intigriti.com
Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-04-22.
Recon 5
SSRF 5
Bug Bounty 4
IDOR 3
JWT 3
XSS 3
AuthZ 2
API Sec 1
AuthN 1
CSRF 1
RCE 1
SQLi 1
SSTI 1
XXE 1
| Date Added | Resource | Excerpt |
|---|---|---|
| 2026-04-22 2026 | Shodan and Censys for beginners: How to find more vulnerabilitiesRecon | Guide for beginners on utilizing Shodan and Censys for vulnerability discovery, focusing on reconnaissance techniques. It details how to use specific search operators like `org`, `asn`, `http.status`, `ssl.cert.subject.CN`, `http.favicon.hash`, and `http.html` to identify exposed hosts, forgotten assets via expired certificates, and authentication panels. The guide also explains filtering by technologies such as PHP and finding directory listings. |
| 2026-04-22 2026 | Hunting down subdomain takeover vulnerabilitiesRecon | Library for identifying and exploiting subdomain takeover vulnerabilities. It details how companies often use third-party services, leaving DNS records pointing to forgotten services that attackers can claim. The library covers identifying vulnerable cases like AWS S3 and distinguishing them from non-vulnerable ones like HubSpot and Atlassian StatusPage. It also discusses automating the discovery process with tools such as OWASP Amass, Subfinder, Subjack, and Subzy, and outlines exploitation methods including OAuth/SSO token leaks and cookie leaks via misconfigured cookie policies. |
| 2026-04-22 2026 | FFuF Fuzzer Guide: Fuzz Faster u Fool for Bug Bounty HuntersRecon | Tool for web fuzzing: FFuF (Fuzz Faster u Fool) assists bug bounty hunters by rapidly discovering directories, files, and hidden parameters. It supports GET and POST requests, authenticated testing via cookies, recursive directory scanning, and allows customization of request delay, threading, and response code filtering. Installation involves obtaining the Go programming language and then using "go get" to install FFuF from its GitHub repository. |
| 2026-04-22 2026 | NoSQL Injection: Advanced Exploitation GuideSQLi | Guide to exploiting NoSQL injection vulnerabilities, detailing how improper input sanitization allows attackers to bypass authentication on MongoDB and other databases. It covers identifying injections by manipulating syntax and using operators like `$gt` and `$ne`, and demonstrates advanced techniques such as extracting data through time delays using the `$where` operator. |
| 2026-04-22 2026 | Hacking Next.js Targets: Advanced SSRF Exploitation GuideSSRF | Guide detailing advanced Server-Side Request Forgery (SSRF) vulnerabilities in Next.js applications. It covers exploitation techniques targeting the Image component, Next.js Middleware (CVE-2025-57822), and Server Actions (CVE-2024-34351). The guide highlights how misconfigurations in these features can lead to arbitrary outbound requests and potential data leakage or remote code execution. |
| 2026-04-22 2026 | Catflix CTF: Exploiting SSRFs in Next.js MiddlewareSSRF | Walkthrough of CVE-2025-57822 in Next.js Middleware, chaining SSRF to RCE via Jenkins. This article details exploiting a misconfiguration in Next.js middleware that allows processing of the `Location` header to perform server-side requests. The SSRF is then escalated by identifying an open Jenkins instance on port 8080, enabling command execution through its Groovy Script console to retrieve sensitive files, demonstrating a practical vulnerability exploitation chain. |
| 2026-04-17 2026 | Broken authentication: 7 Advanced ways of bypassing 2-FA (Intigriti)AuthN | Library detailing seven advanced methods for bypassing two-factor authentication (2FA) implementations. It covers techniques such as forced browsing, bruteforcing with tools like BurpSuite, exploiting weak or re-usable 2FA tokens, and leveraging vulnerabilities like CSRF, IDOR, and flawed password reset functionalities, including second-order bypasses via path traversal. |
| 2026-04-17 2026 | GitHub dorking for beginners: find more vulnerabilities (Intigriti)Recon | Guide detailing how to leverage GitHub's advanced search operators for bug bounty hunting. It covers essential techniques like using `org:`, `user:`, `extension:`, and boolean operators, alongside advanced filters such as `filename:`, `language:`, and `path:`. Specific examples demonstrate finding hard-coded secrets like Stripe API keys, AWS access keys, and OpenAI API keys, as well as sensitive configuration files, hard-coded URLs, database connection strings, and JWT secrets. |
| 2026-04-16 2026 | CSRF: Advanced Exploitation Guide - IntigritiCSRF | Guide to advanced CSRF exploitation techniques, detailing how to identify and exploit vulnerabilities by understanding conditions like the `SameSite` cookie policy and the absence of unpredictable tokens. It covers bypassing Content-Type and method-based restrictions, as well as exploiting weaknesses in anti-CSRF token validation and Referer header checks. |
| 2026-04-16 2026 | Crafting Your Bug Bounty Methodology: A Complete GuideBug Bounty | Guide for beginner bug bounty hunters detailing how to craft a personalized methodology. It emphasizes mastering fundamentals like HTTP and OWASP Top 10, identifying personal strengths (e.g., front-end development for XSS, database knowledge for SQLi), and continuous practice. The guide suggests focusing on specific vulnerability classes or target types, leveraging tools like proxies, and developing reusable checklists or scripts to improve efficiency and find unique vulnerabilities. |
| 2026-04-11 2026 | SSTI: Advanced Exploitation Guide | IntigritiRCESSTI | Library that details advanced exploitation techniques for Server-Side Template Injection (SSTI) vulnerabilities. It covers identification methods for template engines like Jinja2, Twig, and ERB, and demonstrates how to escalate basic injections to remote code execution by exploiting sandboxed environments and chained objects, offering practical examples for Python, PHP, Ruby, JavaScript, Java, and C# template engines. |
| 2026-04-11 2026 | Hacker Tools: JWT_ToolJWT | Tool for validating, forging, scanning, and tampering with JWT tokens. JWT_Tool facilitates reconnaissance by viewing token claims, performs active scans for misconfigurations, and aids in fuzzing applications and cracking weak secrets. It supports specific attacks like the none algorithm attack (CVE-2015-9235) and RS256 to HS256 key confusion attacks (CVE-2016-5431). |
| 2026-04-11 2026 | November CTF Challenge: Exploiting JWT vulnerabilities to achieve RCEJWT | Walkthrough of a CTF challenge exploiting JWT vulnerabilities, including the 'none' algorithm attack, to achieve remote code execution on the AquaCommerce! e-commerce platform. This guide details reconnaissance steps using Wappalyzer, JWT decoding, privilege escalation to 'admin' role, and server-side template injection (SSTI) in the profile display name field to locate the flag. |
| 2026-04-11 2026 | Intigriti: Exploiting JWT vulnerabilities — advanced exploitation guideAPI SecBug BountyJWT | Guide to exploiting JWT vulnerabilities, this resource details seven methods for testing misconfigurations. It covers the 'none' algorithm, missing signature validation, and algorithm confusion attacks, including examples like CVE-2018-0114 and JWK spoofing. The guide explains JWT structure and emphasizes the risks of neglecting security specifications during implementation. |
| 2026-04-10 2026 | Exploiting PDF Generators: Complete Guide to SSRFSSRF | Guide to finding SSRF vulnerabilities in PDF generators, focusing on HTML-to-PDF conversion. It details how unsanitized user input can lead to HTML injection, enabling SSRF, Local File Disclosure (LFD), and other exploits. The guide provides payloads for both full and blind SSRF, including techniques using XHR, Fetch, meta tags, images, and SVG, and explores escalating SSRF in cloud environments targeting metadata endpoints. CVE-2023-33733 is cited as an example of injection leading to code execution. |
| 2026-04-10 2026 | Recon for Bug Bounty: 8 Essential Tools | IntigritiBug BountyRecon | Library of 8 essential open-source tools for effective bug bounty reconnaissance, including Amass for asset enumeration, search engine dorking on Google and Bing, Trufflehog and Gitleaks for GitHub secrets, Eyewitness for host screenshotting, Wappalyzer and HTTPX for technology fingerprinting, GAU for URL discovery, ffuf for bruteforcing, Arjun for parameter discovery, and LinkFinder for JavaScript analysis. |
| 2026-04-10 2026 | 31 Bite-Sized Tips and Bug Bounty Resources for 2026Bug Bounty | Library of 31 bite-sized bug bounty tips and techniques for 2026, covering methods like hunting for blind XSS with match and replace rules, fuzzing virtual hosts with FFUF, finding related assets via favicon hash enumeration, identifying hosts with certificate issues, and leveraging copyright notices for reconnaissance. It also details techniques for DOM-based XSS, CSP bypasses, SSRF, bypassing file upload restrictions with Magic Bytes, currency confusion attacks, race conditions, JWT and XXE vulnerabilities, NoSQLi exploitation, Log4Shell hunting, CSRF bug scoring, GraphQL CSRF exploitation, and CORS exploitation via whitelisted third-party origins. |
| 2026-04-10 2026 | XXE Injection: Advanced Exploitation GuideXXE | Guide to exploiting advanced XML External Entity (XXE) vulnerabilities, covering identification and exploitation techniques. The guide details common vulnerable components, simple XXE to SSRF attacks, bypassing filters with external DTDs and parameter entities, and resource exhaustion via the 'Billion Laughs' attack. It also touches upon UTF-7 encoding as a potential evasion method. |
| 2026-04-10 2026 | CSP Bypasses: Advanced Exploitation GuideXSS | Guide detailing Content Security Policy (CSP) bypass techniques, focusing on how misconfigurations allow for XSS exploitation. It covers scenarios like missing CSP declarations, reporting-only modes, non-restrictive directives such as wildcards (`*`) and `unsafe-inline` in `script-src`, and leveraging third-party hosts. The guide references tools like Google CSP Evaluator and common CSP directives, emphasizing that CSP bypasses are typically report-worthy when chained with an actual vulnerability. |
| 2026-04-10 2026 | Hunting for Blind XSS Vulnerabilities: A Complete GuideXSS | Guide on hunting blind XSS vulnerabilities, this resource details techniques for identifying and exploiting these elusive injection flaws. It covers setting up necessary tooling, including XSSHunter, and provides a range of advanced payloads for injecting external scripts via SVG, image tags, input tags with autofocus, and JavaScript protocols, as well as bypassing Content Security Policy with base tags and exploiting AngularJS. The guide also highlights key areas to test, such as feedback forms and analytics engines. |
| 2026-04-10 2026 | Reflected XSS: Advanced Exploitation GuideXSS | Guide to hunting and exploiting reflected XSS vulnerabilities. This guide details a three-step methodology for identifying reflection points, testing for injection possibilities by breaking out of HTML or JavaScript contexts, and crafting proof-of-concept payloads. It covers generic HTML, HTML attribute, and JavaScript contexts, offering examples such as `<script>alert(1)</script>` and `<img src=x onerror=alert(1)>`, and explains how to handle filtered inputs. The resource also distinguishes reflected XSS from stored XSS and DOM-based XSS. |
| 2026-04-09 2026 | SSRF: Advanced Exploitation GuideSSRF | Guide to advanced SSRF exploitation, this article details how to identify and exploit Server-Side Request Forgery vulnerabilities, including bypassing host and protocol whitelists, leveraging PDF generators, and understanding second-order SSRFs. It provides examples of bypass payloads and discusses how features like profile image loaders, webhook services, and request header processing can be vulnerable, referencing techniques like DNS rebinding and the PayloadsAllTheThings repository for advanced bypasses. |
| 2026-04-06 2026 | BugQuest 2026: 31 Days of Broken Access Control | IntigritiAuthZIDOR | Collection of 31 posts detailing broken access control (BAC) vulnerabilities, covering OWASP A01:2025 concepts, authentication versus authorization distinctions, and various authorization models like RBAC. It explores discovery techniques including content discovery with ffuf, JavaScript enumeration, API documentation mining, GraphQL introspection, and mobile application analysis. Specific exploitation methods discussed include request method tampering, HTTP parameter pollution, static keyword swapping, JWT algorithm confusion, and second-order attacks, alongside practical examples like IDOR and URL-matching discrepancies. |
| 2026-04-03 2026 | Insecure Direct Object References (IDOR) | Intigriti HackademyIDOR | Walkthrough of Insecure Direct Object Reference (IDOR) vulnerabilities, explaining how attackers bypass authorization by manipulating user-supplied input to directly access sensitive resources like database records or files. This guide details the impact on confidentiality, integrity, and availability, and emphasizes prevention through strict access control checks, referencing OWASP's cheat sheet for further details. |
| 2026-04-03 2026 | IDOR: A Complete Guide to Exploiting Advanced IDOR Vulnerabilities | IntigritiIDOR | Guide covering Insecure Direct Object Reference (IDOR) vulnerabilities, detailing methods to identify and exploit them, including basic IDORs, parameter pollution, JSON globbing, method-based variations, content-type manipulation, deprecated API versions, static keywords, and unpredictable IDs. |
| 2026-04-03 2026 | Broken Authentication: Advanced Exploitation Guide | IntigritiAuthZ | Guide to exploiting broken authentication vulnerabilities, this resource covers identifying and exploiting common and advanced flaws. It details techniques like forced browsing, utilizing default credentials, and leveraging lack of rate limiting for brute-forcing. The guide also explains how input validation issues, such as SQL injection, can lead to authentication bypasses, providing examples for practical application. |
| 2024-10-17 2024 | Server-Side Request Forgery (SSRF)SSRF | Tutorial on Server-Side Request Forgery (SSRF) detailing how attackers can exploit server functionality to send requests from behind firewalls. It covers basic and blind SSRF, impact including metadata API access and local file disclosure, and testing methods using tools like Burp Suite, Burp Collaborator, and DNSBin. Prevention strategies include whitelisting IPs, disabling unnecessary URL schemes like `file://` and `gopher://`, and implementing anomaly detection on outgoing traffic. |