yeswehack.com
Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-04-22.
| Date Added | Resource | Excerpt |
|---|---|---|
| 2026-04-22 2026 | Uncover Hidden Assets with Bug Bounty Recon: Fuzzing and JS AnalysisRecon | Library for bug bounty reconnaissance that teaches parameter fuzzing, forced browsing, and JS analysis. It covers using tools like LinkFinder and bookmarklets for endpoint discovery, integrating Burp Suite extensions such as JSLinkFinder, GAP, and JSpector for automated JS analysis, and employing techniques like path and parameter fuzzing to uncover hidden assets and potential vulnerabilities. |
| 2026-04-17 2026 | Recon series #4: Port scanning methods (YesWeHack)Recon | Library for reconnaissance techniques, detailing passive and active port scanning methods to uncover open ports and hidden services. It explores tools like Nmap, Masscan, and Naabu, and techniques such as TCP SYN, CONNECT, and UDP scanning, alongside banner grabbing for service identification. The resource also covers evasion strategies for firewalls and IDS, referencing methods like decoys and scan delays to improve stealth. |
| 2026-04-17 2026 | Subdomain enumeration: expand attack surface with active, passive methodsRecon | Library for advanced subdomain enumeration, this resource details passive techniques using tools like Censys, Shodan, Subfinder, and Amass, alongside active methods such as DNS brute-forcing with Gobuster. It emphasizes expanding the attack surface by discovering hidden subdomains through analyzing public databases, SSL logs, and web archives, and through direct interaction with the target, offering practical examples for bug bounty hunting and penetration testing. |
| 2026-04-16 2026 | The Bug Bounty Guide to Exploiting CSRF Vulnerabilities - YesWeHackCSRF | Guide to exploiting Cross-Site Request Forgery (CSRF) vulnerabilities, detailing POST-based, GET-based, and stored CSRF attacks. It explains how attackers leverage a user's authenticated session to trick their browser into executing unauthorized actions, such as changing account settings or transferring funds. The guide illustrates real-world scenarios and payloads, including HTML forms for POST requests and image tags for GET requests, to demonstrate the mechanisms and impact of these vulnerabilities, emphasizing the exploitation of trust between browser and site without proper anti-CSRF protections. |
| 2026-04-16 2026 | Smart Automation with Burp Suite - YesWeHackBurp | Library for automating Burp Suite workflows, this resource details using passive scanners like the built-in passive scanner and passive crawler, alongside extensions such as BChecks, Burp Bounty, and Logger++, to streamline bug bounty efforts. It explains how to combine active and passive scanning to efficiently gather information and discover vulnerabilities, emphasizing the importance of custom headers for tracking BCheck requests and leveraging error messages for deeper analysis, while still advocating for manual testing to complement automated findings. |
| 2026-04-10 2026 | SSTI Exploitation with RCE Everywhere | YesWeHackRCESSTI | Writeup detailing advanced Server-Side Template Injection (SSTI) exploitation techniques for achieving Remote Code Execution (RCE) without quotes or external plugins. It covers payloads for Jinja2, Mako, Twig, Smarty, Blade, Groovy, and FreeMarker, demonstrating how to bypass auto-escaping and exploit built-in functions like `chr`, `popen`, `passthru`, and `execute` across various languages and frameworks. |
| 2026-04-10 2026 | Recon Roundup: Ultimate Reconnaissance GuideRecon | Guide summarizing Bug Bounty reconnaissance techniques, including subdomain enumeration, port scanning, HTTP fingerprinting, hidden-parameter mapping, Google dorking, and archive-based recon. It details how to use tools like Nmap, Shodan, and the Wayback Machine, and covers manual methods such as force browsing and fuzzing for hidden directories, aiming to uncover high-impact vulnerabilities overlooked by automated scanners. |
| 2026-04-03 2026 | SQL Injection for Bug Bounty Hunters | YesWeHackSQLi | Guide on SQL injection techniques for bug bounty hunters, covering blind SQLi, time-based attacks, and out-of-band callbacks. It details how to tailor payloads to SQL statements, integrate detection into bug bounty workflows, and exploit SQLi even in hardened systems, referencing vulnerabilities like CVE-2022-21661 in WordPress. |
| 2026-04-03 2026 | XML External Entity: The Ultimate Bug Bounty Guide to XXE | YesWeHackXXE | Guide to XML External Entity (XXE) vulnerabilities, this resource details how attackers exploit XML parsers to access sensitive files like /etc/passwd, conduct internal network reconnaissance, and even achieve remote code execution. It covers how XXE attacks leverage external entity declarations within XML input, leading to file disclosure, Server-Side Request Forgery (SSRF), and denial-of-service. The guide explains that XXE often arises from legacy code, explicit feature enablement, or custom configurations in parsers used in document processing systems (DOCX, XLSX), API endpoints, SOAP services, and SVG processors. |
| 2026-04-03 2026 | Hacking GraphQL Endpoints in Bug Bounty Programs | YesWeHackGraphQL | Library for identifying and exploiting GraphQL vulnerabilities, this guide details techniques such as abusing introspection queries and field suggestions, and performing mutation manipulation and batching attacks. It covers common vulnerabilities like information disclosure, IDOR, and improper access control, recommending tools such as GraphQL Voyager, InQL, Clairvoyance, and GraphQLmap for both introspection and fuzzing attacks when introspection is disabled. |
| 2026-04-03 2026 | XSS Attacks & Exploitation: The Ultimate Guide | YesWeHackXSS | Guide to XSS attacks and exploitation, covering reflected, stored, and DOM variants. It details detection methods, exploitation techniques, and real-world scenarios, emphasizing why mastering XSS, CWE-79, is crucial for bug bounty hunters and ethical hackers. The guide explains how to leverage user input to inject malicious JavaScript, leading to session hijacking, account takeovers, and data exfiltration. It also explores chaining vulnerabilities like CSRF with authenticated reflected XSS for greater impact, and discusses payload obfuscation for stored XSS. |
| 2023-08-11 2023 | YesWeHack #1 Bug Bounty Platform in EuropeBug Bounty | YesWeHack #1 Bug Bounty Platform in Europe https://ift.tt/N0aPy8c |