with the main points or key ideas from the content, I would be happy to help summarize it for you in 100 words or less. |
| 20 | 2025-08-14 04:28:50 UTC | https://link.medium.com/8M97ibhX30 | I'm unable to access external content such as the one you provided. If you can provide a brief overview or key points from the content, I'd be happy to help summarize it for you in 100 words or less. |
| 21 | 2025-08-14 04:28:06 UTC | How To Setup an Automated Sub-domain Takeover Scanner for All Bug Bounty Pr | The content discusses setting up an automated sub-domain takeover scanner for bug bounty programs. It likely provides guidance on using tools or scripts to detect potential sub-domain takeover vulnerabilities automatically. This process can help security researchers identify and report such issues to organizations before they are exploited by malicious actors. Overall, the content aims to assist bug bounty hunters in efficiently scanning for sub-domain takeover vulnerabilities to enhance the security of web applications. |
| 22 | 2023-09-22 16:17:58 UTC | IDOR - how to predict an identifier? Bug bounty case study | The content discusses IDOR (Insecure Direct Object Reference) vulnerability and how to predict an identifier in bug bounty programs. It likely provides a case study or tutorial on exploiting IDOR vulnerabilities for ethical hacking purposes. The video on YouTube may offer insights into identifying and exploiting these vulnerabilities to secure systems better. |
| 23 | 2023-09-22 15:32:09 UTC | How to turn SQL injection into an RCE or a file read? Case study of 128 bug bounty reports | The content discusses techniques for exploiting SQL injection vulnerabilities to achieve Remote Code Execution (RCE) or read files. It presents a case study based on 128 bug bounty reports, providing insights into the process of leveraging SQL injection for more severe attacks. The video likely delves into practical examples, demonstrating how attackers can escalate the impact of SQL injection vulnerabilities to gain unauthorized access or execute malicious code on a target system. |
| 24 | 2023-07-30 13:24:19 UTC | 0xPugazh/One-Liners | The content titled "0xPugazh/One-Liners" is accessible via the link provided. The specifics of the content are not mentioned in the request, so for further details, you would need to visit the link directly. |
| 25 | 2022-10-14 02:28:33 UTC | HTTP-HOST HEADER ATTACKS | The content discusses HTTP-Host header attacks, a type of security vulnerability where attackers manipulate the host header to exploit web applications. By altering the host header, attackers can bypass security measures, access unauthorized data, or perform other malicious activities. These attacks can be used to trick servers into processing requests differently, potentially leading to data breaches or system compromise. It is crucial for web developers and security professionals to be aware of these vulnerabilities and implement proper security measures to prevent HTTP-Host header attacks. |
| 26 | 2022-04-17 12:07:00 UTC | GitHub - EdOverflow/bugbounty-cheatsheet: A list of interesting payloads, t | The content is a GitHub repository named "bugbounty-cheatsheet" by EdOverflow, containing a collection of useful payloads, tips, and tricks for bug bounty hunters. It serves as a resource for individuals involved in bug bounty programs to help them identify vulnerabilities and improve their skills in finding security issues. The repository aims to provide valuable information and guidance to enhance bug bounty hunting efforts. |
| 27 | 2021-05-18 01:11:14 UTC | If you find powerful OXML XXE tool? it’s “DOCEM” | The content shares a tool called "DOCEM" for XXE testing, which is more convenient than manually working or using previously available tools. It aims to assist in finding a powerful OXML XXE tool for testing purposes. |
| 28 | 2021-05-17 02:58:36 UTC | How to discover up to 10,000 subdomains with your own tool | by _Y000_ | In | The content discusses creating a tool using bash to discover up to 10,000 subdomains. The tool's development involves programming tasks in bash and breaking them down into parts for better understanding and implementation. |
| 29 | 2021-05-11 20:03:00 UTC | VPS-web-hacking-tools | The content provided is a title mentioning "VPS-web-hacking-tools" without any additional information or details. It appears to be a placeholder or a heading for a list or discussion about tools related to hacking websites using Virtual Private Servers (VPS). The content lacks substance and does not provide any specific tools, techniques, or insights related to web hacking using VPS. |
| 30 | 2021-04-13 03:27:26 UTC | Analysing JavaScript Files For Bug Bounty Hunters | by Thexssrat | Apr, 202 | The content discusses the importance of analyzing JavaScript files for bug bounty hunters. It raises the question "What is JS even?" implying a deeper exploration into the significance of JavaScript in bug hunting activities. The article likely delves into the role of JavaScript in identifying vulnerabilities, understanding its impact on web security, and providing insights for bug bounty hunters on how to effectively analyze JavaScript files to uncover potential bugs and security flaws. |
| 31 | 2021-04-10 13:57:30 UTC | Intro to Bug Bounty Automation (pt.2): Port Scanning with Slack | InfoSec W | The content discusses using Slack as a communication channel for delegating tasks like port scanning, even though Slack itself cannot perform port scans. It highlights the importance of utilizing automation tools and platforms like Slack to streamline bug bounty processes and improve efficiency in cybersecurity tasks. |
| 32 | 2021-04-10 13:56:59 UTC | $10000 Facebook SSRF (Bug Bounty) | by Amine Aboud | Medium | Amine Aboud discovered a $10,000 blind Server-Side Request Forgery (SSRF) vulnerability on Facebook through a combination of subdomain enumeration, file bruteforcing, and code review. This bug bounty success showcases the importance of thorough testing and review processes in identifying critical security flaws. |
| 33 | 2021-04-04 11:10:21 UTC | GitHub - nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters: A list of reso | The content is a GitHub repository named "Resources-for-Beginner-Bug-Bounty-Hunters" created by nahamsec. It contains a curated list of resources aimed at individuals interested in starting their journey in bug bounty hunting. The repository likely includes tools, guides, tutorials, and other helpful materials to assist beginners in learning about bug bounties and developing their skills in this field. |
| 34 | 2021-03-07 12:12:31 UTC | GitHub - theinfosecguy/QuickXSS: Automating XSS using Bash | The content discusses a project called QuickXSS on GitHub, created by theinfosecguy, which automates Cross-Site Scripting (XSS) using Bash scripting. Users can contribute to the development of this project by creating an account on GitHub. |
| 35 | 2021-03-05 05:30:46 UTC | Learn how to get started in bug bounties | BugBountyHunter.com | The content provides a guide on starting bug bounties to utilize hacking skills in bug bounty programs. It aims to assist individuals in transitioning their hacking abilities into successful bug bounty hunting. |
| 36 | 2021-03-05 04:01:57 UTC | nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters: A list of resources for | The content is a GitHub repository created by nahamsec, providing a curated list of resources for beginners interested in bug bounty hunting. It serves as a valuable compilation of tools, tutorials, platforms, and information to help individuals kickstart their bug bounty journey effectively. The repository aims to support newcomers by offering guidance and essential resources to enhance their skills and knowledge in the field of cybersecurity and ethical hacking. |
| 37 | 2021-02-28 14:16:11 UTC | Password Reset Token Leak via X-Forwarded-Host | by Saajan Bhujel | Feb, 20 | The content does not provide any specific information or details to summarize. |
| 38 | 2021-02-24 16:14:57 UTC | Top 10 web hacking techniques of 2020 | The content discusses the top 10 web hacking techniques of 2020, highlighting community-powered efforts to identify essential web security research from the previous year. The list compiles innovative methods and strategies used for hacking websites. |
| 39 | 2021-02-21 15:19:04 UTC | Noob’s Basic JSON web Token Exploit Guide | by Circle Ninja | Bug Bounty Hu | The content is a guide for exploiting JSON web tokens, aimed at beginners. It is written by Circle Ninja and is part of Bug Bounty Hu. The guide likely covers basic techniques and strategies for manipulating JSON web tokens for security testing purposes. |
| 40 | 2021-02-21 06:32:47 UTC | 002: Uncle Rat's Bug Bounty Guide | The content is titled "002: Uncle Rat's Bug Bounty Guide." It appears to be a guide related to bug bounty programs. The guide may provide information and tips on how to participate in bug bounty programs, which involve finding and reporting security vulnerabilities in software or websites in exchange for rewards. Uncle Rat's Bug Bounty Guide likely offers insights and strategies for individuals interested in bug hunting as a way to contribute to cybersecurity and earn rewards for identifying vulnerabilities. |
| 41 | 2021-02-17 05:13:50 UTC | Finding My First Bug: HTTP Request Smuggling | The content describes the author's first bug discovery, which was related to HTTP Request Smuggling. The bug was reported and resulted in a bounty reward of $200. |
| 42 | 2021-02-17 05:11:46 UTC | HTTP Request Smuggling: A Primer | The content provides an introduction to HTTP request smuggling, explaining its basics and offering guidance on self-protection. It aims to educate readers on understanding this vulnerability and taking measures to safeguard against potential risks. |
| 43 | 2021-02-16 03:12:06 UTC | A ffuf Primer | Daniel Miessler | ffuf is a web attack tool written in Go, known as "fuzz faster you fool!". It operates through the command line interface (CLI) and is likened to Burp Intruder by experienced web testers. |
| 44 | 2021-02-08 15:12:01 UTC | BugBountyHunting.com - The Bug Bounty Writeups Search Tool | BugBountyHunting.com is a platform that gathers writeups, resources, and content on bug bounty hunting to aid quick access. It aims to assist beginners in web application security by providing valuable information on bug bounty hunting. |
| 45 | 2021-01-24 05:41:34 UTC | https://link.medium.com/5DUBJg9Didb | I'm unable to access external content such as the one you provided. If you can provide the main points or key ideas from the content, I'd be happy to help summarize it for you in 100 words or less. |
| 46 | 2021-01-24 05:24:44 UTC | WebApp Security CTF: [Dec 11–15] - Pwning under 5 mins | Learn how to quickly solve the WebApp Security Capture The Flag (CTF) challenge taking place from December 11 to 15 in under 5 minutes. |
| 47 | 2021-01-23 20:34:38 UTC | https://secnhack.in/website-penetration-testing-and-database-hacking-with-sqlmap/ | The content discusses website penetration testing and database hacking using SQLMap. It covers topics such as understanding SQL injection vulnerabilities, using SQLMap for automated SQL injection attacks, and exploiting databases through SQL injection. The article provides detailed steps on how to perform website penetration testing and database hacking using SQLMap, emphasizing the importance of ethical hacking practices and obtaining proper authorization before conducting such tests. It serves as a guide for individuals interested in learning about cybersecurity and ethical hacking techniques. |
| 48 | 2020-05-31 15:47:46 UTC | r/Hacking_Tutorials - Remote Code Execution explained with real life bug bounty reports | The Reddit post on r/Hacking_Tutorials discusses Remote Code Execution with real-life bug bounty reports. It has received 36 votes but no comments yet. The content likely delves into the explanation of Remote Code Execution vulnerabilities using examples from bug bounty reports to provide practical insights and guidance on this hacking technique. |
| 49 | 2020-05-30 04:02:24 UTC | Security Tools | Curated list of security tools for Hackers & Builders! | The content is about a curated list of security tools designed for hackers and builders. It highlights the availability of various tools that can be used for enhancing security measures. The emphasis is on providing a selection of tools that can aid individuals in improving their security practices. |
| 50 | 2020-03-21 03:08:20 UTC | Conference notes: The Bug Hunters Methodology v3(ish) (LevelUp 0x02 / 2018) | The content is a summary of notes from a hacking conference presentation titled "The Bug Hunters Methodology v3(ish)" at LevelUp 0x02 in 2018. The notes capture key points and insights shared during the presentation, focusing on hacking techniques and methodologies discussed by bug hunters. |
| 51 | 2020-03-19 01:49:43 UTC | Bug Bounty Hunting Tips #4 — Develop a Process and Follow It - Craig Hays | The key point of the content is that having a structured process is crucial for success in bug bounty hunting. Random searching without a clear methodology can lead to failure. Developing and following a systematic approach is essential for effective bug hunting. |
| 52 | 2020-02-14 14:50:44 UTC | Samesite by Default and What It Means for Bug Bounty Hunters | The content discusses the implications of the "SameSite by Default" feature for bug bounty hunters. It highlights the impact of this security measure on identifying and reporting vulnerabilities. The authors, Filedescriptor, Ron Chan, and Edoverflow, provide insights into how this change affects the bug bounty landscape and the challenges it poses for security researchers. The blog likely delves into strategies for adapting to this new setting and navigating potential obstacles in finding and reporting bugs effectively. |
| 53 | 2020-01-19 15:45:51 UTC | Bug Bounty Toolkit - BugBountyHunting - Medium | The content titled "Bug Bounty Toolkit" on BugBountyHunting's Medium page was last updated on January 17, 2021. |
| 54 | 2019-12-29 15:52:37 UTC | Bug Bounty — Tips / Tricks / JS (JavaScript Files) | The content discusses the beginning of a bug bounty journey in August, where the author reached out to Gerben Javado with a basic question. The focus seems to be on bug bounty tips, tricks, and JavaScript files. The content likely delves into strategies for finding and reporting bugs, possibly emphasizing the importance of JavaScript files in identifying vulnerabilities. |
| 55 | 2019-12-03 12:22:20 UTC | GitHub - arkadiyt/bounty-targets-data: This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports | The GitHub repository "arkadiyt/bounty-targets-data" provides hourly-updated data dumps of bug bounty platform scopes (e.g., Hackerone, Bugcrowd, Intigriti) eligible for reporting. It offers valuable information for security researchers interested in participating in bug bounty programs. The repository serves as a resource for individuals seeking to identify potential vulnerabilities and report them to the respective platforms for rewards. |
| 56 | 2019-11-17 12:38:45 UTC | Understanding the full potential of sqlmap during bug bounty hunting | The content discusses leveraging sqlmap, a tool for exploiting SQL injection vulnerabilities, in bug bounty hunting. It highlights using offensive website security techniques and ethical hacking practices to identify and report security flaws. By understanding the full potential of sqlmap, bounty hunters can efficiently uncover vulnerabilities and earn rewards for responsibly disclosing them. The focus is on utilizing sqlmap effectively within bug bounty programs to enhance cybersecurity measures and protect websites from potential threats. |
| 57 | 2019-11-12 19:08:49 UTC | amass — Automated Attack Surface Mapping | Daniel Miessler | The content discusses amass, an automated attack surface mapping tool, providing a tutorial on its functionality and real-world examples for common OSINT (Open Source Intelligence) scenarios. The tutorial likely covers how to use amass to gather information about potential attack surfaces and demonstrates its practical application in cybersecurity investigations. |
| 58 | 2019-10-03 10:57:24 UTC | jobertabma/relative-url-extractor: A small tool that extracts relative URLs | The content describes a tool on GitHub created by jobertabma called relative-url-extractor. This tool is designed to extract relative URLs from a file. The tool's purpose is to identify and isolate relative URLs within a given document. |
| 59 | 2019-10-03 10:56:43 UTC | GitHub - nahamsec/JSParser | The content refers to a GitHub repository named JSParser, owned by a user named nahamsec. Users can contribute to the development of JSParser by creating an account on GitHub. The repository likely contains code related to parsing JavaScript files or other related functionalities. |
| 60 | 2019-09-07 17:36:25 UTC | How a Scottish schoolboy who failed computing makes millions hacking | Despite failing his computing A-level, Scottish native Mark Litchfield, 47, has defied expectations by earning over a million pounds through hacking websites. His success in the tech industry showcases that setbacks do not define one's future potential, emphasizing the importance of perseverance and skill in achieving success. |
| 61 | 2019-08-30 02:26:20 UTC | GitHub - fransr/bountyplz: Automated security reporting from markdown templ | The content discusses a GitHub project called "bountyplz" that automates security reporting using markdown templates. It currently supports platforms like HackerOne and Bugcrowd. The project aims to streamline the process of reporting security vulnerabilities by generating reports from markdown templates. |
| 62 | 2019-08-30 02:22:49 UTC | GitHub - ZephrFish/BugBountyTemplates: A collection of templates for bug bo | The content is about a GitHub repository called "ZephrFish/BugBountyTemplates" that contains a collection of templates for bug bounty reporting. These templates are likely designed to help bug bounty hunters effectively document and report security vulnerabilities they discover during bug bounty programs. The repository serves as a resource for individuals participating in bug bounty programs to streamline their reporting process by providing pre-made templates for various types of vulnerabilities. |
| 63 | 2019-08-30 02:22:30 UTC | Bounty Report Generator | The content is a title mentioning a "Bounty Report Generator." The information is concise and does not provide any specific details or further explanation about the generator's features, purpose, or functionality. It simply states the name of the tool. |
| 64 | 2019-08-30 02:21:08 UTC | File Upload XSS - Brute XSS | The content discusses exploiting file upload vulnerabilities to execute cross-site scripting (XSS) attacks on applications. It highlights the prevalence of user-restricted areas with uploaded profile pictures as potential targets for finding developer errors. It mentions the possibility of leveraging self XSS and emphasizes the various entry points for launching an attack. The focus is on the risks associated with file uploads and the opportunities they present for malicious activities like XSS. |
| 65 | 2019-08-30 02:18:15 UTC | Bug Bounty Hunting (Methodology, Toolkit, Tips & Tricks, Blogs) - Resources | Bug bounty hunting involves individuals reporting bugs, exploits, and vulnerabilities to websites and software developers in exchange for recognition and compensation. This practice helps boost security by identifying and fixing issues in computer programs or systems. Bug bounty programs like bugsbounty.io and bugbounty.jp offer resources, methodologies, toolkits, tips, and tricks for successful bug hunting. Participants can earn rewards for identifying errors, contributing to improved cybersecurity. |
| 66 | 2019-08-30 02:16:49 UTC | Bug Hunting Methodology (part-1) - Noteworthy - The Journal Blog | The content discusses Shankar R, a security researcher from India, engaged in bug bounty hunting for a year. The focus is on bug hunting methodology. The author shares their experience and expertise in this field. The content likely delves into strategies, tools, and approaches used in bug hunting to uncover vulnerabilities. |
| 67 | 2019-08-30 02:15:13 UTC | Bug Bounty POC - All Bug Bounty POC write ups by Security Researchers. | The content features Bug Bounty POC (Proof of Concept) write-ups created by security researchers. These write-ups likely detail the discovery and demonstration of security vulnerabilities found through bug bounty programs. The information shared in these write-ups can be valuable for understanding the security landscape, learning about vulnerabilities, and improving cybersecurity practices. |
| 68 | 2019-08-29 21:19:59 UTC | List of bug bounty writeups | The content is a list of bug bounty writeups. It likely includes detailed accounts of security vulnerabilities discovered by individuals participating in bug bounty programs. These writeups typically outline the steps taken to identify and exploit the bugs, as well as the impact of the vulnerabilities. Readers can learn from these writeups to improve their own security practices and understand common vulnerabilities. |
| 69 | 2019-08-29 21:19:30 UTC | GitHub - ngalongc/bug-bounty-reference: Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature | The content is about a GitHub repository called "bug-bounty-reference" created by ngalongc. It is inspired by another repository called "awesome-bug-bounty" by djadmin. The repository contains a list of bug bounty write-ups categorized by the nature of the bugs. It aims to provide a reference for individuals interested in bug bounty programs. |
| 70 | 2019-08-29 21:19:09 UTC | List of bug bounty writeups · Pentester Land | The content is a list of bug bounty writeups available on Pentester Land. These writeups likely detail successful bug bounty submissions, showcasing vulnerabilities found in various systems and applications. Readers can learn from these examples to improve their own bug hunting skills and understand common security flaws. Bug bounty programs offer rewards to ethical hackers who discover and report vulnerabilities, benefiting both the security of systems and the researchers who participate. |
| 71 | 2019-08-28 05:45:30 UTC | https://www.bugbountynotes.com/mobile/training | The provided link leads to a webpage on bugbountynotes.com that likely offers training related to mobile bug bounty programs. The content of the webpage is not provided, so specific details about the training are unknown. It is suggested to visit the link directly to explore the training opportunities available for mobile bug bounty programs. |
| 72 | 2019-08-28 02:38:31 UTC | The Bugs Are Out There, Hiding in Plain Sight | The content discusses the challenging nature of bug bounty hunting, emphasizing that success in this field requires years of experience. The top hunters have honed their skills over time, making it difficult for newcomers to achieve the same level of success quickly. Bug bounty hunting is portrayed as a field that demands dedication and expertise to excel. |
| 73 | 2019-08-28 02:38:22 UTC | Bug Hunting Methodology from an Average Bug Hunter | The content discusses bug hunting methodology, addressing common industry questions about how bugs are sought out. It aims to provide insights into the process followed by bug hunters. |
| 74 | 2019-08-27 10:42:43 UTC | Finding Hidden API Keys & How to use them | The content provided is too brief to summarize as it only contains a greeting. If you can provide more information or context, I would be happy to help summarize it for you. |
| 75 | 2019-08-25 11:21:15 UTC | https://www.bugbountynotes.com/mobile | The content provided is a URL link to a website called "Bug Bounty Notes" with a focus on mobile security testing. The website likely offers resources, tips, and information related to bug bounty programs and mobile security testing. The link directs to a specific page within the website related to mobile security. For more detailed information, users can visit the provided URL. |
| 76 | 2019-08-25 11:20:56 UTC | Bug Bounty Forum | Bug Bounty Forum is a community of over 150 security researchers who collaborate and share information. |
| 77 | 2019-08-24 05:14:14 UTC | Cookie worth a fortune | I'm Gaurav Narwani | The content provided is a title mentioning a cookie worth a fortune and the author's name, Gaurav Narwani. The title suggests that there may be a story or information about a valuable cookie associated with the author. However, without further details or context, it is unclear what the content entails beyond the mention of the valuable cookie and the author's name. |
| 78 | 2019-08-21 01:46:20 UTC | The Bugs Are Out There, Hiding in Plain Sight | The content discusses the challenging nature of bug bounty hunting, highlighting that success in this field requires years of experience. It emphasizes that top bug hunters have honed their skills over time, indicating that expertise is crucial for success in this specialized area. |
| 79 | 2019-08-21 01:44:11 UTC | Bug Hunting Methodology from an Average Bug Hunter | The content discusses bug hunting methodology from the perspective of an average bug hunter. It addresses common industry questions about bug hunting approaches and strategies. The post aims to provide insights into how bug hunters search for bugs and their methodologies. |
| 80 | 2019-08-20 03:12:09 UTC | Automated monitoring of subdomains for fun and profit — Release of Sublert | "Sublert" is a tool released for automated monitoring of subdomains for bug bounty programs. The bug bounty industry is rapidly growing, leading to fierce competition among programs. Sublert aims to assist in identifying security vulnerabilities in subdomains, potentially leading to financial rewards for bug hunters. |
| 81 | 2019-08-14 16:48:02 UTC | So you want to be a web security researcher? | Blog | The blog post discusses aspiring to become a web security researcher by advancing hacking techniques. It recommends reading James Kettle's guide for insights on pursuing a career in web security research. |
| 82 | 2019-06-24 01:30:23 UTC | What I have learn in my first month of Hacking and Bug Bounty | The content discusses the author's experiences and lessons learned in their first month of hacking, bug bounty programs, programming, and available resources like CIFs. The post aims to share insights and knowledge gained in these areas. |
| 83 | 2019-04-13 12:54:38 UTC | enaqx/awesome-pentest: A collection of awesome penetration testing resource | The content is about a GitHub repository called enaqx/awesome-pentest, which is a collection of valuable resources, tools, and materials related to penetration testing. It offers a curated list of resources to assist individuals in conducting effective penetration testing. The repository aims to provide a comprehensive collection of tools and information to enhance the practice of penetration testing. |
| 84 | 2019-04-13 02:03:25 UTC | Bug Hunting Methodology(Part-2) – Noteworthy - The Journal Blog | The content discusses Shankar R, a security researcher from India, sharing his bug hunting methodology. Shankar has been in the field for a year and expresses optimism about his work. The article likely delves into his approach to bug hunting and may provide insights into his experiences and strategies in the field of cybersecurity. |
| 85 | 2019-04-10 11:24:34 UTC | Spokeo Bug bounty Experience | The content discusses the author's experience reporting an XSS bug in Spokeo's bug bounty program. |
| 86 | 2019-04-08 04:04:52 UTC | Bug Bounty Guide | The Bug Bounty Guide serves as a platform for bug bounty programs and hunters, facilitating the process of finding and reporting security vulnerabilities. It acts as a resource hub for individuals looking to participate in bug bounty programs and organizations seeking to establish such initiatives. |
| 87 | 2019-03-21 18:45:32 UTC | Source code disclosure via exposed .git folder · Pentester Land | The content discusses the risk of source code disclosure through exposed .git folders and offers tips and tricks to assist pentesters and bug bounty hunters in their work. It aims to make their tasks easier and more efficient by providing valuable insights and strategies. |
| 88 | 2019-03-13 12:19:00 UTC | DomLink — Automating domain discovery | The content briefly mentions that the blog has been relocated to a new domain, specifically https://vincentyiu.co.uk. The title "DomLink — Automating domain discovery" suggests that the blog may be discussing a tool or process related to domain discovery or automation. |