{"vulnerability": "CVE-2021-21985", "sightings": [{"uuid": "8249dd1b-4f7d-4da6-a005-14706c1e3529", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "1e56c8a7-7455-4fa0-8933-da369f9a56e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:20.000000Z"}, {"uuid": "bcb1c5ae-efed-41ac-ac59-812c1274966f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "MISP/63ddead6-4b82-414c-ad8e-c516b950b446", "content": "", "creation_timestamp": "2021-10-25T22:32:43.000000Z"}, {"uuid": "d3854124-dbc5-43e5-b75c-c41f03bced82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-21985.yaml", "content": "", "creation_timestamp": "2023-04-27T09:58:59.000000Z"}, {"uuid": "8c9a27e4-8edb-4804-b4fe-7c287f0f0f39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2970894", "content": "", "creation_timestamp": "2024-12-24T20:21:23.139861Z"}, {"uuid": "af8c19bd-9603-4c43-adee-a3a2a796cea8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-22)", "content": "", "creation_timestamp": "2024-12-22T00:00:00.000000Z"}, {"uuid": "d6fac5f1-d9a9-488c-b84f-7352dd774abe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "0cf07367-aedf-456d-b4df-b367952e7e38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-21)", "content": "", "creation_timestamp": "2024-12-21T00:00:00.000000Z"}, {"uuid": "3f53f669-aca7-4a09-b375-ca06afe1e998", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "5750ffb6-592f-4f06-b060-9c6c572e4f5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-30)", "content": "", "creation_timestamp": "2025-03-30T00:00:00.000000Z"}, {"uuid": "6c62942d-69ff-4ac8-ab81-4cba0dbce01c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-07)", "content": "", "creation_timestamp": "2025-02-07T00:00:00.000000Z"}, {"uuid": "8aabc5e1-d6f4-4b8f-814f-c587e5248857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-27)", "content": "", "creation_timestamp": "2025-02-27T00:00:00.000000Z"}, {"uuid": "3778eeae-3901-47ed-9ea6-dbdd47a46478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:34.000000Z"}, {"uuid": "48f87976-d666-4830-86a5-3331f6a10416", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-26)", "content": "", "creation_timestamp": "2025-02-26T00:00:00.000000Z"}, {"uuid": "837f1bd1-d5b4-4c28-a1ce-7133c518ae35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-13)", "content": "", "creation_timestamp": "2025-02-13T00:00:00.000000Z"}, {"uuid": "c2fa7254-c210-4d21-96c8-24a40082f9c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-12)", "content": "", "creation_timestamp": "2025-03-12T00:00:00.000000Z"}, {"uuid": "8ad0a239-dfd8-497b-9436-a646036dd4e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:52.000000Z"}, {"uuid": "80ff3380-294e-419a-8e4a-edb5bb7a0b2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-17)", "content": "", "creation_timestamp": "2025-03-17T00:00:00.000000Z"}, {"uuid": "681bf4df-960a-4767-a272-951088e755d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-05)", "content": "", "creation_timestamp": "2025-04-05T00:00:00.000000Z"}, {"uuid": "7a84245b-ae66-4a81-aa7a-9e6e91a25182", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-12)", "content": "", "creation_timestamp": "2025-07-12T00:00:00.000000Z"}, {"uuid": "a013dc58-24c5-480b-8305-6fe668ebe19d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-16)", "content": "", "creation_timestamp": "2025-05-16T00:00:00.000000Z"}, {"uuid": "fee022f5-83c6-4be4-81f2-2a173c718ea1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-25)", "content": "", "creation_timestamp": "2025-04-25T00:00:00.000000Z"}, {"uuid": "5e5aff52-a8fb-428d-8379-af97eae4aeb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-19)", "content": "", "creation_timestamp": "2025-05-19T00:00:00.000000Z"}, {"uuid": "7bd4fd15-9614-4e52-98e7-dc1aa8a82f57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-29)", "content": "", "creation_timestamp": "2025-06-29T00:00:00.000000Z"}, {"uuid": "5ad82b8e-4559-4864-a078-6de1854fb7fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://gist.github.com/prabhatverma47/10282d7b358ebfa7023be18f979b20a3", "content": "", "creation_timestamp": "2025-07-26T18:34:48.000000Z"}, {"uuid": "915cf052-89fd-46f4-a683-f2bb0e8b99bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-07)", "content": "", "creation_timestamp": "2025-11-07T00:00:00.000000Z"}, {"uuid": "355a58b9-f6a4-4969-9ab7-60b81830890b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-06)", "content": "", "creation_timestamp": "2025-08-06T00:00:00.000000Z"}, {"uuid": "76de37da-a921-4632-adee-914252e62264", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-27)", "content": "", "creation_timestamp": "2025-11-27T00:00:00.000000Z"}, {"uuid": "372f6ed9-bcb9-43ee-9f3a-5a2c056d9fc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/vmware_vcenter_vsan_health_rce.rb", "content": "", "creation_timestamp": "2021-07-12T18:59:05.000000Z"}, {"uuid": "dad197fb-4e8a-46fa-a15e-f2930ba6371c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:04.000000Z"}, {"uuid": "ce9a5eb0-d1b0-41da-8b8e-e79419c70ccd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-31)", "content": "", "creation_timestamp": "2025-08-31T00:00:00.000000Z"}, {"uuid": "6d7e6b23-b54f-4539-96e4-78a9aab2a7ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://gist.github.com/TomaszFrejnik/2f20c53778d48b6931abf358f7b8bde3", "content": "", "creation_timestamp": "2026-02-09T14:45:48.000000Z"}, {"uuid": "5c6e208f-da05-4b8e-ab75-d8a355c8b4e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-03)", "content": "", "creation_timestamp": "2026-03-03T00:00:00.000000Z"}, {"uuid": "33740e6e-cc52-458d-897b-dc2181f917b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-08)", "content": "", "creation_timestamp": "2026-03-08T00:00:00.000000Z"}, {"uuid": "d688e007-5f36-4568-8737-10d87fff3833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-11)", "content": "", "creation_timestamp": "2026-02-11T00:00:00.000000Z"}, {"uuid": "0c7d7470-1e61-4209-b655-7712ad3688d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-13)", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "55ba0691-d224-42ff-acc0-622bf8c847c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-11)", "content": "", "creation_timestamp": "2026-03-11T00:00:00.000000Z"}, {"uuid": "5d6d870d-79c9-4310-9b81-de43863111b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=591", "content": "", "creation_timestamp": "2021-05-26T04:00:00.000000Z"}, {"uuid": "89a01c5e-1454-48eb-89f3-4ec758ba1f0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-23)", "content": "", "creation_timestamp": "2026-01-23T00:00:00.000000Z"}, {"uuid": "174282e0-9a7e-4c99-8011-ffbb4b5caecd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/8fa6c497-5fe7-4257-87b7-2c7509f2a4ff", "content": "", "creation_timestamp": "2026-02-02T12:29:07.292818Z"}, {"uuid": "0eeb40d9-1633-4e3c-b2c5-6d16be3e0d09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-05)", "content": "", "creation_timestamp": "2026-04-05T00:00:00.000000Z"}, {"uuid": "7c72cb04-007d-4d83-9b67-f3ef68abfa77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "https://t.me/cyberbannews_ir/3332", "content": "\ud83d\uded1\u062a\u0644\u0627\u0634 \u0647\u06a9\u0631\u0647\u0627 \u0628\u0631\u0627\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0633\u0631\u0648\u0631\u0647\u0627\u06cc vCenter \n\n\u0645\u062d\u0642\u0642\u0627\u0646 \u0634\u0631\u06a9\u062a \u00abBad Packets\u00bb \u0647\u0634\u062f\u0627\u0631 \u062f\u0627\u062f\u0646\u062f \u0647\u06a9\u0631\u0647\u0627 \u0628\u0647\u200c\u0634\u062f\u062a \u062f\u0631 \u0627\u06cc\u0646\u062a\u0631\u0646\u062a \u0628\u0647 \u062f\u0646\u0628\u0627\u0644 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 VMware vCenter \u0647\u0633\u062a\u0646\u062f.\n\n\u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u0627\u0633\u06a9\u0646 \u0634\u062f\u0647 \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0627\u0631\u0646\u062f \u06a9\u0647 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 \u00abCVE-2021-21985\u00bb \u0634\u0646\u0627\u062e\u062a\u0647\u200c\u0634\u062f\u0647 \u0648 \u0627\u0645\u062a\u06cc\u0627\u0632 9.8 \u0631\u0627 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645 \u0627\u0645\u062a\u06cc\u0627\u0632\u062f\u0647\u06cc CVSSv3 \u06a9\u0633\u0628 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a.\n\u0637\u0628\u0642 \u0622\u0645\u0627\u0631 \u0645\u0648\u062a\u0648\u0631 \u062c\u0633\u062a\u062c\u0648\u06cc \u00abShodan\u00bb\u060c \u062f\u0631 \u062d\u0627\u0644 \u062d\u0627\u0636\u0631 \u0686\u0646\u062f\u06cc\u0646 \u0647\u0632\u0627\u0631 \u0633\u0631\u0648\u0631 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 vCenter \u062f\u0631 \u0634\u0628\u06a9\u0647 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f \u06a9\u0647 \u0646\u0647 \u0627\u0632 \u0633\u0648\u06cc \u0627\u0634\u062e\u0627\u0635 \u062d\u0642\u06cc\u0642\u06cc \u0648 \u0645\u0634\u0627\u063a\u0644 \u06a9\u0648\u0686\u06a9\u060c \u0628\u0644\u06a9\u0647 \u062a\u0648\u0633\u0637 \u0634\u0631\u06a9\u062a\u200c\u0647\u0627 \u0648 \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627\u06cc \u0628\u0632\u0631\u06af \u0645\u0648\u0631\u062f\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u06af\u06cc\u0631\u0646\u062f. \n\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u00abCVE-2021-21985\u00bb \u062f\u0631 \u067e\u0644\u0627\u06af\u06cc\u0646 Virtual SAN Health Check \u06a9\u0647 \u0628\u0647\u200c\u0637\u0648\u0631 \u067e\u06cc\u0634\u200c\u0641\u0631\u0636 \u0628\u0647 vCenter \u0627\u0636\u0627\u0641\u0647\u200c\u0634\u062f\u0647 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc\u200c\u0634\u062f\u0647 \u0627\u0633\u062a. \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0686\u0646\u0627\u0646\u0686\u0647 \u0628\u0647 \u067e\u0648\u0631\u062a 443 \u062f\u0633\u062a\u0631\u0633\u06cc \u067e\u06cc\u062f\u0627 \u06a9\u0646\u062f\u060c \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0628\u0627\u06af \u0647\u0631 \u0622\u0646\u0686\u0647 \u0645\u06cc\u200c\u062e\u0648\u0627\u0647\u062f \u0631\u0648\u06cc \u0647\u0627\u0633\u062a \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0627\u062c\u0631\u0627 \u0646\u0645\u0627\u06cc\u062f. \n\n#\u0622\u0633\u06cc\u0628_\u067e\u0630\u06cc\u0631\u06cc\n\n@cyberbannews_ir", "creation_timestamp": "2021-06-09T06:35:59.000000Z"}, {"uuid": "a9918763-60dc-49fb-aa44-a888287be6f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-07)", "content": "", "creation_timestamp": "2026-04-07T00:00:00.000000Z"}, {"uuid": "4a73c3b6-dda3-45a8-9c51-1e05a8cf8023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/837", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aVMWARE VCENTER SERVER VIRTUAL SAN HEALTH CHECK PLUG-IN RCE (CVE-2021-21985) \nURL\uff1ahttps://github.com/sknux/CVE-2021-21985_PoC", "creation_timestamp": "2021-11-09T19:09:51.000000Z"}, {"uuid": "7b28535a-123a-4eb1-8571-b09ec0fd0dc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-13)", "content": "", "creation_timestamp": "2026-04-13T00:00:00.000000Z"}, {"uuid": "7d3d0273-2dd8-4daa-a79d-cf07d29f5fdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-15)", "content": "", "creation_timestamp": "2026-04-15T00:00:00.000000Z"}, {"uuid": "057af9b8-cc0b-4960-8ca1-99ea1bb9f727", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-16)", "content": "", "creation_timestamp": "2026-04-16T00:00:00.000000Z"}, {"uuid": "5feb7664-9284-4adc-bf52-65b370b3cbe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5282", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1awebshell\n\u63cf\u8ff0\uff1a\u4e00\u6b3e\u9488\u5bf9Vcenter\u7684\u7efc\u5408\u5229\u7528\u5de5\u5177\uff0c\u5305\u542b\u76ee\u524d\u6700\u4e3b\u6d41\u7684CVE-2021-21972\u3001CVE-2021-21985\u4ee5\u53caCVE-2021-22005\u3001One Access\u7684CVE-2022-22954\u3001CVE-2022-22972/31656\u4ee5\u53calog4j\uff0c\u63d0\u4f9b\u4e00\u952e\u4e0a\u4f20webshell\uff0c\u547d\u4ee4\u6267\u884c\u6216\u8005\u4e0a\u4f20\u516c\u94a5\u4f7f\u7528SSH\u514d\u5bc6\u8fde\u63a5\nURL\uff1ahttps://github.com/Schira4396/VcenterKiller\n\n\u6807\u7b7e\uff1a#webshell", "creation_timestamp": "2023-10-05T03:18:09.000000Z"}, {"uuid": "82ee4c43-901b-48c6-aebc-3496262d631d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1342", "content": "CVE-2021-21985 PoC\nhttps://github.com/alt3kx/CVE-2021-21985_PoC\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1\ufe0f", "creation_timestamp": "2022-04-22T13:22:58.000000Z"}, {"uuid": "7902b499-015a-4fe6-b784-0278c1755419", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "https://t.me/ctinow/34736", "content": "Hackers scan for VMware vCenter servers vulnerable to CVE-2021-21985 RCE\n\nhttps://ift.tt/2SX7aKz", "creation_timestamp": "2021-06-04T23:52:22.000000Z"}, {"uuid": "43ba4b30-3e47-4455-85ba-79912507dacd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://t.me/arpsyndicate/1021", "content": "#ExploitObserverAlert\n\nCVE-2021-21985\n\nDESCRIPTION: Exploit Observer has 63 entries related to CVE-2021-21985. The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.\n\nFIRST-EPSS: 0.973100000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-03T20:26:59.000000Z"}, {"uuid": "2d90114a-dbcf-4488-89c7-87ac3fc8d9e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/407", "content": "#Exploit for #CVE-2021-40449\nWin32k Elevation\nhttps://github.com/Kristal-g/CVE-2021-40449_poc\n\n#poc for #CVE-2021-36799\nETS5 Password Recovery\nhttps://github.com/robertguetzkow/ets5-password-recovery\n\nA sample #poc for #CVE-2021-30657\naffecting MacOS\nhttps://github.com/shubham0d/CVE-2021-30657\n\n#Exploitation code for #CVE-2021-40539\nZoho ManageEngine ADSelfService Plus\nhttps://github.com/synacktiv/CVE-2021-40539\n\nVMWARE VCENTER SERVER VIRTUAL SAN HEALTH CHECK PLUG-IN RCE #CVE-2021-21985\nhttps://github.com/sknux/CVE-2021-21985_PoC", "creation_timestamp": "2021-11-10T09:32:12.000000Z"}, {"uuid": "87d2528e-4422-49fd-9ad9-0f462f450e71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "published-proof-of-concept", "source": "Telegram/U9gdG2aSdwtoDMMj6Tori-kXX5zgW3277ZMqF1YeDASsFg", "content": "", "creation_timestamp": "2021-07-03T03:31:01.000000Z"}, {"uuid": "7431da68-4e0f-4a7a-a971-d85c70110bc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "published-proof-of-concept", "source": "Telegram/2xZj6sEThE6CZ1ffGPvdC49Vz9hoKbDkeFe4JN8dHFc24g", "content": "", "creation_timestamp": "2021-06-12T15:13:53.000000Z"}, {"uuid": "8fdce728-c117-45b9-af33-a438683f0de8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "https://t.me/true_secator/2135", "content": "\u200b\u200bVMware \u0432\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043d\u043e\u0432\u044b\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0449\u0438\u0439 \u043e 19 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 vCenter Server \u0438 Cloud Foundation, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439.\n \n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0438\u0437 \u043d\u0438\u0445 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 (CVE-2021-22005), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 vCenter Server 6.7 \u0438 7.0 \u0441 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u043c\u0438 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u043f\u043e\u0440\u0442\u0443 443 \u043d\u0430 vCenter Server \u043c\u043e\u0436\u0435\u0442 \u0435\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043b\u044e\u0431\u043e\u0439 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c, \u043a\u0442\u043e \u0438\u043c\u0435\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a vCenter Server \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a\u0438 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438.\n \n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043a\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0435\u0449\u0435 \u043d\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c, Bad Packets \u0443\u0436\u0435 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432\u0441\u0435\u0433\u043e \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0447\u0430\u0441\u043e\u0432 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a VMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f. \u041f\u0440\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e\u0431 \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u043c \u043f\u0443\u0442\u0438, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 VMware \u0434\u043b\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n \n\u0412\u043f\u0440\u043e\u0447\u0435\u043c, \u044d\u0442\u043e \u0434\u0430\u043b\u0435\u043a\u043e \u043d\u0435 \u043f\u0435\u0440\u0432\u044b\u0439 \u0441\u043b\u0443\u0447\u0430\u0439, \u043a\u043e\u0433\u0434\u0430 \u0445\u0430\u043a\u0435\u0440\u044b \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0438 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b VMware vCenter. \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 \u043e\u043d\u0438 \u043f\u0440\u043e\u0432\u0435\u043b\u0438 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 vCenter \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0431\u044b\u043b \u0432\u044b\u043f\u0443\u0449\u0435\u043d PoC \u0434\u043b\u044f RCE (CVE-2021-21972), \u0430 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0438\u044e\u043d\u044f - \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0434\u043b\u044f CVE-2021-21985 \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u043a\u043e\u0434\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430.\n \n\u0421\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 Shodan \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0441\u0435\u0439\u0447\u0430\u0441 \u0442\u044b\u0441\u044f\u0447\u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0434\u043b\u044f \u043d\u043e\u0432\u043e\u0439 \u0431\u0430\u0433\u0438 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0432 \u0441\u0435\u0442\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 vCenter. VMware \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438 \u0441\u0432\u043e\u0438\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u043f\u043e\u043f\u044b\u0442\u043a\u0430\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043e\u0441\u043e\u0431\u043e \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u0432 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0434\u043b\u044f CVE-2021-22005 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435.\n \n\u0418 \u0442\u0443\u0442 \u043c\u044b \u043d\u0435 \u043c\u043e\u0436\u0435\u043c \u043d\u0435 \u0441\u043e\u0433\u043b\u0430\u0441\u0438\u0442\u044c\u0441\u044f.", "creation_timestamp": "2021-09-23T13:31:21.000000Z"}, {"uuid": "22d5a874-0aea-4056-a129-b27a8932a3d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://t.me/true_secator/1751", "content": "VMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0430\u043f\u0434\u0435\u0439\u0442, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0439 \u043d\u043e\u0432\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2021-21985, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d vCenter \u0432\u0435\u0440\u0441\u0438\u0439 6.5, 6.7 \u0438 7.0. \n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 (9.8 \u0438\u0437 10 \u043f\u043e CVSS) \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 (RCE) \u0431\u0435\u0437 \u043f\u0440\u043e\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0445\u0430\u043a\u0435\u0440\u0443 \u043d\u0443\u0436\u043d\u043e \u043b\u0438\u0448\u044c \u0438\u043c\u0435\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a 443 \u043f\u043e\u0440\u0442\u0443. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 vSAN Health Check, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u0432\u043e \u0432\u0441\u0435\u0445 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044b\u0445 vCenter.\n\nCVE-2021-21985 \u0431\u044b\u043b\u0430 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u0438\u0437 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 Qihoo 360, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 \u043f\u043e\u0434\u0433\u0430\u0434\u0438\u043b\u0438 VMware, \u0440\u0435\u0437\u043a\u043e \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 PoC \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 CVE-2021-21972 \u0432 \u0442\u043e\u043c \u0436\u0435 \u0441\u0430\u043c\u043e\u043c vCenter.\n\n\u0412 \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0434\u044b\u0440\u043a\u0435 \u0441\u0432\u0435\u0436\u0438\u0439 \u043f\u0430\u0442\u0447 \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0442\u0430\u043a\u0436\u0435 CVE-2021-21986 \u0441 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u044c\u044e 6,5, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043c\u043e\u0434\u0443\u043b\u044f\u0445 vCenter. \u041d\u043e \u044d\u0442\u043e, \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435, \u043d\u0435 \u0442\u0430\u043a \u0432\u0430\u0436\u043d\u043e. \u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0437\u0430\u043a\u0440\u044b\u0432 \u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u0432\u044b \u0437\u0430\u043a\u0440\u043e\u0435\u0442\u0435 \u0438 \u044d\u0442\u0443.\n\n\u041d\u0443 \u0430 \u043a\u0442\u043e \u043f\u0440\u0438 \u0442\u0430\u043a\u0438\u0445 \u0432\u0432\u043e\u0434\u043d\u044b\u0445 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0430\u043f\u0434\u0435\u0439\u0442\u0438\u0442\u044c \u0441\u0432\u043e\u0438 vCenter - \u0442\u043e\u0442 \u0441\u0430\u043c \u0441\u0435\u0431\u0435 \u0414\u0436\u0435\u043d\u043d\u0438\u0444\u0435\u0440 \u041f\u0441\u0430\u043a\u0438.", "creation_timestamp": "2021-05-26T11:23:27.000000Z"}, {"uuid": "63d64fb0-ded6-453c-8083-bc0be46219bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/601", "content": "CVE-2021-21985  VMware vCenter \u9060\u7a0b\u4efb\u610f\u4ee3\u78bc\u57f7\u884c\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-21985_VMware_vCenter_%E9%81%A0%E7%A8%8B%E4%BB%BB%E6%84%8F%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-06-05T01:39:05.000000Z"}, {"uuid": "d5a7f3ea-ee32-461a-b8a2-96a2f1ace6bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://t.me/information_security_channel/44195", "content": "VMware Urges Customers to Immediately Patch Critical vSphere Vulnerability\nhttp://feedproxy.google.com/~r/securityweek/~3/pMUSjtgLuCI/vmware-urges-customers-immediately-patch-critical-vsphere-vulnerability\n\nVMware has urged customers to immediately patch a critical vulnerability affecting vCenter Server, the management interface for vSphere environments.\nThe vulnerability, tracked as CVE-2021-21985, was reported to VMware by Ricter Z of 360 Noah Lab and it has been patched in versions 6.5, 6.7 and 7.0 of vCenter Server.\nread more (https://www.securityweek.com/vmware-urges-customers-immediately-patch-critical-vsphere-vulnerability)", "creation_timestamp": "2021-05-26T19:05:27.000000Z"}, {"uuid": "e1f217b3-7687-4f11-bdb8-105592a12481", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://t.me/thehackernews/1242", "content": "A critical flaw \u2014 CVE-2021-21985 \u2014 has been found in VMware vCenter Server that could let attackers execute arbitrary code on the targeted servers.\n\nhttps://thehackernews.com/2021/05/critical-rce-vulnerability-found-in.html\nAdditionally, VMware has released patches for a separate authentication issue affecting vSphere Client.", "creation_timestamp": "2021-05-26T07:59:34.000000Z"}, {"uuid": "310e608f-3b95-48af-912a-5f4869f337b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "https://t.me/thehackernews/1266", "content": "ALERT \u2014 Cybercriminals are actively scanning the Internet for VMware vCenter servers that have not yet been patched against a recently disclosed critical RCE vulnerability.\n\n(CVE-2021-21985 / CVSS score 9.8)\nhttps://thehackernews.com/2021/06/alert-critical-rce-bug-in-vmware.html", "creation_timestamp": "2021-06-05T13:04:16.000000Z"}, {"uuid": "0adbfc5d-a58a-4bb5-92cf-c4719b078433", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1153", "content": "https://github.com/sknux/CVE-2021-21985_PoC", "creation_timestamp": "2021-11-09T20:15:33.000000Z"}, {"uuid": "ee8e3310-4984-4772-ad43-198a302b23e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "https://t.me/anti_malware/10256", "content": "\u0425\u0430\u043a\u0435\u0440\u044b \u0438\u0449\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b vCenter c \u043d\u0435\u0437\u0430\u043a\u0440\u044b\u0442\u043e\u0439 \u0434\u044b\u0440\u043e\u0439 CVE-2021-21985\n\nhttps://www.anti-malware.ru/news/2021-06-07-114534/36066", "creation_timestamp": "2021-06-07T15:37:55.000000Z"}, {"uuid": "f875b934-215e-4e21-a5f4-cdc08eea8274", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://t.me/anti_malware/10322", "content": "\u0422\u044b\u0441\u044f\u0447\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 vCenter \u0432\u0441\u0435 \u0435\u0449\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043a \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0443 CVE-2021-21985\n\nhttps://www.anti-malware.ru/news/2021-06-16-114534/36144", "creation_timestamp": "2021-06-16T18:52:55.000000Z"}, {"uuid": "34c31e49-eeb0-4677-a284-9bfe8d421656", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/5438", "content": "Vcenter Server CVE-2021-21985 https://www.iswin.org/2021/06/02/Vcenter-Server-CVE-2021-21985-RCE-PAYLOAD/\n\nExploit: https://github.com/xnianq/cve-2021-21985_exp", "creation_timestamp": "2021-06-04T18:30:14.000000Z"}, {"uuid": "cbab0100-5ac6-4112-9b6a-3e33b19eb57d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://t.me/Russian_OSINT/875", "content": "\u200b\u200b\ud83d\ude94 \u0424\u0411\u0420 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0441\u043f\u0438\u0441\u043e\u043a 30 \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 2 \u0433\u043e\u0434\u0430\n\nCVE-2021-26855: It is a Microsoft Exchange Server Remote Code Execution\nCVE-2021-26857: It is a Microsoft Exchange Server Remote Code Execution\nCVE-2021-26858: It is a Microsoft Exchange Server Remote Code Execution\nCVE-2021-27065: It is a Microsoft Exchange Server Remote Code Execution\nCVE-2021-22893: It is an Improper Authentication vulnerability that is marked as critical\nCVE-2021-22894: It is a buffer overflow vulnerability that enables an attacker to execute arbitrary code\nCVE-2021-22899: It is a command injection vulnerability that enables an attacker to execute remote code\nCVE-2021-22900: It is an Improper Control of Generation of Code vulnerability\nCVE-2021-27101: It is an Improper Neutralization of Special Elements used in an SQL Command\nCVE-2021-27102: It is an Improper Neutralization of Special Elements used in an OS Command\nCVE-2021-27103: It is a Server-Side Request Forgery (SSRF) vulnerability\nCVE-2021-27104: It is an Improper Neutralization of Special Elements used in an OS Command vulnerability\nCVE-2021-21985: It is an Improper Input Validation vulnerability\nCVE-2018-13379: It is an Improper Limitation of a Pathname to a Restricted Directory (\u2018Path Traversal\u2019)\nCVE-2020-12812: It is an Improper Authentication vulnerability\nCVE-2019-5591: It is a Missing Authentication for Critical Function vulnerability\nCVE-2019-19781: It is an Improper Limitation of a Pathname to a Restricted Directory \nCVE 2019-11510: It is an Improper Limitation of a Pathname to a Restricted Directory\nCVE 2018-13379: It is an Improper Limitation of a Pathname to a Restricted Directory \nCVE 2020-5902: It is an Inclusion of Functionality from Untrusted Control Sphere and Improper Limitation of a Pathname to a Restricted Directory vulnerability \nCVE 2020-15505: It is an Insufficient Information vulnerability\nCVE-2017-11882: It is a Microsoft Office Memory Corruption vulnerability that enables an attacker to execute arbitrary code.\nCVE-2019-11580: It is an Insufficient Information vulnerability\nCVE-2018-7600: It is an Improper Input Validation vulnerability\nCVE 2019-18935: It is a Deserialization of Untrusted Data vulnerability\nCVE-2019-0604: It is a Microsoft SharePoint Remote Code Execution Vulnerability\nCVE-2020-0787: It is a Windows Background Intelligent Transfer Service Elevation of Privilege vulnerability\nCVE-2020-1472: It is a Netlogon Elevation of Privilege vulnerability \nCVE-2020-15505: It is an Insufficient Information vulnerability\nCVE-2020-0688: It is a Use of Hard-coded Credentials vulnerability", "creation_timestamp": "2021-07-29T17:59:02.000000Z"}, {"uuid": "26bfa57d-9a48-4dc7-a666-9b4e78cda1a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://t.me/S_E_Reborn/249", "content": "CVE-2021-21985/CVE-2021-21986 : VMware vSphere Client (HTML5) contains a remote code execution vulnerability\n\nhttps://attackerkb.com/topics/X85GKjaVER/cve-2021-21985", "creation_timestamp": "2021-06-01T21:11:16.000000Z"}, {"uuid": "9d5776fb-612d-4e4a-8588-79c0a105398b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3547", "content": "#Threat_Research\n1. Learning JNDI Injection From\u00a0CVE-2021-21985\nhttps://y4y.space/2021/06/04/learning-jndi-injection-from-cve-2021-21985\n2. POC Exploit from a CVE: Apache Airflow 1.10.10 RCE\nhttps://infosecwriteups.com/poc-exploit-from-a-cve-apache-airflow-1-10-10-rce-e2c764f2a6f0", "creation_timestamp": "2021-06-06T22:18:27.000000Z"}, {"uuid": "953696bc-77a4-4f3a-bff2-74178e967363", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3493", "content": "#Threat_Research\n1. The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server (PoC for CVE-2021-21985/CVE-2021-21986)\nhttps://attackerkb.com/topics/X85GKjaVER/cve-2021-21985#rapid7-analysis\n2. Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices\nhttps://www.fireeye.com/blog/threat-research/2021/05/updates-on-chinese-apt-compromising-pulse-secure-vpn-devices.html", "creation_timestamp": "2021-05-30T13:43:01.000000Z"}, {"uuid": "45bdce83-74b8-4ccf-99e2-7783ddd76593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3506", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (may 1-31)\nCVE-2021-31166 - HTTP Stack RCE\nhttps://t.me/cybersecuritytechnologies/3388\nCVE-2021-21551 -Dell BIOS Driver PE\nhttps://t.me/cybersecuritytechnologies/3293\nCVE-2021-30747 -Covert channel in Apple M1\nhttps://t.me/cybersecuritytechnologies/3472\nCVE-2021-22204 -DjVu vuln\nhttps://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\nCVE-2021-28482 -MS Exchange RCE\nhttps://t.me/cybersecuritytechnologies/3286\nCVE-2021-21974 -VMware\u00a0ESXi heap-overflow\nhttps://t.me/cybersecuritytechnologies/3460\nCVE-2021-29447 -WordPress XXE\nhttps://t.me/cybersecuritytechnologies/3142\nCVE-2021-21985 - vSphere Client RCE\nhttps://t.me/cybersecuritytechnologies/3493\nCVE-2021-32471 -ACE in TuringMachine\nhttps://t.me/cybersecuritytechnologies/3364\nCVE-2021-3490 -Linux Kernel eBPF\nhttps://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=049c4e13714ecbca567b4d5f6d563f05d431c80e", "creation_timestamp": "2024-09-28T16:48:46.000000Z"}, {"uuid": "25cab77a-0ebd-4d03-8eba-aa0e2644b88d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3509", "content": "#Blue_Team_Techniques\n1. Detecting Cobalt Strike and Hancitor traffic in PCAP\nhttps://www.netresec.com/?page=Blog&amp;month=2021-05&amp;post=Detecting-Cobalt-Strike-and-Hancitor-traffic-in-PCAP\n2. Browser Security Enhancement Tracker Project\nhttps://notsosecure.com/project-launch-tracking-browser-security-enhancements\n3. NSE checker for CVE-2021-21985\nhttps://github.com/alt3kx/CVE-2021-21985_PoC", "creation_timestamp": "2021-06-01T11:03:12.000000Z"}, {"uuid": "df8c5a26-5ea5-4066-a7a4-3743eb2ff399", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3732", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (June 1-30)\nCVE-2021-1675 - Windows Print Spooler EoP\nhttps://t.me/cybersecuritytechnologies/3723\nCVE-2021-21985 - vSphere Client RCE\nhttps://t.me/cybersecuritytechnologies/3493\nCVE-2021-3560 - Privilege escalation with polkit\nhttps://t.me/cybersecuritytechnologies/3587\nCVE-2021-28476 - Hyper-V RCE in vmswitch.sys\nhttps://t.me/cybersecuritytechnologies/3514\nCVE-2020-3580 - XSS in Cisco ASA\nhttps://www.helpnetsecurity.com/2021/06/29/cve-2020-3580-exploit\nCVE-2021-31955/31956 - Windows NTFS EoP/Kernel Information Disclosure\nhttps://github.com/mavillon1/CVE-2021-31955-POC\nhttps://t.me/cybersecuritytechnologies/3705\nCVE-2021-33739 - MS DWM Core Library EoP\nhttps://t.me/cybersecuritytechnologies/3581\nCVE-2021-27850 - Apache Tapestry RCE\nhttps://t.me/cybersecuritytechnologies/3694\nCVE-2020-36289 - Atlassian Jira Unauth User Enum\nhttps://mobile.twitter.com/i/web/status/1402644004781633540", "creation_timestamp": "2021-07-01T11:03:01.000000Z"}, {"uuid": "7920cd81-71cb-475a-ada1-b7a2d9168f9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-04)", "content": "", "creation_timestamp": "2026-05-04T00:00:00.000000Z"}, {"uuid": "3aaa6a42-63a1-4273-8a5b-40c498e0d6c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-06-14)", "content": "", "creation_timestamp": "2026-06-14T00:00:00.000000Z"}, {"uuid": "83c1ee80-e178-4062-aa8a-e12e9a8d0772", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4c0f9447-738a-41b9-80de-38dcdf7db172", "content": "", "creation_timestamp": "2026-06-19T12:47:52.957546Z"}, {"uuid": "1ceb5fc5-4ec9-48dd-a7b7-8a0e1f817703", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7c08d6c9-9cb6-4727-9da9-c216a3de0041", "content": "", "creation_timestamp": "2026-06-23T14:04:27.108549Z"}, {"uuid": "49f870b4-c07b-4910-9aee-5dc35fb82cf3", "vulnerability_lookup_origin": "c8fb6bf1-f81f-4cb8-95b1-eadbb3b54ee8", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-21985", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/81cc9dbf-4704-4209-9bfc-e3171416c735", "content": "", "creation_timestamp": "2026-06-30T09:23:38.638520Z"}, {"uuid": "f199664a-44a1-4ba0-828c-bf600d7bef60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://gist.github.com/morisono/78359e46c5369d24622657f014c7fa5d", "content": "                         \u2554\u2566\u2557\u2566 \u2566  \u2554\u2557 \u252c \u252c\u250c\u2500\u2510  \u2554\u2557 \u250c\u2500\u2510\u252c \u252c\u250c\u2510\u250c\u252c\u2510\u252c \u252c  \u2566\u2550\u2557\u250c\u2500\u2510\u250c\u2500\u2510\u250c\u2500\u2510\u252c \u252c\u252c\u2500\u2510\u250c\u2500\u2510\u250c\u2500\u2510\u250c\u2500\u2510\n                         \u2551\u2551\u2551\u255a\u2566\u255d  \u2560\u2569\u2557\u2502 \u2502\u2502 \u252c  \u2560\u2569\u2557\u2502 \u2502\u2502 \u2502\u2502\u2502\u2502\u2502 \u2514\u252c\u2518  \u2560\u2566\u255d\u251c\u2524 \u2514\u2500\u2510\u2502 \u2502\u2502 \u2502\u251c\u252c\u2518\u2502  \u251c\u2524 \u2514\u2500\u2510\n                         \u2569 \u2569 \u2569   \u255a\u2550\u255d\u2514\u2500\u2518\u2514\u2500\u2518  \u255a\u2550\u255d\u2514\u2500\u2518\u2514\u2500\u2518\u2518\u2514\u2518\u2534  \u2534   \u2569\u255a\u2550\u2514\u2500\u2518\u2514\u2500\u2518\u2514\u2500\u2518\u2514\u2500\u2518\u2534\u2514\u2500\u2514\u2500\u2518\u2514\u2500\u2518\u2514\u2500\u2518\n                                          \n                                           //\n                              ()==========&gt;&gt;======================================--\n                                           \\\\\n\n\n2FA Bypass\n  2fa bypass Mindmap https://www.mindmeister.com/1736437018?t=SEeZOmvt01 \n  2fa Bypass Methods https://workbook.securityboat.in/resources/web-app-pentest/business-logic-vulnerabilities/2fa-bypass\n\nAccount Takeovers\n  https://medium.com/@bathinivijaysimhareddy/tale-of-account-takeovers-part-2-9abf62de4ca3\n  https://kathan19.gitbook.io/howtohunt/subdomain-takeover/easy_methods\n\nAdminPanelFinder\n  \nadminphpfinder\nhttps://linux\nsecurity.expert/tools/admin-page-finder-php/\nAPI Security\n  https://www.cloudflare.com/learning/security/api/owasp-api-security-top-10/\n  Shadowe apis https://www.cloudflare.com/learning/access-management/what-is-shadow-it/\n  \nApi Keys\n  https://github.com/lanmaster53/recon-ng-marketplace/wiki/API-Keys\n\nAPI Hacking \nhttps://github.com/microsoft/restler-fuzzer\nhttps://github.com/hAPI-hacker/Hacking-APIs/fork\n\nAmass\n  https://securityweekly.com/wp-content/uploads/2021/05/AmassTechSegment-0.pdf\n\nAmass Scripting\\\nhttps://github.com/OWASP/Amass/tree/master/resources/scripts\nhttps://github.com/OWASP/Amass/blob/master/doc/scripting.md\namass scripting https://youtu.be/H1wdBgY1rtg?t=4987\n\n  Bug Bounty for Beginners Stream#4:AMASS, Subfinder, FFUF  https://www.youtube.com/watch?v=27zMfcr2fPE\n  https://hackbotone.com/blog/amass-osint-reconnaissance-tool/ \n  https://hakluke.medium.com/haklukes-guide-to-amass-how-to-use-amass-more-effectively-for-bug-bounties-7c37570b83f7\n  https://securityonline.info/amass-subdomain-enumeration/\n  https://github.com/OWASP/Amass/releases\n\nhttps://twitter.com/jeff_foley\n\nhttps://github.com/OWASP/Amass/blob/master/doc/scripting.md\nhttps://github.com/OWASP/Amass\nhttps://gist.github.com/sillydadddy/b1726c8e8ce281d55b82d4e2a1a610e8\nhttps://twitter.com/dokkillo/status/1305566849514471424\nhttps://github.com/PatrikFehrenbach/amass-tools/blob/master/assetfinder.ads\nhttps://github.com/OWASP/Amass#top-mentions\namass enum script command https://youtu.be/H1wdBgY1rtg?t=5408\nExample of api key configuration https://www.hahwul.com/2020/09/23/amass-go-deep-in-the-sea-with-free-apis/#chaos\n[31:33 / 1:56:06]\n[How to Use Amass Efficiently by @jeff_foley #NahamCon2020](https://youtu.be/H1wdBgY1rtg?t=1974)\n[OWASP AMass Boot Camp by Jeff Foley (Caffix)](https://www.youtube.com/watch?v=OOurkCPf2-I) \nAmass Tutorial https://github.com/OWASP/Amass/blob/master/doc/tutorial.md\nhttps://github.com/vortexau/dnsvalidator\nhttps://twitter.com/owaspamass\n\nAndroid\n  https://github.com/dzmitry-savitski/android-pentest-tool\n\nAngularJS\n  https://github.com/snoopysecurity/Public/blob/master/Old%20Presentations/MWRICON%202018/README.md\n  \nAuthentication Bypass Vulnerabilities\n\nAscii \n  https://github.com/heldersepu/hs-scripts/blob/master/ascii.txt\nAsset Monitoring  \n  https://github.com/ruevaughn/assetnote\n  https://github.com/yeswehack/pwn-machine\n  https://github.com/robre/jsmon\n\nAPI Hacking\n  https://github.com/Excloudx6/31-days-of-API-Security-Tips\n  https://gist.github.com/ruevaughn/51048bccdc753596443eca95cbf39356\n  https://apexvicky.medium.com/top-10-api-bugs-where-to-find-them-5dac338b3d73\n  https://attacker-codeninja.github.io/2021-08-28-Hacking-APIs-notes-from-bug-bounty-bootcamp/\n  https://dfir.blog/unfurl/\n  https://www.slideshare.net/programmableweb/why-api-security-is-more-complicated-than-you-think-and-why-its-your-1-priority\n  \nAmazon Cognito\nhttps://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html\nhttps://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/CommonParameters.html\n  https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-dg.pdf \n  https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html\n  https://github.com/RhinoSecurityLabs/Security-Research/blob/master/tools/aws-pentest-tools/iam_user_enum/default-word-list.txt\n\nBlockchain\n  https://hash.ai/@b/uniswap\n  https://medium.com/immunefi/hacking-the-blockchain-an-ultimate-guide-4f34b33c6e8b\n  https://github.com/ruby/webrick/blob/master/lib/webrick/httprequest.rb }9\n  https://twitter.com/0xAsm0d3us/status/1438149310080712709 cdC\n\n\nBlogs\n  https://respectxss.blogspot.com/\n\nBrowsers\n  Save multiple pages as a single html page https://github.com/gildas-lormeau/SingleFile\n  https://bughacking.com/best-browsers-for-hackers/\n  https://hackaday.com/2022/01/17/hack-the-web-without-a-browser/\n  https://woob.tech/\n  https://github.com/moonD4rk/HackBrowserData\n  https://resources.infosecinstitute.com/topic/ethical-hacking-top-10-browser-extensions-for-hacking/\n  https://github.com/Excloudx6/browser-compat-data\n  https://httpwg.org/specs/rfc7230.html#header.transfer-encoding\n  https://developer.mozilla.org/en-US/docs/Glossary/Forbidden_header_name\n  https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Length\n  https://stackoverflow.com/questions/978061/http-get-with-request-body?rq=1\n  https://datatracker.ietf.org/doc/html/rfc7230\n  https://groups.yahoo.com/neo/groups/rest-discuss/conversations/messages/9962\n  https://www.ietf.org/rfc/rfc2119.txt\n  https://www.elastic.co/guide/en/elasticsearch/guide/current/_empty_search.html\n  https://www.concise-courses.com/hacking-tools/web-browser-related-tools/\n  \nEthereum Hacking\nhttps://github.com/NafisiAslH/KnowledgeSharing\nhttps://github.com/SecurityInnovation/Smart-Contract-CTF\n https://twitter.com/CyberWarship/sta tus/1533710785914056705\n https://github.com/heldersepu/hs-scripts/blob/master/NodeJS/web3/VestingERC20.js\n \nBroken Access Control - https://cwe.mitre.org/data/definitions/1345.html\nBusines Logic\nhttps://shahmeeramir.com/breaking-the-web-with-logics-ce22e8a9c4e2\nBrowser Extensions - Chrome\n  Collusion - https://chrome.google.com/webstore/search/collusion\n  DotGit - https://chrome.google.com/webstore/detail/dotgit/pampamgoihgcedonnphgehgondkhikel?hl=en\n  Trufflehog https://chrome.google.com/webstore/detail/trufflehog/bafhdnhjnlcdbjcdcnafhdcphhnfnhjc\n  Tracy - https://github.com/nccgroup/tracy/wiki/Example-Workflows\n  \nBrowser Extensions - Firefox\n  Cookie Editor - https://addons.mozilla.org/en-US/firefox/addon/cookie-editor/\n  Bulk URL Opener - https://addons.mozilla.org/en-GB/firefox/addon/bulkurlopener/\n  Hacktoolshttps://addons.mozilla.org/en-US/firefox/addon/hacktools/\n  Tracy https://github.com/nccgroup/tracy/wiki/Example-Workflows\n\nBug Bounty Programs\n  https://blog.bugzero.io/bug-zero-is-going-to-pay-your-security-bill-for-2022-4b6396e2ee48\n  Bulk Load Programs https://gist.github.com/brevityinmotion/b86f7475d4cd2790003326a4d3a528ba\n  Google Acquisitions   https://opensourcelibs.com/lib/google-acquisitions\n  https://github.com/The-Art-of-Hacking/h4cker/tree/master/bug-bounties#bug-bounty-platforms\n  Discovery Header DoD - https://github.com/KingOfBugbounty/Discovery-Header-Bug-Bounty\n  King Recon DoD - https://github.com/KingOfBugbounty/KingRecon_DOD\n  Bentley Bug Bounty Program - https://www.bentley.com/en/products\n  https://lostsoulofawolf.medium.com/bug-bounty-how-to-get-private-invites-60062a5d0809\n  https://github.com/Hack-with-Github\n  Shopify\n    https://www.hulkapps.com/\n  BBP (Bug Bounty Programs!)\n  https://github.com/Excloudx6/KingRecon_DOD\n  https://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt\n  https://jsfiddle.net/ruevaughn/2mnq5vgf/9/\n  https://github.com/detectify/cs-challenge\n  https://github.com/projectdiscovery/public-bugbounty-programs\n  https://app.intigriti.com/programs/redbull/redbull/detailhttps://gist.github.com/ruevaughn/a365c7100f8dce26e550e2e3e239e138\n  https://huntr.dev/\n  https://gist.github.com/ruevaughn/a365c7100f8dce26e550e2e3e239e138\n  https://support.google.com/websearch/answer/2466433?hl=en\n  Dutch Gov - bug bounty scope https://gist.github.com/ruevaughn/f2d1157598a6156c3d51538b3fbd980c\n  https://gist.github.com/haxcited/e684df7f9ec210867d25f7ccac22c1d5\n  https://github.com/B3nac/Android-Reports-and-Resources\n  https://hackerone.com/alipay?type=team\n  https://render.alipay.com/p/c/183ecyeztvuo/dana-pay.html\n  https://github.com/The-Art-of-Hacking/h4cker  \n  Disclosure Assistance w/ Hackerone https://hackerone.com/disclosure-assistance/disclosure_assistance_requests/new?type=team\n  Disclose.io - program List Data](https://raw.githubusercontent.com/disclose/diodb/master/program-list.json)\n  Open Bug Bounty - openbugbounty.com\n\nBurp Collaborator ALternatives\n  https://github.com/anshumanbh/terraform-burp-collaborator\nhttps://honoki.net/2021/07/11/wilson-cloud-respwnder/\n  https://github.com/honoki/wilson-cloud-respwnder\n  Interactsh\n    https://github.com/4ARMED/interactsh\nBlogs\n  https://www.veracode.com/blog?utm_source=lpFooter&amp;utm_medium=Website\n  http://10degres.net/posts/\n  https://www.secureideas.com/blog\n  \nBrute Forcing\n  Brutesubs\n    https://github.com/anshumanbh/brutesubs\n      https://github.com/anshumanbh/brutesubs/compare/master...exploitprotocol:brutesubs:master\n      https://github.com/APTreat/brutesubs\n      https://github.com/janmasarik/brutesubs\n      https://github.com/RyanLongVA/brutesubs\n     \nChaining Vulnerabilites\n   2022-style OAuth account takeover on Facebook - $45,000 bug bounty  https://www.youtube.com/watch?v=pk7oYuz4x0Q\n  \nCertificate Transparancy\nhttps://github.com/anshumanbh/terraform-burp-collaborator#using-a-proper-tls-certificate/\nhttps://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.12\n   Attack Surface Management Series - EP1 - Certificate Transparency (In under 10 mins) - https://www.youtube.com/ watch?v=MGQ1GqmixY0\n\nCanaryTokens\nhttps://canarytokens.org/generate\n\nCerticiates\n  https://github.com/Echocipher/HackeroneSpider\nChecklists\n\nCheatsheet\nhttps://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet\nhttps://github.com/dgtlmoon/changedetection.io\n#### CVE\n\nCode Review\nhttps://www.youtube.com/watch?v=q5NqY2RRLj0\nhttps://www.youtube.com/watch?v=bfLQjZmD5jY&amp;feature=youtu.be\n\nCookie \nCSRF Tokens\n  https://www.veracode.com/security/csrf-token\n  \nCors\n  csors https://chawdamrunal.medium.com/insecure-cors-configuration-808437d7cfd7\n  python cors_scan.py -u example.com -p http://127.0.0.1:8080 # To use socks5 proxy, install PySocks with pip install \n  https://jakearchibald.com/2021/cors/playground/\n  \nCSP https://www.keycdn.com/support/content-security-policy  \nhttps://www.bloggersideas.com/cspisawesome/\nhttps://content-security-policy.com/\n\nCourses \n  https://web.stanford.edu/class/cs253/\n  Nehamsec Udemy Course https://www.udemy.com/course/intro-to-bug-bounty-by-nahamsec/\n  \nCharacter Encodings\nhttps://stat545.com/character-encoding.html\n\nCharles Proxy\n  Use Charles Proxy to Reverse Engiener an IOS App https://www.youtube.com/watch?v=cvvPLlP4518&amp;feature=emb_logo\n\nChecklists \n  https://pentestbook.six2dez.com/others/web-checklist\n  https://github.com/zactly/handouts/blob/master/generic_checks.md\n  https://linuxsecurity.expert/checklists/\n  https://apexvicky.medium.com/bug-bounty-methodology-web-vulnerabilities-checklist-86175dd29987\n  https://github.com/zactly/handouts/blob/master/example_template.md\n  https://github.com/zactly/handouts/blob/master/conferences/locomocosec22/notes.md \n  https://github.com/AnLoMinus/Bug-Bounty/tree/main/Checklist/Web%20App\n  https://github.com/security-checklist/php-security-check-list\n  https://apexvicky.medium.com/bug-bounty-methodology-web-vulnerabilities-checklist-86175dd29987\n\nCheckout \n  https://0day.hu/\n\nCheatsheets\n  https://pentester.land/cheatsheets\n  https://pentester.land/cheatsheets/2019/03/25/compilation-of-recon-workflows.html\n  https://pentester.land/cheatsheets/2019/04/15/recon-resources.html\n  https://pentester.land/cheatsheets/2018/11/02/open-redirect-cheatsheet.html\n  \n  https://securityzines.com/#comics \n  https://github.com/EdOverflow/bugbounty-cheatsheet\n  https://m0chan.github.io/2019/12/17/Bug-Bounty-Cheetsheet.html\n  \nCloud Hacking \n  https://github.com/janmasarik/generate-bucketnames\n  https://github.com/janmasarik/GCPBucketBrute\n  https://github.com/avicoder/notes/tree/master/Cloud\n  https://github.com/avicoder/notes\n  Pwned Cloud Society pdf https://www.slideshare.net/BryceKunz/pwned-cloud-society-bsidesslc-2017?from_action=save\n  Cloud Hacking  https://www.youtube.com/watch?v=ITSZ8743MUk\n  https://www.cloudvulndb.org/\nhttps://github.com/jordanpotti/CloudScraper \nhttps://github.com/appsecco/spaces-finder\n\nCode Review\n  https://raw.githubusercontent.com/zactly/handouts/master/Practical%20Secure%20Code%20Review%20-%20Whitepaper.pdf\n\nCodeql\n\nCookies\n  https://datatracker.ietf.org/doc/html/rfc6265#section-5.3w\n  https://github.com/jshttp/cookie\n\nCryptography\n  http://www.math.sci.hiroshima-u.ac.jp/m-mat/MT/ARTICLES/earticles.html#sfmt\n\nCTFs\nhttps://github.com/SecurityInnovation/Smart-Contract-CTF\n  Stripe ctf https://gist.github.com/evandrix/1901352\n  \nCWE \n  CWE-548: Exposure of Information Through Directory Listing -  https://cwe.mitre.org/data/definitions/548.html\n\n  Default creds \n    https://github.com/Viralmaniar/Passhunt\nDirectory Listing\n  Konan branch ofDeepsearch  https://github.com/rkreddypandu/Konan\n  deepsearch https://github.com/prosecurity/DeepSearch\n  Dirb  https://techyrick.com/dirb/\n  http://www.tecapi.com/public/rvr-view-attack-vector-gui.jsp?antiCsrfToken=null&amp;attackVectorId=254 \n  http://projects.webappsec.org/w/page/13246922/Directory%20Indexing\n\nDjango \n  https://blog.sonarsource.com/disclosing-information-with-a-side-channel-in-django/?utm_source=twitter&amp;utm_medium=social&amp;utm_campaign=djangodictsort&amp;utm_content=security&amp;utm_term=mofu\n  \ndns Rebinding \n  https://bugs.chromium.org/p/project-zero/issues/detail?id=1524\n  https://portswigger.net/research/so-you-want-to-be-a-web-security-researcher#forgottenknowledge\n\nDorks\n  https://github.com/random-robbie/bugbountydork/fork\n  Aline - Dork Automator CLI - https://github.com/ferreiraklet/Aline\n  Brtwitter dork: https://mobile.twitter.com/i/events/1417062625997991936\n  https://www.infosecmatter.com/bug-bounty-tips-1/#5-top-25-open-redirect-dorks\n  Shifa123 BugBounty Dorks https://github.com/shifa123/bugbountyDorks/blob/master/bbdorks\n  Goop https://github.com/s0md3v/goop\n  Go-Dork \n    https://github.com/dwisiswant0/go-dork\n    https://github.com/dwisiswant0/go-dork/compare/master...babaloveyou:go-dork:master\n  https://bxmbn.medium.com/ultimate-tips-and-tricks-to-find-more-cross-site-scripting-vulnerabilities-d2913765e2d5\n  Open Bug Bounty Targets https://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt\n  uDork https://github.com/m3n0sd0n4ld/uDork\n  \nffuf\n  How to Ffuf https://www.bugcrowd.com/blog/how-to-ffuf-with-codingo/\n  How to use ffuf - Hacker Toolbox https://www.youtube.com/watch?v=aN3Nayvd7FU\n  Fuzzing / FFUF -&gt; 5-30-22 Nehamssec stream covered fuzzing A LOT https://www.twitch.tv/videos/1312499916\n  Protips ffuf - tips and tricks https://www.youtube.com/watch?v=uwcRBSUl8e4&amp;t=358s\n  Late to the party, or, in other words massive web enumeration using ffuf. http://0entropy.blogspot.com/2020/05/late-to-party-or-in-other-words-massive.html\n  https://gowthams.gitbook.io/bughunter-handbook/fuzzing-fuff\n  https://0xmahmoudjo0.medium.com/how-i-found-multiple-sql-injection-with-ffuf-and-sqlmap-in-a-few-minutes-9c3bb3780e8f\n \n Fingerprinting\n   Fingerpint JS https://github.com/fingerprintjs/fingerprintjs\n   Whatweb\n   Wappalyze\n   Webanalyze\n   \nFrameworks\n  axiom \n    https://github.com/pry0cc/axiom\n    https://github.com/pry0cc/axiom/blob/master/images/provisioners/default.json\n  BBRF Client - https://github.com/honoki/bbrf-client\n  BugBounty Toolkit - Hackersploit Framework - https://github.com/AlexisAhmed/BugBountyToolkit\n  Findomain https://github.com/Findomain/Findomain\n  Hive https://hexway.io/blog/new-update-hive/\n  Intrigue \n    https://core.intrigue.io/\n    https://core.intrigue.io/getting-started/\n  LazyRecon - https://github.com/nahamsec/lazyrecon\n  Mandiant - Web GUI Take decisive action with industry-leading intelligence  https://www.mandiant.com\n  MooseDojo - apt2 - Pentesters Framework nmap centered \n    apt2 https://buaq.net/go-249.html  \n    apt2 MooseDojo/apt2: automated penetration toolkit   \n\n  Nerve \n    https://github.com/PaytmLabs/nerve\n  Osmedeus \n    https://docs.osmedeus.org/workflow/default-workflow/\n    https://github.com/j3ssie/osmedeus \n    https://xploitlab.com/osmedeus-the-most-complete-reconnaissance-tool-and-vulnerability-scanning/\n    https://docs.osmedeus.org/web-ui/ \n    https://github.com/osmedeus/osmedeus-workflow/blob/main/general/subdomain.yaml \n    https://discord.com/invite/mtQG2FQsYA \n    https://docs.osmedeus.org/installation/practical-usage\n    https://docs.osmedeus.org/workflow/\n  Pwn Machine https://github.com/yeswehack/pwn-machine  \n  \n  ReconFTW - https://github.com/six2dez/reconftw\n  Recon NG\n    https://github.com/anshumanbh/domain\n    https://raw.githubusercontent.com/anshumanbh/domain/master/enumall.py\n    Github https://github.com/lanmaster53/recon-ng \n    Welcome to the Recon-ng Marketplace https://github.com/lanmaster53/recon-ng-marketplace\n    API Key list   https://github.com/lanmaster53/recon-ng-marketplace/wiki/API-Keys\n    Setup script for Regon-ng  and altdns https://github.com/jhaddix/domain\n  Reconness - https://github.com/reconness/reconness\n  Rengine - \n    https://github.com/yogeshojha/rengine\n    https://github.com/yogeshojha/rengine/commit/cf30e98e0440424019cb2cad600892ce405f850e\n    Default Config Engine Yaml file https://raw.githubusercontent.com/yogeshojha/rengine/master/default_yaml_config.yaml\n  Sniper - https://github.com/1N3/Sn1per\n  TIDoS Framework https://github.com/0xInfection/TIDoS-Framework\n  Trickest https://www.youtube.com/watch?v=fXwWinE0sSg\n  Vajra - https://github.com/r3curs1v3-pr0xy/vajra\n  WebhackerWeapons https://github.com/hahwul/WebHackersWeapons\n\nFreq\n  Removes unnecesary output and only outputs happy (for us) path https://github.com/takshal/freq/compare/main...dmonteirosouza:freq:main\n  Fork by Realgoose. Adds a User-Agent bxss as well as robots.txt sprayer check https://github.com/takshal/freq/compare/main...RealGoose:freq:main\n  Removed unnecesary output https://github.com/takshal/freq/compare/main...dmonteirosouza:freq:main\n  Fork by kg11102 KaioGomes. Adds User-Agent firefox and Referrer Header check. Changes alert check. Ignored expired SSL Cert (Probably to skip errors) https://github.com/takshal/freq/compare/main...kg1102:freq:main\n  \n  \nGatsby\nhttps://www.gatsbyjs.com/docs/conceptual/security-in-gatsby/#key-security\nhttps://www.gatsbyjs.com/blog/2019-04-06-security-for-modern-web-frameworks/\n\nGit/Source Code Secret Finding\nhttps://github.com/auth0/repo-supervisor\nhttps://blog.gitleaks.io/finding-secrets-with-regular-expressions-d90493bb3784\n  https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning \n  https://github.com/takshal/Git-Finder \n  https://tillsongalloway.com/finding-sensitive-information-on-github/\n  https://secapps.com/tutorials/github-gist-recon\n  http://10degres.net/github-tools-collection/\n  https:// docs.github.com/en/rest/search\n  git-all-secrets\n    https://github.com/mhmdiaa/git-all-secrets\n    https://github.com/anshumanbh/git-all-secrets\n  https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_04B-3_Meli_paper.pdf\n  https://github.com/koto/gitpillage\n  https://github.com/hisxo/gitGraber\n  https://github.com/gwen001/github-search\n  https://github.com/darkseed/gitpillage\n  Tools to Get sensitive info / secrets from https://twitter.com/soaj1664ashar/status/1176769454035939328\n  https://github.com/trufflesecurity/trufflehog\n  Why Exposed API Keys and Sensitive Data are Growing Cause for Concern https://www.programmableweb.com/news/why-exposed-api-keys-and-sensitive-data-are-growing-cause-concern/analysis/2015/01/05\n  Secret Hunting - Google Dorks, Git Dorks, Employee OSINT, etc\n  https://gist.github.com/markofu/549fbd287edf08c38e869dacc740e49de\n  https://github.com/aquasecurity/cloudsploit  \n  Trufflehog https://www.youtube.com/watch?v=aioheMi1Wko\n  https://sapt.medium.com/perform-information-gathering-using-following-tools-on-the-given-targets-cyber-sapiens-internship-12c858166008\n  +Github Wiki Auditor https://www.smeegesec.com/2019/03/auditing-github-repo-wikis-for-fun-and.html\n  https://github.com/SmeegeSec/GitHub-Wiki-Auditor \n  https://www.kitploit.com/2022/04/gitbleedtools-for-extracting-data-from.html\n  https://github.com/phlmox/jslinkfinderv2\n  https://exposingtheinvisible.org/guides/google-dorking/ &lt;---- huge dorking guide!\n  https://github.com/phlmox/bingdork\n  \n  Git-Secrets\n   Adds supports for scanning aws, gcp, ads a gf regex pattern,   https://github.com/awslabs/git-secrets/compare/master...deshpandetanmay:git-secrets:master\n  Adds support for scaning entire drive, concept of install.uninstall, a global config file and a regex patterns file (nice!) https://github.com/awslabs/git-secrets/compare/master...dbrs:git-secrets:master\n  He adds one pattern to replace all the previous ones, and it adds a curl request. Other various changes. https://github.com/awslabs/git-secrets/compare/master...konakonall:git-secrets:master\n  \n  \n  https://github.com/toniblyx/my-arsenal-of-aws-security-tools\n  https://techvomit.net/aws-security/\n  https://github.com/gwen001/s3-bucketsdfinder.git\n  https://github.com/janmasarik/bucketsperm\n  https://github.com/phlmox/gdork\n  https://github.com/lc/secretz\n   https://github.com/kevthehermit/PasteHunter\n\ngitdump (TODO Take Notes and Implement from John Hammon Stream)\nhttps://github.com/topics/crawl?o=desc&amp;s=updated\n\nGraphql\n  https://github.com/IvanGoncharov/graphql-voyager\n  https://github.com/Escape-Technologies/graphinder\n  https://github.com/gsmith257-cyber/GraphCrawler\n  Learn Graphql https://www.gatsbyjs.com/docs/conceptual/graphql-concepts/\n  That single GraphQL issue that you keep missing https://blog.doyensec.com/2021/05/20/graphql-csrf.html\n  https://blog.assetnote.io/2021/08/29/exploiting-graphql/\n  https://twitter.com/holybugx/status/1441460070387261440?s=21\n  https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/GraphQL%20Injection\n  https://www.programmableweb.com/news/what-graphql-and-how-did-it-evolve-rest-and-other-api-technologies/analysis/2019/07/31\n  https://github.com/KathanP19/HowToHunt/blob/master/GraphQL/GraphQL.md\n  https://swizec.com/blog/reverse-engineer-a-graphql-api-to-automate-love-notes-codewithswiz-24/\n  https://www.youtube.com/watch?v=cvvPLlP4518&amp;feature=emb_logo\n  Graphwoof https://github.com/dolevf/graphw00f\n  Graphql Voyager https://ivangoncharov.github.io/graphql-voyager/\n  inQL graphql Burp Extension for burp [here](https://youtu.be/5qSq1S2sRC8?t=753)\n  \nGithubs \n    https://github.com/bbhunter\n\nHandson / Demos\nhttps://github.com/yandex/securitygym\n  aws test challenge http://flaws.cloud/\n  ABUH! https://darkrebel.net/metarget-framework-providing-automatic-consctions-of-vulnerable-infrastructures | metarget appv install dvwa | metarget install  cve-2021-2312\n  xss jigsaw - https://blog.innerht.ml/page/2/\n  https://google-gruyere.appspot.com/\n  https://hackxor.net/\n  https://github.com/takshal/FOR-FUN\n  Vulnrable Task Manger app https://github.com/redpointsec/vtm\nHacking Tools\n  https://reqbin.com\n  https://gist.github.com/bgoonz/524b4ea887b216b810d16429265a34a3\nHTTP\n  HTTP Pipelining in burp https://youtu.be/boHIjDHGmIo?t=204)\n\nHTTP Parameer Pollution \n  HPP  https://www.youtube.com/watch?v=QVZBl8yxVX0&amp;t=13s\n  \nHTTP Request Smuggling\n\nHTTP Security Headers https://blog.detectify.com/2019/02/05/guide-http-security-headers-for-better-web-browser-security/\nHTTP HEader Smuggling https://github.security.telekom.com/2020/05/smuggling-http-headers-through-reverse-proxies.html\nhttp headers  https://www.ibm.com/docs/en/ibm-mq/7.5?topic=headers-content-type-http-entity-header\n   \nRequest Smuggling\nhttps://github.com/ruevaughn/websocket-connection-smuggler\nhttps://portswigger.net/daily-swig/how-to-perform-an-http-header-smuggling-attack-through-a-reverse-proxy\nhttps://twitter.com/albinowax/status/1263122811683553283\nNote: kitploit guys is the hackbogtone guy\nhttps://www.kitploit.com/2021/08/http-request-smuggling-http-request.html\nhttps://hackbotone.com/blog/http-request-smuggling-detection-tool/\nhttps://www.youtube.com/watch?v=mijOcGLneLU&amp;t=303.658823s\n  Defparam Variant      - https://gist.github.com/defparam/840f7d9e31f77b3c5460c5921e0787ef/revisions\n  bbhunter mutations    - https://gist.github.com/bbhunter\n HTTP Request Smuggling - https://gist.github.com/ruevaughn/9c76260b412446f33b647c970bbb1001)\n\nHTTP Request Smuggling Tools\n  https://github.com/Sh1Yo/request_smuggler\n  \nIDOR\n  https://medium.com/pentesternepal/access-control-worth-2000-everyone-missed-this-idor-access-control-between-two-admins-9745eaf15d21\n  \nISS=\n\niis https://www.rapid7.com/db/vulnerabilities/spider-asp-dot-net-trace-axd/\n\n\nIos\n  https://medium.com/pentesternepal/access-control-worth-2000-everyone-missed-this-idor-access-control-between-two-admins-9745eaf15d21\n  https://havoc.app/package/crane\n  \n\nInsecure Deserialisation\nInsecure Deserialisation https://www.youtube.com/watch?v=SNi7gNkfLSM\n\nIP (INternet Protocol) https://youtu.be/C7CpfL1p6y0?t=320 \n                        \n\nJavascript\n  \ud83d\udd75\ufe0f Pinkerton is an JavaScript file crawler and secret finder developed in Python  https://github.com/oppsec/Pinkerton\n  Looking through javascript files live hacking https://youtu.be/xx5fF7i-dCQ?t=2582\n  https://www.bugbountyhunter.com/guides/?type=javascript_files\n  JAVASCRIPTRECON.md https://gist.github.com/m4ll0k/31ce0505270e0a022410a50c8b6311ff\n  https://portswigger.net/research/dom-based-angularjs-sandbox-escapes\n  Javascript for hackers https://www.youtube.com/watch?v=FTeE3OrTNoA\n  https://legallybreaking.com/discussion/88/full-featured-javascript-recon-automation-jsfscan-sh\n  https://labs.detectify.com/2016/12/08/the-pitfalls-of-postmessage/  \n  Javascript Enumeration https://www.youtube.com/watch?v=IsSWbVHk11M\n  https://cheatsheetseries.owasp.org/cheatsheets/Third_Party_Javascript_Management_Cheat_Sheet.html\n  unminifier http://dean.edwards.name/my/\n\n\n  https://github.com/robre/scripthunter\n\nJSON Attacks - JSON https://www.youtube.com/watch?v=oUAeWhW5b8c\n\nJWT\n  https://gist.github.com/ruevaughn/328067fadf926ddb788f98cd0d2d1a71 Crack JWT\n  https://medium.com/redteam/stealing-jwts-in-localstorage-via-xss-6048d91378a0\n  Security Weekly Unlocked: https://www.youtube.com/playlist?list=PLlPkFwQHxYE7nQtKNzjnsVyoSOu2K4l9e\n  https://anil-pace.medium.com/json-web-tokens-vs-oauth-2-0-85dd0b32057d\n  https://www.youtube.com/watch?v=muYmiEtPL8U JWT with bbking\n  JWT Traversal https://github.com/MoisesTapia/JwtTransversal\n\nMd5 \n  https://github.com/juuso/BozoCrack\n  \nMeg\n  https://github.com/blackhatethicalhacking/meg/compare/master...tomnomnom:meg:master\n  https://github.com/tomnomnom/meg/compare/master...3lpsy:megurl:master\n  https://github.com/tomnomnom/meg/compare/master...Cgboal:meg:master\n  https://github.com/tomnomnom/meg/compare/master...1ndianl33t:meg:master\n  https://github.com/tomnomnom/meg/compare/master...GwynHannay:meg:master\n  \nMethodologies (Hackers)\n   Cyberheartmi Methodology   https://gist.github.com/cyberheartmi9/1ac77d171d9b9dc9a5be45fa4f4c8dcb\n   Bug Bounty Mini Course:Automated Recon  https://www.youtube.com/watch?v=0VOWgM4klpM&amp;list=WL&amp;index=19&amp;t=53s\n   Zseanos Methodology https://www.bugbountyhunter.com/methodology/zseanos-methodology.pdf\n \n \nMime Type Sniffing\nhttps://www.keycdn.com/support/what-is-mime-sniffing\n\nMindmaps \n  List of Attack Vectors http://www.tecapi.com/public/relative-vulnerability-rating-gui.jsp\n  Huge Mind Map. Lots of resources. Has All Exploits and a lot of good info. https://www.xmind.net/m/Xy7XEW/\n  Collaborative Mindmaps - Collaborative Mind Mapping \n\nMobile\n  https://github.com/skateforever/pentest-scripts/tree/main/mobile\n  https://www.veracode.com/blog/2010/12/mobile-app-top-10-list \n  \nMootools\n  https://github.com/BlackFan/client-side-prototype-pollution/blob/master/pp/mootools-more.md\n  mootools 1.4.5 vuln \n    https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-31812/summary\n    Vulnerable Line https://github.com/vsviridov/mootools-node/commit/0fcc500aa1be356bc8745b322e8182f38ec8f0a0#diff-c4d2ea9c35bf14dd01cf28b174dba68fca9d2d9a2ae4b63d48ee496d7e9deedbR360-R367 \n    poc https://snyk.io/test/npm/mootools/1.4.5\nNmap\n  https://tecadmin.net/scanning-open-ports-with-nmap/inif\n  nmap pwn https://gist.github.com/BU9D4DDY/3e31890ae407e7c41a00f3715d00c5d7\n\nNodejs hacking\nhttps://github.com/zactly/handouts/blob/master/node_js_generic_checks.md\n\nOneliners\n    automate prototype polution https://twitter.com/R0X4R/status/1402906185301323776\n    https://github.com/D4Vinci/One-Lin3rt\n\n  https://github.com/Excloudx6/Elsfa7110-Oneliner-bughunting\n  https://hackingblogs.com/bug-bounty-builder-project-tool-use/#ONE-LINERRECONfor_FUZZ_XSS\n  https://github.com/KingOfBugbounty/KingOfBugBountyTips/compare/master...halencarjunior:KingOfBugBountyTips:master\n  https://www.youtube.com/watch?v=ZcG8ARatgs0&amp;t=467s\n  https://giters.com/okaayfine/oneliner-bugbounty\n  https://twitter.com/ofjaaah/status/1532581839344394241\n  https://gist.github.com/cyberheartmi9/c993542044fdc45834837c3f88484a63\n  https://github.com/trimstray/the-book-of-secret-knowledge\n\nOpen Redirects\nhttps://github.com/tomnomnom/meg/compare/master...1ndianl33t:meg:master\nhttps://www.infosecmatter.com/bug-bounty-tips-1/#5-top-25-open-redirect-dorks\nhttp://www.thespanner.co.uk/2014/03/21/rpo/\nhttps://nostarch.com/download/samples/RealWorldBugHunting_Ch02_Sample.pdf\nhttps://i.blackhat.com/asia-19/Fri-March-29/bh-asia-Wang-Make-Redirection-Evil-Again-wp.pdf\nhttps://devcraft.io/2020/10/19/github-gist-account-takeover.html\nhttps://portswigger.net/web-security/oauth/lab-oauth-stealing-oauth-access-tokens-via-an-open-redirecthttps://blog.intigriti.com/hackademy/open-redirect/\nhttp request smugglin open redorect defparam https://www.youtube.com/watch?v=3tpnuzFLU8g\nhttps://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/understanding-and-discovering-open-redirect-vulnerabilities/\nhttps://corneacristian.medium.com/top-25-open-redirect-bug-bounty-reports-5ffe11788794\nhttps://www.youtube.com/watch?v=4Jk_I-cw4WE\nhttps://www.youtube.com/watch?v=grkMW56WX2E\n  https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Open%20Redirect/Intruder/open_redirect_wwwist.txt\n  https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Open%20Redirect/Intruder/openredirects.txt\n  https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Open%20Redirect/Intruder/Open-Redirect-payloads.txt\n  https://pentester.land/cheatsheets/2018/11/02/open-redirect-cheatsheet.html\n  https://github.com/AnLoMinus/Bug-Bounty/blob/2d654a0a62c1194564aa841745c171c4b1374252/Checklist/Web%20App/Upload%20Function.md\nhttps://github.com/Excloudx6/open-redirect-payload-list\n * [Learn with @DarkLotusKDB: Recon with Shodan &amp; Spyse,XSS, Bypass OpenRedirects, SSRF, BugBunty Bot!!!](https://www.youtube.com/watch?v=66HqaFCF4Kk)\nhttps://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Open%20Redirect\n  https://web.archive.org/web/20201130145910/https://github.com/ptswarm/ptswarm-twitter/blob/main/2020-11-30-open-redirect-params.txt\nhttps://giters.com/okaayfine/oneliner-bugbounty#open-redirect\nhttps://infosecwriteups.com/bugbounty-linkedln-how-i-was-able-to-bypass-open-redirection-protection-2e143eb36941\nTnom and ori https://youtu.be/SYExiynPEKM?t=2630\n\nOwasp Top 10 (2021) https://cwe.mitre.org/data/definitions/1344.html\nParams\n  More Silent wheb running https://github.com/0xecho/parameth\n  Normal Branch https://github.com/maK-/parameth\n  Docker support https://github.com/Shaked/parameth\n  \nParameter Tampering - \n  http://www.tecapi.com/public/rvr-view-attack-vector-gui.jsp?antiCsrfToken=null&amp;attackVectorId=57\n\nPayloads / POCs\n    https://github.com/knownsec/pocsuite3\nhttps://github.com/pranav77/XSS-using-SVG-file\n  https://github.com/Excloudx6/Public/tree/master/payloads\n  https://github.com/sh377c0d3/Payloads/fork\n  https://github.com/RootUp/PersonalStuff\n  https://github.com/swisskyrepo/PayloadsAllTheThings \n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2019-nominations-open\n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2019\n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2020-nominations-open\n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2020\n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2021-nominations-open\n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2021\n  https://portswigger.net/research/top-10-web-hacking-techniques\n  https://portswigger.net/research/so-you-want-to-be-a-web-security-researcher#forgottenknowledge\n\nPOC Videos\n  https://repo.telematika.org/project/bminossi_allvideopocsfromhackerone/\n  https://github.com/zeroc00I/AllVideoPocsFromHackerOne\n\nPassword Cracking\n  https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-dg.pdf\n\nPeople \ntnom interview https://gist.github.com/ruevaughn/00638360841b2bec94149080c4f04f28\nAshar Jahvid https://twitter.com/soaj1664ashar\n\nProducts / Services \nTobuy https://order.shareit.com/cart/view | https://tryhackme.com/why-subscribe | https://findomain.app/#Pricing | https://github.com/Excloudx6/InfoSec-Black-Friday | HAKLUKE RECOMENDS https://securitytrails.com/corp/osint-toolkit?referral_code=LLDAK0F80M\n\n\nProtype Pollution\n  automate https://twitter.com/R0X4R/status/1402906185301323776\n  https://www.kitploit.com/2021/09/plution-prototype-pollution-scanner.html\n  https://github.com/dwisiswant0/ppfuzz?tag=v1.0.0\n  https://github.com/kosmosec/proto-find\n  https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#prototype-pollution\n  https://github.com/BlackFan/client-side-prototype-pollution\n  https://research.securitum.com/prototype-pollution-and-bypassing-client-side-html-sanitizers/\n  https://github.com/HoLyVieR/prototype-pollution-nsec18/blob/master/paper/JavaScript_prototype_pollution_attack_in_NodeJS.pdf\nhttps://www.youtube.com/watch?v=Gv1nK6Wj8qM&amp;t=1558s\nppmap \n  https://blog.intigriti.com/2021/07/14/bug-bytes-131-credential-stuffing-in-bug-bounty-hijacking-shortlinks-hacker-shows/\n  https://www.geeksforgeeks.org/ppmap-a-scanner-or-exploitation-tool-written-in-go/\n  https://book.hacktricks.xyz/pentesting-web/deserialization/nodejs-proto-prototype-pollution/client-side-prototype-pollution\nPrototype polution Tools\n  https://github.com/msrkp/PPScan\n\n\n\nPython\nhttps://hackernoon.com/10-common-security-gotchas-in-python-and-how-to-avoid-them-e19fbe265e03?utm_source=pocket-ff-recs\n\nRails\n  https://github.com/zactly/handouts/blob/master/oss_apps.md\n  https://github.com/zactly/handouts/blob/master/materials.md\n  https://github.com/gramantin/awesome-rails#apps-made-with-rails\n  Mass Assignment https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html\n  https://code.tutsplus.com/tutorials/mass-assignment-rails-and-you--net-31695\n  https://www.cloudbees.com/blog/preproduction-checklist-for-a-rails-app?utm_source=rubyweekly&amp;utm_medium=email\n  https://youtu.be/CIhHpkybYsY?t=1171\n  https://github.com/zactly/handouts/find/master\n  https://github.com/zactly/handouts/blob/master/conferences/virtual-appsecday-2020/skea_rails_routes.md\n  \n \nRecon\n  https://github.com/003random/003Recon\n  https://raw.githubusercontent.com/anshumanbh/domain/master/enumall.py\n  Reconmap GUI Website SaaS https://demo.reconmap.com/login\n  https://github.com/0xbharath/assets-from-spf\n  https://mavericknerd.github.io/knowledgebase/BugBountyRecon/\n  https://www.bugbountyhunter.com/methodology/zseanos-methodology.pdf   \n  https://ulir.ul.ie/bitstream/handle/10344/8278/Nuseibeh_2019_Text.pdf?sequence=2\n  https://github.com/janmasarik/resolvers\n  https://github.com/janmasarik/resolvers/pull/31/files\n\nResolvers\n  https://github.com/janmasarik/resolvers/pull/31/files\n  https://github.com/janmasarik/resolvers\n\n\nReporting\n  https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html\n\nReflected File Downloads\n Reflected File Download - A New Web Attack Vector https://www.youtube.com/watch?v=dl1BJUNk8V4\n https://blog.davidvassallo.me/2014/11/02/practical-reflected-file-download-and-jsonp/\nhttps://drive.google.com/file/d/0B0KLoHg_gR_XQnV4RVhlNl96MHM/view?resourcekey=0-NV7cTUTB48bltMEddlULLg\nhttps://www.blackhat.com/docs/eu-14/materials/eu-14-Hafif-Reflected-File-Download-A-New-Web-Attack-Vector.pdf\nhttps://www.davidsopas.com/reflected-file-download-cheat-sheet/\n\nRegexp\n  Regexp Basics https://www.youtube.com/watch?v=KJG1dETacLI\n  https://regexr.com/\n\nResources\n  https://portswigger.net/research/web-cache-entanglement\n  https://github.com/AnLoMinus/Bug-Bounty\n  https://github.com/ngalongc/bug-bounty-reference\n  https://www.youtube.com/c/krypt0muxbugbounty\n  https://github.com/OWASP/www-chapter-czech-republic/blob/master/slides/Getting_Started_with_Bug_Bounty.pdf\n  https://github.com/OWASP/www-chapter-czech-republic/blob/master/slides/Hacking_101.pdf\n  https://github.com/OWASP/www-chapter-czech-republic/blob/master/slides/Adela_Hanikova_All_roads_lead_to_domain_admin.pdf\n  https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE\n  Really good bug bounty playlist https://www.youtube.com/watch?v=FeXloh12Mnw&amp;list=PLlrnAg4kKF3r26OIyfoYQQ-YqySE3fyE_&amp;index=2\n  When looking for something ot hack https://web.archive.org/web/20210420062735/https://help.intrigue.io/reference/intrigue-core-api-endpoints\n  The 5 Hacking NewsLetter 107 - https://pentester.land/newsletter/2020/05/27/the-5-hacking-newsletter-107.html\n  Cloud Metadata - https://gist.github.com/rudSarkar/39f821249bf0d38093cafbfd23bc33ee | https://gist.github.com/BuffaloWill/fa96693af67e3a3dd3fb\n  Megathread https://twitter.com/ITSecurityguard/status/1519272305729458176\n  Reset Passwprd https://docs.google.com/presentation/d/1QzBl3k3n2q44ULyfZgr_gPZexj8nF5vD8JrS5AUJRbs/edit#slide=id.gb5aea10a86_0_167\n  Bug Bounty Google Doc https://docs.google.com/presentation/d/1o7GWUOYwcd3uMwLBRG9UzARYCvfuX3VKUHfoPu38t78/edit\n  Bug Bounty Udemy Courses Tip https://twitter.com/ITSecurityguard/status/1519272305729458176 \n  https://github.com/carlospolop/PEASS-ng \n  Saturday Night Bug Bounty Bytes w/ Ch1-R0n1n  https://www.youtube.com/watch?v=xx5fF7i-dCQ\n  Nicolas Gr\u00e9goire - Hunting for Top Bounties  https://www.youtube.com/watch?v=mQjTgDuLsp4\n  Hacktify Playlist to learn hacking https://www.youtube.com/watch?v=NBCrlRqX2AY&amp;list=RDCMUCS82DNnKOhXHcGKxGzQvNSQ&amp;start_radio=1&amp;rv=NBCrlRqX2AY&amp;t=0\n  \nRNG http://www.math.sci.hiroshima-u.ac.jp/m-mat/MT/ARTICLES/earticles.html  \n\nRPO (Relative Path overide) Gadgets \n  https://blog.innerht.ml/rpo-gadgets/\n  https://www2018.thewebconf.org/proceedings/\n  https://blog.acolyer.org/2018/05/28/large-scale-analysis-of-style-injection-by-relative-path-overwrite/\n  https://www.nds.rub.de/media/emma/veroeffentlichungen/2012/08/16/scriptlessAttacks-ccs2012.pdf\n  https://portswigger.net/research/detecting-and-exploiting-path-relative-stylesheet-import-prssi-vulnerabilities\ninurl:/.well-known/security ext:txt -hackerone -bugcrowd -synack -openbugbount\n\nSAML\nhttps://epi052.gitlab.io/notes-to-self/blog/2019-03-07-how-to-test-saml-a-methodology/\nhttps://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final91.pdf\nhttps://epi052.gitlab.io/notes-to-self/blog/2019-03-13-how-to-test-saml-a-methodology-part-two/\n\nScanners\n  2020_3452\nhttps://www.zoomeye.org/\nhttps://searchcode.com/\nhttps://fullhunt.io/\nhttps://github.com/RustScan/RustScan\nhttps://github.com/knassar702/scant3r\n\nS3 buckets \n  https://github.com/sa7mon/S3Scanner\n   Dumping S3 Buckets | Exploiting S3 Bucket Misconfigurations https://www.youtube.com/watch?v=ITSZ8743MUk\n   https://support.cloudflare.com/hc/en-us/articles/360037983412-Configuring-an-Amazon-Web-Services-static-site-to-use-Cloudflare\n\nSecond Order Takeovers\n  Shubbs Talking about it in his 5 years of hacking talk. Good. https://youtu.be/iG7-c0YbhbM?t=1472\n\nSelf Hosting \n  https://honoki.net/2021/07/11/wilson-cloud-respwnder/\n  Shodan like nmap results parser (https://github.com/shivammehta007/ScanX) PBNJ(http://pbnj.sourceforge.net/) (A suite of tools to monitor change in a network over time) store NMAP Results in a database to monitor changes on a network over time and then conducts historical analysis to identify new hosts - \n\nScripts\n  LFI https://web.archive.org/web/20100228162410/http://pastie.org/840199\n  https://github.com/killswitch-GUI/PenTesting-Scripts\n\nSession Poisoning - https://en.wikipedia.org/wiki/Session_poisoning \n https://github.com/t1m4/ptl_lab\n \nSetup\n  Bug Bounty Tools Setup - https://github.com/oliveira-andre/bug_bounty_tools\n  Redherd - https://redherd.readthedocs.io/en/latest/ | https://www.youtube.com/channel/UCYSM51oldVsryhZxGdB3hXA\n\nShells\n  https://github.com/tennc/webshell/blob/master/README_EN.md\n\nSmart Contracts\n  https://github.com/SecurityInnovation/Smart-Contract-CTF\n\nSSRF\n  SSRF HTTP Bypass List https://pastebin.com/YbsKrMpf\n SSRF - Practical  by Hacktify https://www.youtube.com/watch?v=NBCrlRqX2AY\nhttps://reconshell.com/jira-mobile-ssrf-exploit/\nhttps://gowthams.gitbook.io/bughunter-handbook/list-of-vulnerabilities-bugs/ssrf\n\n\nSubdomain Takeovers\n  https://github.com/mhmdiaa/tko-subs\n  https://github.com/mhmdiaa/second-order\nhttps://0xpatrik.com/subdomain-takeover-ns/\nhttps://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/\nhttps://www.hackerone.com/application-security/guide-subdomain-takeovers\nhttps://medium.com/@thebuckhacker/how-to-do-55-000-subdomain-takeover-in-a-blink-of-an-eye-a94954c3fc75\nhttps://import.cdn.thinkific.com/359809/courses/1386931/locomotivesubdomaintakeover-210608-154821.yamll\nhttps://github.com/buckhacker/SubDomainTakeoverTools\ngithub.com/lukasikic/subzy \n    -&gt; https://gist.githubusercontent.com/ruevaughn/91d3369fdf0d93b0bdc6662c771cb7ae/raw/79e07b315e465bae1f003ec8fd40fcf5471b223b/fingerprints.json\ngithub.com/mhmdiaa/second-order\n\nSubmitting a report\nhttps://about.gitlab.com/blog/2020/09/28/top-tips-for-better-bug-bounty-reports-and-a-hacker-contest/\n\nSQL INjection\nhttps://www.cloudflare.com/learning/security/threats/sql-injection/\n\nShodan\n  Awesome Shodan Queries https://github.com/jakejarvis/awesome-shodan-queries\n  Shodan Dorks https://twitter.com/0xhunster/status/1548382647759491074/photo/1\n  Shodan CVE Dorks Kathan https://kathan19.gitbook.io/howtohunt/sensitive-info-leaks/shodan_cve_dorks\n  https://carbon.now.sh/6nEp25xrtuu53L6aquU4\n  https://twitter.com/kotylevskiy/status/1551926067908182018/photo/1\nStatus Codes\n  Web status codes https://requests.readthedocs.io/en/latest/api/#status-code-lookup\n  \nSQL Injection\nhttps://github.com/ladecruze/Exploits/blob/master/sqlexploit.js\n  https://book.hacktricks.xyz/pentesting-web/sql-injection\n  (at the bottom of the page, the image and text for 2 sqli x-forwarded-for tips) https://medium.com/pentesternepal/access-control-worth-2000-everyone-missed-this-idor-access-control-between-two-admins-9745eaf15d21\n  https://github.com/0xEval/sql2shell\n  \nSource Code Analysis\n  https://twitter.com/dhakal_ananda/status/1544574015779606529\n\nTakeovers\n  https://github.com/musana/mx-takeover\n  \nTiming Attacks\nTime Attacks http://www.tecapi.com/public/relative-vulnerability-rating-gui.jsp?antiCsrfToken=null&amp;filterCategory=9\n\nTips\n  Parse Github URls https://github.com/ruevaughn/git-url-parse\n  Randomize IPs https://gist.github.com/yehgdotnet/27114d4bb5b28ec093e6dd36e329c389\n\n  Find IP Address behind CDN\n    \t\thttps://github.com/mandatoryprogrammer/cloudflare_enum\n    https://infosecwriteups.com/finding-the-origin-ip-behind-cdns-37cd18d5275\n    https://zdresearch.com/finding-the-origin-ip-behind-cdns/\n    https://twitter.com/HolyBugx/status/1343156549162852352?s=20 \n  Test Shodan Queries https://app.netlas.io/responses/\n  https://bbinfosec.medium.com/collection-of-bug-bounty-tip-will-be-updated-daily-605911cfa248\n  https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/bugbountytips.md\n  King of Bug Bounty Tips - https://github.com/KingOfBugbounty/KingOfBugBountyTips\n  https://abhinavprasad47.github.io/bugbounty-starter-notes/\n  https://www.google.com/search?tbm=bks&amp;q=recon-ng\n  gh dork: https://github.com/topics/one-liners\n  Sqlmap tip - https://youtu.be/rVu0GUjic_g?t=2246\n  Eval command and security issues https://mywiki.wooledge.org/BashFAQ/048\n  \ud83c\udf1f Find company's owned domains (company.*) with these #googledorks: | https://twitter.com/nil0x42/status/1533094473067995137 \n  https://redhuntlabs.com/nvadr\nTodo\n    read https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning\n      https://tillsongalloway.com/finding-sensitive-information-on-github/\nTODO: Make a worldist from these Amazon Cognito API actions GetUser etc https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminGetUser.html\n\n\nTools\n  https://github.com/ladecruze/Subdorker/fork\n   Brute Force Tomcat https://github.com/Excloudx6/tomcter\n  Code Snippets\n    https://carbon.now.sh/snippets\n  HTML Tools (CSV To HTML, Regexpal, 50+ tools) \n    https://www.cleancss.com/join.php\n  \n\n  Arjun                 \n    https://github.com/s0md3v/Arjun/wiki/Usage#scan-a-single-url  \n  crobat                    \n    https://www.onsecurity.io/blog/how-i-made-rapid7s-project-sonar-searchable/\n  Dom Invader               \n    https://www.youtube.com/watch?v=GeqVMOUugqY\n  ffuf                      \n    https://mikekitckchan.medium.com/holy-ffuf-a-beginner-guide-to-fuzz-with-ffuf-4bc6a66b5391 | https://thexssrat.medium.com/what-the-fuzz-the-truth-behind-content-discovery-77cd0c0756e7\n  gf       \n    Automate GF and gau https://gist.github.com/BU9D4DDY/eea5f7580577d9bf5d009ce923bac4fe\n    https://rengine.wiki/usage/tool_conf/ \n    https://github.com/1ndianl33t/Gf-Patterns \n    https://github.com/halencarjunior/BugBuntu/wiki/Installing-Gf-Patterns \n    https://github.com/NitinYadav00/gf-patterns/fork \n    https://twitter.com/sratarun/status/1361209626478276610 \n    MORE GF TEMPLATES https://github.com/lutfumertceylan/top25-parameter/releases/tag/v1.0.7 \n    https://github.com/tomnomnom/gf/compare/master...pry0cc:jf:master | \n    https://github.com/ResistanceIsUseless/gf | \n    https://github.com/tomnomnom/gf/compare/master...medbsq:gf:master | \n    https://github.com/mrofisr/gf-patterns\n    \n  gee                       \n    Similar to Tee. More Functionality. https://github.com/hahwul/gee\n    Gee Tips https://twitter.com/hahwul/status/1360495560843689989\n  FFMPEG-AVI-m3u-xbin       - https://github.com/Excloudx6/ffmpeg-avi-m3u-xbin\n  metabigor v2              - Metabigor https://twitter.com/j3ssiejjj/status/1528687407587299330/photo/1\n  pywhat -- Identify anything. pyWhat easily lets you identify PI from pcap files\n    https://github.com/bee-san/pyWhat/fork\n  recon-ng  https://raw.githubusercontent.com/anshumanbh/domain/master/enumall.py\n  SimpleApachePathTraversal - https://github.com/MrCl0wnLab/SimplesApachePathTraversal\n  Source2Url                - \n  \n  Tmux \n    tmux or screen https://youtu.be/a8LaNydbJyA?t=6406\n\n  \n  Tracy\n    https://newsroom.nccgroup.com/\n    https://github.com/nccgroup/tracy/blob/master/src/js/database-worker.js\n    https://github.com/nccgroup/tracy\n  \n  UrlEncode/Decode\n    https://www.w3schools.com/tags/ref_urlencode.ASP\n    https://network-tools.com/url-encode/\n    https://www.url-encode-decode.com/\n\nVulnerable Things\n  https://github.com/kiwicom/xssable\n   https://github.com/janmasarik/dumb-password-rules\n https://github.com/duffn/dumb-password-rules/fork\n \n \n WhatWeb                   - https://github.com/urbanadventurer/WhatWeb\n  WFUZZ                     - https://book.hacktricks.xyz/pentesting-web/web-tool-wfuzz\nwwwwwww\nahttps://useragent.me/\n\nWordlists\nhttps://gist.github.com/random-robbie/0f9d24a7b3c7268ee0c1ecdbe280611b\n  http://web.mit.edu/~mkgray/jik/src/Attic/kerberos_password_hacker/allwords\n  https://web.archive.org/web/20201130145910/https://github.com/ptswarm/ptswarm-twitter/blob/main/2020-11-30-open-redirect-params.txt\n  https://github.com/mhmdiaa/chronos\n  https://github.com/d4rckh/gorilla\n  https://github.com/jim3ma/crunch\n  https://github.com/the-xentropy/samlists/fork\n  https://github.com/AyProductions-Team/NEXTdependencydownloader/blob/588fa54b77743f808feec88070a4a0c76ac7c993/bin/Debug/net6.0-windows/DependencyDownloader.exe.WebView2/EBWebView/ZxcvbnData/3.0.0.0/passwords.txt\n  https://gist.github.com/random-robbie/c9671939d029848df38e06c5383e6395\n  Common Config Files by Tomnomnom   https://github.com/tomnomnom/meg/blob/master/lists/configfiles\n  Short Wordlist by Tomnomnom https://gist.github.com/tomnomnom/57af04c3422aac8c6f04451a4c1daa51\n  https://github.com/giteshnxtlvl/cook\n  https://imgur.com/user/silverblack1111/New%20Folder\n  https://gist.github.com/jhaddix/86a06c5dc309d08580a018c66354a056\n  https://github.com/RhinoSecurityLabs/Security-Research/blob/master/tools/aws-pentest-tools/iam_user_enum/default-word-list.txt\n  https://github.com/koaj/aws-s3-bucket-wordlist\n  https://github.com/Karanxa/Bug-Bounty-Wordlists\n  FUZZ.txt good -https://gist.github.com/m4ll0k/50efec5f04179b107c9d7597eec7d23c\n  https://gist.github.com/m4ll0k/https://gist.github.com/yassineaboukir/8e12adefbd505ef704674ad6ad48743d\n  Stream: Creating Target Specific Wordlist!!  https://www.youtube.com/watch?v=AF-zp6DROTs\n  API Endpoints https://gist.github.com/yassineaboukir/8e12adefbd505ef704674ad6ad48743d\n  https://bendtheory.medium.com/finding-and-exploiting-unintended-functionality-in-main-web-app-apis-6eca3ef000af\n  https://wordlists.assetnote.io/\n  https://gist.github.com/jhaddix/86a06c5dc309d08580a018c66354a056\n  https://github.com/six2dez/OneListForAll/blob/main/onelistforallmicro.txt\n  https://gist.github.com/miguelmota/706ebaeb661e246e1b682c400d49d1c9\n  https://github.com/ghostlulzhacks/wordlist/blob/master/directory-brute-wordlist.txt\n  to harvest https://youtu.be/YO3ldj4jkJk?t=275\n  Common Bucket Names https://github.com/buckhacker/buckhacker/blob/master/resources/common-bucket-names.txt\n  https://portswigger.net/web-security/authentication/auth-lab-passwords\n  https://portswigger.net/web-security/authentication/auth-lab-usernames\n  https://github.com/SmeegeSec/SmeegeScrape\n  make a wl from js https://gist.github.com/seqrity/d67608eb6372cd6f455bfeeefa77b9c2\n  Who what where when tomnomnom - https://www.youtube.com/watch?v=W4_QCSIujQ4\n  https://pentestbook.six2dez.com/recon/webs-recon Wordlist Gen\n  https://github.com/giteshnxtlvl/cook\n  https://gitlab.com/kalilinux/packages/amass/-/tree/91a5313226ab9ebd4ecbad40622584dd6f3f7cd5/wordlists Wordlists\n\n\n  \nWriteups\n  https://github.com/kh4sh3i/bug-bounty-writeups\n  securityforeveryone.com/scan-repository\n  2022-07-15 Exploiting Arbitrary Object Instantiations in PHP without Custom Classes  https://swarm.ptsecurity.com/exploiting-arbitrary-object-instantiations/\n  https://github.com/fardeen-ahmed/Bug-bounty-Writeups\n  https://github.com/devanshbatham/Awesome-Bugbounty-Writeups\n  https://twitter.com/ITSecurityguard/status/1519272305729458176\n  https://github.com/ngalongc/bug-bounty-reference\n  \n  https://github.com/djadmin/awesome-bug-bounty\n  https://ysamm.com/#\n  https://tarekbouali.com/posts/how-i-hacked-one-of-the-biggest-airlines-group-of-the-world/\n  https://github.com/jaiswalakshansh/Facebook-BugBounty-Writeups\n  https://infosecwriteups.com/intro-to-bug-bounty-automation-tool-chaining-with-bash-13e11348016f\n  https://hacklido.com/u/excloudx\n  https://subscription.packtpub.com/book/ssnetworking-and-servers/9781788626897/7/ch07lvl1sec47/example\n  https://subscription.packtpub.com/owned\n  https://id.bugbountyhub.com/auth/realms/bugbountyhub/login-actions/authenticate?execution=a484e1a7-bc42-472b-a339-15be49996b14&amp;client_id=prod-platform&amp;tab_id=MivkVulj_p8\n  https://prashantbhatkal2000.medium.com/svg-based-stored-xss-ee6e9b240dee\n  https://github.com/phlmox/public-reports/blob/main/hackerone-one-million-reports\n  https://footstep.ninja/posts/\n  https://twitter.com/omespino/status/1489310300708900868/photo/\n  https://github.com/phlmox/public-reports\n  https://blog.assetnote.io/2020/09/15/hacking-on-bug-bounties-for-four-years/\n  https://discord.com/channels/772850979955671103/772854181433573398/895230570366402590 Hacking Articles\n\nVhosts\n  https://github.com/Shaked/vhost-finder\n  Vhost Discovery https://github.com/projectdiscovery/tlsx#sancn-probe\n\nVPS\nhttps://github.com/bbhunter/pentest-scripts/blob/main/useful/get-tools.sh\nhttps://github.com/crawlab-team/crawlab\n  https://github.com/righettod/toolbox-pentest-web\n  google cloud official repos https://github.com/googleapis/google-cloud-ruby\n  google cloud repos https://github.com/orgs/4ARMED/repositories\n  Certifcate install   https://github.com/anshumanbh/terraform-burp-collaborator#using-a-proper-tls-certificate\n  https://github.com/orgs/4ARMED/repositories\n  Teraform Burp Colab server https://github.com/anshumanbh/terraform-burp-collaborator\n  Setup script for Regon-ng  and altdns https://github.com/jhaddix/domain\n  https://github.com/AntSwordProject/antSword\n  https://github.com/janmasarik/resolvers/blob/master/.github/workflows/main.yml\n  https://github.com/pry0cc/axiom/tree/master/images/provisioners\n  https://github.com/janmasarik/resolvers\n  Assetnote Setup and Installation   https://gist.github.com/sz3n/1fdf2f871a10d4e9180757afc8fd80e2\n  https://demo.ezxss.com/manage/dashboard\n  https://github.com/ssl/ezXSS/wiki/Installation\n  https://honoki.net/2021/07/11/wilson-cloud-respwnder/\n  https://github.com/ruevaughn/assetnote\n  https://github.com/robre/jsmon\n  Host and Deploy Assetnote https://gist.github.com/BU9D4DDY/9e023d0fae3314273302ae895ae7c5ed\n  vps_install.sh by Rajchowdhury420 https://gist.github.com/Rajchowdhury420/24fa500ebc4edbb2018860f85f93b8cf\n  https://hackingblogs.com/bug-bounty-builder-project-tool-use/\n  Beats - Lightweight shippers for Elasticsearch &amp; Logstash \n  https://github.com/nicolargo/glances\n  https://github.com/intrigueio/intrigue-core/wiki/Setting-up-a-Development-Environment-%28on-Ubuntu%2C-Kali%2C-Debian%29\n  https://www.udemy.com/course/learn-website-hacking-penetration-testing-from-scratch/learn/lecture/5878090?start=0#overview\n  Pt a website onlne https://www.youtube.com/watch?v=NQP89ish9t8\n  https://www.trenchesofit.com/2021/06/14/bug-bounty-vps-build/\n  https://github.com/intrigueio/intrigue-core/wiki/Setting-up-a-Development-Environment-%28on-Ubuntu%2C-Kali%2C-Debian%29\n  https://github.com/AlexisAhmed/BugBountyToolkit &lt;-- docker \n\nWhitepapers\nhttps://github.com/zactly/handouts/tree/master/conferences\n\nxss\nhttps://github.com/kiwicom/xssable\nhttps://twitter.com/soaj1664ashar\n  https://github.com/pranav77/XSS-using-SVG-file\n  https://www.openbugbounty.org/blog/devl00p/top-100-xss-dorks/\n  xss - https://threadreaderapp.com/thread/1508406052663934979.html\n  https://google-gruyere.appspot.com/\n  https://0x1.gitlab.io/web-security/Weaponised-XSS-Payloads/\n  https://infosecwriteups.com/weaponizing-reflected-xss-to-account-takeover-ae8aeea7aca3\n  https://hakluke.medium.com/upgrade-xss-from-medium-to-critical-cb96597b6cc4\n  https://github.com/hakluke/weaponised-XSS-payloads\n  https://medium.com/redteam/weaponising-angularjs-bypasses-4e59790a730a\n  https://github.com/dwisiswant0/findom-xss\n  https://www.secureideas.com/blog/2018/12/twelve-days-of-xssmas.html\n  https://www.geeksforgeeks.org/findom-xss-fast-dom-based-xss-vulnerability-scanner/?ref=rp\n  https://thexssrat.podia.com/free-labs\n  https://github.com/topics/xss\n  https://twitter.com/ofjaaah/status/1504932805431767046\n  https://portswigger.net/research/new-xss-vectors\n  https://medium.com/bugbountywriteup/how-i-was-able-to-find-50-cross-site-scripting-xss-security-vulnerabilities-on-bugcrowd-public-ba33db2b0ab1\n  https://github.com/takshal/freq\n  https://bytemeta.vip/index.php/@takshal\n  https://github.com/takshal/freq/pull/2/commits/ca176eee65889530b4896d782419edd0e4325713\n  https://www.kitploit.com/2018/05/xss-payload-list-cross-site-scripting.html\n  What is the best method to use dalfox?? https://attacker-codeninja.github.io/2021-09-09-portswigger-notes-on-host-header-attack/\n  https://github.sre.pub/topics/xss-scanners\n  https://medium.com/@skavans_/the-unobvious-about-xss-and-html-encoding-4e0d536a35d9\n  Al the ways you can alert js -&gt; https://gist.github.com/tomnomnom/14a918f707ef0685fdebd90545580309\n  https://github.com/wisec/domxsswiki/wiki\n  https://github.sre.pub/topics/xss-scanners\n  https://owasp.org/www-community/attacks/xss/\n  Moving beyond alert()xss https://av.tib.eu/media/49191\n  https://unescape-room.jobertabma.nl/\n  https://infosecwriteups.com/reflected-xss-on-microsoft-com-subdomains-4bdfc2c716df\n  https://github.com/danielthatcher/Cookieless-Session-Scanner session is for identifying xss as described here   https://blog.isec.pl/all-is-xss-that-comes-to-the-net/\n\nXSS Labs\nhttps://google-gruyere.appspot.com/\n\n\n\nScreenshots\nhttps://github.com/detectify/page-fetch/fork\n\nEyeballer\nhttps://github.com/BishopFox/eyeballer &lt;----- TODO BIG IG and [this](https://www.kaggle.com/datasets/altf42600/pentest-screensots)\nhttps://www.akamai.com/blog#HTTP2rs\nhttps://www.jhaddix.com/post/tooltime-2-ssl-certificate-parsers-for-recon\nRecon\nNotify -bulk - workflow to funnel everything to Notify https://youtu.be/v7FMPU3J3Qw?t=3044\nReconFTW Automation - https://youtu.be/v7FMPU3J3Qw?t=2841\nAutomation - what to do with all the subdomains  endpoints you found! https://youtu.be/v7FMPU3J3Qw?t=1864\n\nTools\nhttps://reconshell.com/awesome-bug-bounty-tools/\nhttps://reconshell.com/mobile-hackers-weapons/\nhttps://book.hacktricks.xyz/todo/more-tools\nhttps://github.com/fardeen-ahmed/Bug-bounty-Writeups#-bug-bounty-tools---\nhttps://github.com/vavkamil/awesome-bugbounty-tools#Recon\nImage upload\nhttps://github.com/barrracud4/image-upload-exploits\nhttps://hackbotone.com/blog/essential-recon-tools/\nhttps://github.com/danielthatcher/spydom\nhttps://allciber.com/web-attack-cheat-sheet/\n\nAlias / Snippet / Command Management\nhttps://github.com/nahamsec/recon_profile\nhttps://github.com/hahwul/hack-pet/commit/6405608c856551d241174d8c839c79efdff5153c\nhttps://github.com/hahwul/hack-pet\nhttps://github.com/knqyf263/pet\n\n\nhttps://github.com/anshumanbh/brutesubs\nhttps://github.com/VainlyStrain/Vailyn\n\nRECON\nhttps://gist.github.com/khanjanny/039d7c7d825a866b9020e3945e04ace9\nhttps://github.com/KathanP19/HowToHunt\nhttps://prettyrecon.com/auth/forgot_password/\n\nTweets Dorks\nhttps://twitter.com/hashtag/bugbountytips\nhttps://twitter.com/search?q=%23bugbountytips&amp;cn=ZmxleGlibGVfcmVjcw%3D%3D&amp;refsrc=email\nhttps://twitter.com/ghostlulz1337\n\nhttps://www.google.com/search?client=firefox-b-1-d&amp;q=site%3Agist.github.com+%22dalfox%22+automate\nhttps://gist.github.com/sec99\nhttps://gist.github.com/Bedrovelsen/starred\nhttps://gist.github.com/tranphuoctien/47c1242c8189b42fb4d268c548db4526\nhttps://gist.github.com/GrahamcOfBorg/601b9608c6010d9c82cf0e9535faac4b\nhttps://gist.github.com/babaloveyou\nhttps://www.google.com/search?client=firefox-b-1-d&amp;q=bug+bountny+automation\nhttps://www.reddit.com/r/bugbounty/comments/nkaz32/automation_for_bug_bounty_recon_framework/\nhttps://github.com/dirsoooo/Recon\nhttps://gowthams.gitbook.io/bughunter-handbook/automation\n\n\nCrawlers / Crawling\nhttps://github.com/Echocipher/HackeroneSpider\nxnLinkFinde\nhttps://github.com/spatie/crawler\nhttp://www.robotstxt.org/\nhttps://github.com/BruceDone/awesome-crawler\nhttps://github.com/tijme/not-your-average-web-crawler\nhttps://github.com/ghostlulzhacks/crawler\nhttps://scotthelme.co.uk/top-1-million-analysis-march-2020/\n\nhttps://crawler.ninja/\n\n  \n\n\nSqli\n  https://sapt.medium.com/sqli-on-a-bugcrowd-private-program-17858b57ec61\n  http://sqlninja.sourceforge.net/download.html\n  https://w3af.org/howtos/find-cross-site-scripting-and-sql-injections\n  https://www.securedyou.com/how-to-hack-sql-database-password-cracking/\n  https://www.securedyou.com/download-havij-free-automated-sql-injection-tool/\n\nsqlmap\n  https://h1pmnh.github.io/post/advanced-sqlmap-case-study-1\n\nDefault Credentials \nhttps://github.com/Excloudx6/WebCrack\n  The Open Cloud Vulnerability &amp; Security Issue Database  https://www.cloudvulndb.org/\n  \n  https://github.com/SummitRoute/csp_security_mistakes\n  Default Cred Scanner https://github.com/ztgrace/changeme\n  \n\n  \nFile Upload\nhttps://sm4rty.medium.com/hunting-for-bugs-in-file-upload-feature-c3b364fb01ba\nhttps://github.com/almandin/fuxploider - File upload vulnerability scanner and exploitation tool. \n\n\nMonitor Server Status\nhttps://github.com/sudo-jtcsec/server-status-mon\nhttps://github.com/Excloudx6/server-status_PWN\n\nTmux https://github.com/Excloudx6/clips\n# My Bug Bounty Wiki Page\nhttps://github.com/MrM8BRH/SuperLibrary\nhttps://github.com/zeroc00I/ReconNotes\n   https://gist.github.com/ruevaughn/71c31d7f67b7d105d9f480489e02c906\n\n\nA-Z Sorting in progress\nAwsCli https://aws.plainenglish.io/aws-s3-cli-cheatsheet-9078366fca83\nWelcome to my Bug Bounty Wiki page. It's currently not organized or cleaned up at all though that's a WIP. Originally was where I was dumping links and things I needed to rememnber.\nNews Articles\nhttps://www.bbc.com/news/technology-43581624\n\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=1524\n\nDeserialisation\nDeserialization example &lt;-https://youtu.be/oUAeWhW5b8c?t=1583\nAnother Deserialization example https://youtu.be/eDfGpu3iE4Q?t=266\nhttps://github.com/GerbenJavado/LinkFinder\nhttps://medium.com/@duhroach/how-png-works-f1174e3cc7b7\n\n\nhttps://github.com/beurtschipper/Depix &lt;-- unblur \n\n### A\n\nTwitter\nhttps://mobile.twitter.com/drunkrhin0/status/1344130730947825664\n\n\nhttps://kathmandupost.com/science-technology/2021/04/06/we-dream-to-be-nepal-s-first-billion-dollar-it-company\nhttps://reconwithme.com/\n\nhttps://jaeles-project.github.io/\n\nAPIs\nHuge API Resources list! https://dsopas.github.io/MindAPI/references\nhttps://thexssrat.podia.com/view/courses/free-api-testing-and-securing-guide/923506-api-top-10-videos/2699995-owasp-api-top-10-a0-to-a3\n\nhttps://www.hahwul.com/2019/07/01/easy-security-testing-with-applications-bridge-in-zap/\nhttps://github.com/PortSwigger\n\n### B\nBooks https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/BOOKS.md\nhttps://cheatsheetseries.owasp.org/cheatsheets/Authorization_Testing_Automation_Cheat_Sheet.html\nhttps://guidesmiths.github.io/cybersecurity-handbook/resources\nhttps://guidesmiths.github.io/cybersecurity-handbook/tooling\n\n\nhttps://github.com/1N3/Sn1per/blob/master/modes/normal_webporthttp.sh\nBlogs\nhttps://opsecx.com/index.php/category/blog/\n\n\nUrl FInder\nhttps://www.kitploit.com/2021/08/sigurlfind3r-reconnaissance-tool-it.html\n\n403 Bypasser\nhttps://www.kitploit.com/2021/11/4-zero-3-403401-bypass-methods-bash.html\nhttps://www.kitploit.com/2021/09/403bypasser-automates-techniques-used.html\n\nOauth\n#### Oauth Bug Bounty Cheatheet\nhttps://0xn3va.gitbook.io/cheat-sheets/web-application/oauth-2.0-vulnerabilities\nhttps://anil-pace.medium.com/json-web-tokens-vs-oauth-2-0-85dd0b32057d\n\nEmail\nhttps://www.ibm.com/docs/en/sqsp/32.0?topic=SSBRUQ_32.0.0/com.ibm.resilient.doc/install/resilient_install_defang s.htm\n\nNuclei\nNuclei : A Bug Bounty Tool https://www.youtube.com/watch?v=ZcG8ARatgs0\nhttps://www.reddit.com/r/infosec_daily/comments/lrz9bg/nuclei_tool_review/\nFinding bugs with Nuclei with PinkDraconian (Robbe Van Roey) https://www.youtube.com/watch?v=ewP0xVPW-Pk\n\nNuclei templates\nhttps://github.com/xm1k3/cent &lt;-- manage nuclei tempaltes and ibg list of templateseeeeeeeeeeeeeeeeeee\nhttps://github.com/aboul3la/nuclei-templates\nhttps://github.com/projectdiscovery/nuclei-templates/compare/master...s4e-labs:nuclei-templates:master\nhttps://github.com/projectdiscovery/nuclei-templates/discussions/693\nhttps://nuclei-templates.netlify.app/\n\ncool\nhttps://github.com/nikitastupin/param-miner-doc\n\n\nrxrdxrhttps://platforms.disclose.io/\nhttps://cardanofeed.com/cardano-doubled-the-rewards-for-its-bug-bounty-program-49977.html\nhttps://portswigger.net/daily-swig/bug-bounty-radar-the-latest-bug-bounty-programs-for-march-2022\nhttps://portswigger.net/daily-swig/cloudflare-bug-bounty-program-goes-public-with-3-000-rewards-on-offer\n\n\n### C\n\nFuzzing\nhttps://thugcrowd.com/kiosk/ Badass Fuzzing tools / Resources\nhttps://0xn3va.gitbook.io/cheat-sheets/resources/software/fuzzing\n\nBug Bounty Videos\nMix - webpwnized https://www.youtube.com/watch?v=Y_2JVREtDFk&amp;list=RDCMUCPeJcqbi8v46Adk59plaaXg&amp;start_radio=1\nBreaking Parser Logic: Take Your Path Normalization off and Pop 0days Out! - https://www.youtube.com/watch?v=CIhHpkybYsY&amp;t=2s\nVideos\n  HackTube5 Youtube https://www.youtube.com/channel/UCiiEXWVI8XDV_SbIOYVuKog\n  GynvaelEN https://www.youtube.com/user/GynvaelEN\n  Hacktify https://www.youtube.com/channel/UCS82DNnKOhXHcGKxGzQvNSQ\n  Hack the Box Youtube https://www.youtube.com/channel/UCi67lRCd5qpaHwSXNJisuRQ\n  Hackerone https://www.youtube.com/channel/UCsgzmECky2Q9lQMWzDwMhYw\n  Hackersploit https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q\n  Hacking Simplified https://www.youtube.com/channel/UCARsgS1stRbRgh99E63Q3ng\n  Hacking Simplifed (smaller channel) https://www.youtube.com/channel/UCTIHXPYJ4gT7PBQK9tUmFJA\nhttps://administraitor.video/edition/Hack.lu/2019\n\nhttps://portswigger.net/news\n\nNotify - https://youtu.be/rbr7ZmBI9qs?t=278\n\nhttps://www.youtube.com/watch?v=kbi2KaAzTLg\n\nWhat after Recon? - Sup Subdomains?!\n\n\nDORK\n  https://exposingtheinvisible.org/guides/google-dorking/\nhttps://www.google.com/imgres?imgurl=https%3A%2F%2Fpbs.twimg.com%2Fmedia%2FEf6ELytWAAAswXx%3Fformat%3Djpg%26name%3D4096x4096&amp;imgrefurl=https%3A%2F%2Fmobile.twitter.com%2Fbugbountyrecon&amp;tbnid=pQu57Q5pha2WIM&amp;vet=12ahUKEwixtNqk0vz1AhV0IX0KHWddCpQQMygLegUIARC-AQ..i&amp;docid=NghhHzdXU7Ey8M&amp;w=2480&amp;h=1302&amp;q=Bug%20bounty%20automation%20GitHub&amp;client=firefox-b-1-d&amp;ved=2ahUKEwixtNqk0vz1AhV0IX0KHWddCpQQMygLegUIARC-AQ\nhttps://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt\n\nReporting\nhttps://hacktify.in/bugbounty/ &lt;---- lots of resources for reporting\n\n\n#### Ruby on Rails\nhttps://hackerone.com/reports/904059\nhttps://hackerone.com/reports/1400309\nhttps://github.com/httpvoid/writeups/blob/main/Ruby-deserialization-gadget-on-rails.md\nhttps://bugbountyforum.com/resources/#ruby-on-rails\n\nFree Shodan key and nmap automatin script to search for big f5 ip acve\nhttps://learn.hacktify.in/courses/take/bug-bounty-hunting-and-penetration-testing/lessons/16862042-assets-resources\nhttps://github.com/shifa123/f5BigIPExploit/blob/master/assets\ndnmap\nhttps://github.com/vdjagilev/nmap-formatter\nhttps://www.darknet.org.uk/2016/07/dnmap-distributed-nmap-framework/?utm_source=pocket-ff-recs\nhttps://github.com/alt3kx/CVE-2021-21985_PoC/blob/main/CVE-2021-21985.nse\n# https://github.com/RootUp/PersonalStuff/blob/master/http-vuln-cve-2021-41773.nse\n# https://github.com/RootUp/PersonalStuff/blob/master/http-vuln-cve2020-3452.nse\naquatone - https://gist.github.com/random-robbie/beae1991e9ad139c6168c385d8a31f7d\nhttps://www.tib.eu/en/publishing-archiving/research-data\nhttps://github.com/erbbysam/Hunting-Certificates-And-Servers/blob/master/Hunting%20Certificates%20%26%20Servers.pdf\nBug Bouty Programs\nhttps://cheatsheetseries.owasp.org/cheatsheets/Authorization_Testing_Automation_Cheat_Sheet.html\nhttps://guidesmiths.github.io/cybersecurity-handbook/resources\nhttps://guidesmiths.github.io/cybersecurity-handbook/tooling\n\n\nrxrdxrhttps://platforms.disclose.io/\nhttps://cardanofeed.com/cardano-doubled-the-rewards-for-its-bug-bounty-program-49977.html\nhttps://portswigger.net/daily-swig/bug-bounty-radar-the-latest-bug-bounty-programs-for-march-2022\nhttps://portswigger.net/daily-swig/cloudflare-bug-bounty-program-goes-public-with-3-000-rewards-on-offer\n\nhttps://hackerone.com/alipay?type=team\nhttps://render.alipay.com/p/c/183ecyeztvuo/dana-pay.html\n\nDisclosure Assistance w/ Hackerone https://hackerone.com/disclosure-assistance/disclosure_assistance_requests/new?type=team\n* [Disclose.io - program List Data](https://raw.githubusercontent.com/disclose/diodb/master/program-list.json)\n\nhttps://github.com/detectify/cs-challenge\nhttps://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt\n\nVDP\nDutch Gov - bug bounty scope https://gist.github.com/ruevaughn/f2d1157598a6156c3d51538b3fbd980c\nhttps://www.justice.gov/criminal-ccips/page/file/983996/download\n\"Bug Bounty programs|VDP|launch\" -&gt; Google News etc\n\n\n\n#### J\n\n\n#### L\n\nLabs\n\nLinux\nhttps://linuxsecurity.expert/resources/\n\n#### M\n\nMonitoring\nhttps://github.com/dgtlmoon/changedetection.io Monitor Website Changes\n\n### P\n\n#### Podcasts\nLinks here -&gt; https://blog.intigriti.com/2019/11/12/bug-bytes-44-new-platform-new-programs-and-a-e25k-head-csrf/\nSelfHosted Podcast https://selfhosted.show/60?t=777\n\nPrograms\nhttps://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt\n\n### R\n#### \n#### Reverse Shells\n\n### Rate Limit\n\n\n### T\nTop 10\n\nDNS Hijacking\nhttps://www.cloudflare.com/en-ca/learning/security/global-dns-hijacking-threat/\nhttps://github.com/mdsecresearch/Publications/blob/master/presentations/Offensive%20Development%20-%20Post-Exploitation%20Tradecraft%20in%20an%20EDR%20World%20-%20x33fcon%202020.pdf\n\nIDN Homograph\nhttps://www.akamai.com/blog/security/watch-your-step-the-prevalence-of-idn-homograph-attacks\n\n\n#### Tools\nhttps://www.xmind.net/m/Xy7XEW/# &lt;----- \nhttps://github.com/Excloudx6/PentestTools#exploitation-tools\nhttps://linuxsecurity.expert/security-tools/top-100/\nhttps://intelx.io/tools\nhttps://github.com/nccgroup/ScoutSuite/tree/master/tools\nClean Ips Script\nhttps://gist.github.com/LuD1161/bd4ac4377de548990b47b0af8d03dc78\n### D\nhttps://github.com/nccgroup/tracy\n\n#### Todo\nhetty.xyz\nhttps://www.bugbountyhunting.com/\n    \nhttps://github.com/KingOfBugbounty/KingOfBugBountyTips#scan-log4j-using- -and-log4j-scan\nhttps://medium.com/hacking-info-sec/how-to-install-and-use-bbrf-35f6aa15fbc9\n\nhttps://github.com/Excloudx6/Guide-to-SSRF\nhttps://github.com/alphaSeclab/sec-daily-2020\nhttps://github.com/KathanP19/HowToHunt/blob/master/CheckList/mindmap.png\nhttps://github.com/topics/bugbounty\nhttps://gist.github.com/R0X4R/bc08d55e368965f22c0b41ee8475ba87\nSSRF\nhttps://cheatsheetseries.owasp.org/assets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet_SSRF_Big.pdf\nNmap\nhttps://github.com/killswitch-GUI/PenTesting-Scripts/blob/master/Nmap-Strings\nhttps://www.bugcrowd.com/blog/getting-started-bug-bounty-hunter-methodology/\nhttps://github.com/SmeegeSec/Security_Headers_Nmap_Parser\n\nssh bruting\n A simple multi-threaded distributed SSH brute-forcing tool written in Python  https://github.com/k4yt3x/orbitaldump\nhttps://github.com/d3vilbug/Brutal_SSH\n\nxsshunter\nhttps://github.com/mystech7/xsshunter - duplicate within 15 min check added\n\nhttps://gosecure.github.io/security-cheat-sheet/\n\n\nhttps://twitter.com/e11i0t_4lders0n/status/1489234267687497735\nhttps://snyk.io/log4j-vulnerability-resources/\n\n\n\nhttps://gist.github.com/sminez/571bd7bafb1b88630b85c85a0cd66e3a - grep through this\ntry\nhttps://github.com/arjunshibu/gcmd\n\nhttps://splash.readthedocs.io/en/stable/scripting-tutorial.html#scripting-tutorial\nhttps://github.com/phlmox\n\nRecon\n  https://github.com/Viralmaniar/BigBountyRecon\nhttps://www.kitploit.com/2021/10/webdiscover-purpose-of-this-script-is.html\nhttps://www.cobalt.io/blog/scope-based-recon-smart-recon-tactics\n\nChecklists\nhttps://gist.github.com/jhaddix/6b777fb004768b388fefadf9175982ab\nhttps://github.com/KathanP19/HowToHunt/blob/master/CheckList/Web_Checklist_by_Chintan_Gurjar.pdf\nhttps://blog.assetnote.io/2021/01/13/blind-ssrf-chains/\nhttps://gist.github.com/pdelteil/ba005609789ae14862f023da4191826d\nhttps://github.com/rails/rails/issues/37620\nSUBDOMAIN TAKEOVERS\nhttps://kathan19.gitbook.io/howtohunt/subdomain-takeover/easy_methods\nhttps://www.udemy.com/course/cloud-hacking/learn/lecture/8613164?start=0#overview\nhttps://github.com/indianajson/can-i-take-over-dns\n\n\nhttps://scotthelme.co.uk/top-1-million-analysis-march-2020/\n\nFINISH Watching - https://www.youtube.com/watch?v=12gtkYbMGd4&amp;t=362s\nHARSHBROTHA - https://www.youtube.com/watch?v=UrdvDCb4Gz8\nNOTIFY - https://www.youtube.com/watch?v=rbr7ZmBI9qs\nHandle your data carefully https://www.y\noutube.com/watch?v=rbr7ZmBI9qs\n\nUserAgents\nhttps://github.com/Shaked/user-agents\nhttps://github.com/BbhunterOne/ReconChef/blob/main/recon.sh#L82\n\nScreenshots\nhttps://github.com/spatie/browsershot\n# https://github.com/maaaaz/webscreenshot\nhttps://random-robbie.github.io/bugbounty-scans/\nhttps://buaq.net/go-99375.html\nhttps://stackoverflow.com/questions/5258977/are-http-headers-case-sensitive?rq=1\n\ncheatsheets\nhttps://0xn3va.gitbook.io/cheat-sheets/\nhttps://0xn3va.gitbook.io/cheat-sheets/web-application/http-request-smuggling\n   _   _   _   _   _   _   _   _   _   _  \n  / \\ / \\ / \\ / \\ / \\ / \\ / \\ / \\ / \\ / \\ \n ( F | R | A | M | E | W | O | R | K | S )\n  \\_/ \\_/ \\_/ \\_/ \\_/ \\_/ \\_/ \\_/ \\_/ \\_/ \n\n+ ------ +\n |Articles|\n + ------ +\n\n* E.crack jwt - https://github.com/brendan-rius/c-jwt-cracker\n\nhttps://github.com/SecureAuthCorp/impacket\nNeo4j vs postgres (graphdb)\nhttps://edoverflow.com/2019/ci-knew-there-would-be-bugs-here/\n\nAutomation script \nhttps://www.benteveo.kiwi/blog/automating-bug-bounties\nhttps://github.com/AlexisAhmed/BugBountyToolkit &lt;-- docker \nhttps://gowthams.gitbook.io/bughunter-handbook/automation\n\n\nSecret\nhttps://www.directdefense.com/csrf-in-the-age-of-json/\n\nhttps://buaq.net/go-249.html\n\nIntentionally Vulnerable Github repo\nhttps://github.com/shifa123/githubleak\n\nhttps://wiki.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contentsfff\nhttps://pentestbook.six2dez.com/\nhttps://github.com/m4ll0k\nhttps://github.com/six2dez\nhttps://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter\nhttps://github.com/shifa123\nhttps://www.udemy.com/course/web-application-ethical-hacking/learn/lecture/3305350?start=0#overview\n\n## BugBounty Programs\n---\nhttps://huntr.dev/\nhttps://www.zerodayinitiative.com/\nhttps://greedybucks.medium.com/bug-bounty-programs-beginners-should-try-fe51cebe52a5\nhttps://opensourcelibs.com/lib/google-acquisitions\nhttps://opensourcelibs.com/libs/bugbounty\nList of .gov\n\nTatget crypto https://arlolra.github.io/otr/\nhttps://github.com/cisagov/dotgov-data\n[FireBounty](https://firebounty.com) The Ultimate Vulnerability Disclosure Program. FireBounty, aggregate your bounty.\n[Disclose.io](https://disclose.io/programs/) We're here to make vulnerability disclosure safe, simple, and standardized for everyone.\n[Security Ninja txt valuess list](https://crawler.ninja/files/security-txt-values.txt)\n[Security Ninja Files List](https://crawler.ninja/files/)\n\nhttps://allabouttesting.org/\n\nTodo:\nhttps://boards.greenhouse.io/cobaltio/jobs/4141074002 &lt;--- solve challenge\n\n\nCheatSheets\nhttps://github.com/six2dez/bitup2021_subdominions/blob/main/Cheatsheet.md\n\n\n\n\nAutomated Scanners\n\n* [Zeus-Scanner](https://github.com/Ekultek/Zeus-Scanner)\n* [Dalfox](https://github.com/hahwul/dalfox)\n* [XSSTrike](https://github.com/s0md3v/XSStrike)\n* [SSTI-xssfinder](https://awesomeopensource.com/project/darklotuskdb/SSTI-XSS-Finder?categoryPage=47)\n\n[SSTI-XSS-Finder](https://github.com/darklotuskdb/SSTI-XSS-Finder)\n  * [Learn with @DarkLotusKDB: Recon with Shodan &amp; Spyse,XSS, Bypass OpenRedirects, SSRF, BugBunty Bot!!!](https://www.youtube.com/watch?v=66HqaFCF4Kk)\n  * https://twitter.com/0xJin/status/1470748925963513863\n  * https://twitter.com/0xJin/status/1470748925963513863/photo/1\n\n\nXXE\nhttps://book.hacktricks.xyz/pentesting-web/xxe-xee-xml-external-entity\nhttps://app.intigriti.com/programs/dpgm/libelle/detail\nhttps://web-in-security.blogspot.com/2016/03/xxe-cheat-sheet.html\nhttps://twitter.com/infosec_au/status/1340785029899698181?lang=en\nhttps://web-in-security.blogspot.com/2014/11/detecting-and-exploiting-xxe-in-saml.html\n\nUnderstanding DTD-&lt; https://web-in-security.blogspot.com/2014/11/detecting-and-exploiting-xxe-in-saml.html\n\n\n## Owasp Top 10\n---\nhttps://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/WhatsNew.html\n### Clickjacking\nhttps://lcamtuf.blogspot.com/2011/12/x-frame-options-or-solving-wrong.html\nhttps://blog.innerht.ml/page/2/\nhttps://hackerone.com/reports/8724\n\n### CSRF\n    * https://hackerone.com/reports/44146\n   - 7-19-16 \n     * [CSRF attack on paypal.me](https://www.youtube.com/watch?v=RjS47ojRQXk&amp;t=5s)\n     * https://hethical.io/paypal-bug-bounty-updating-the-paypal-me-profile-picture-without-consent-csrf-attack/\n   - 01-18-15 https://hackerone.com/reports/44146(Make API calls on behalf of another user (CSRF protection bypass))\n### XSS\n\nPaid Services\nhttps://findomain.app/#Pricing\n\n## Resources\n---\n\n\nParams\nConfig override using non-validated query parameter allows at least reflected XSS by injecting configuration into state \nhttps://hackerone.com/reports/1082847\n\nFuzzcon &amp; fuzzung\nhttps://twitter.com/hashtag/hacklu?src=hashtag_click\nhttps://github.com/rmusser01/Infosec_Reference/blob/master/Draft/Fuzzing.md\n\nRecoon \neiIaaefwaaa m\nk\n- https://kathan19.gitbook.io/howtohunt/sensitive-info-leaks/shodan_cve_dorks\n\n[PrettyRecon](https://prettyrecon.com/auth/signup)\n\n### Dorks\nhttps://ask.fm/tags/bounty\n\n### Lists\nhttps://github.com/payloadbox/xss-payload-list\n\nProtips and Trips\nMost of the sites use AWS nowadays...\n  AWS localhost is 169.254.169.2qqqd eede                                   4bs.com/2017/02/wallpaper-penetration-testing-and-exploit-dev-cheatsheet/\n\nhttps://githubhelp.com/topic/bugbountytips\n\n\nGithubs\nhttps://github.com/kleiton0x00?tab=stars\nhttps://github.com/fuzz-security\n\n---\n\n  - [Book of secret knowledge](https://github.com/ruevaughn/the-book-of-secret-knowledge)\n  - [Disclose/diodb](https://github.com/disclose/diodb)\n  -\n\n### Streams\n[Nehamsec Twitch](https://www.twitch.tv/nahamsec)\n\n### Twitter Tweetin'\nhttps://twitter.com/0xMstar/status/1464658472981565444{{\nhttps://twitter.com/0xJin/status/1470748925963513863\n\npodcasts\nhttps://open.spotify.com/episode/2VaH6DgbghMEiaimqdxq4Q\n### Data\n---\nBugcrowd Subdomain Enumeration https://www.youtube.com/watch?v=La3iWKRX-tE\n\n\nCVE-2019-11510 Detail \n/dana-na\n\n## CVE/CVD\n---\n\nCVE [2020-3452](https://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter)xx\n\n- https://vuls.cert.org/confluence/display/CVD/Executive+Summary\n- https://vuls.cert.org/confluence/display/CVD/Sightings\n\n\n\n\n\nhttps://github.com/detectify/cs-challenge\nhttps://github.com/r3curs1v3-pr0xy\n\nhttps://notsosecure.com/resources\nhttps://reconshell.com/bug-bounty-tips/\n\nhttps://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Subdomains%20Enumeration.md\n[Insecure Deserialization Part 1](https://www.youtube.com/watch?v=SNi7gNkfLSM)\n[Insecure Deserialization part 3](https://www.youtube.com/watch?v=icAKHE-iKOs)\n\nhttps://secoceans.com/blog-2/\nhttps://portswigger.net/research\nhttps://portswigger.net/blog\nhttps://portswigger.net/news\nhttps://portswigger.net/daily-swig\n\n\ncourses\nhttps://www.udemy.com/course/penetration-testing-bug-bounty-hunting-level-2-hacktify/\n\n\n\n\nhttps://spongebhav.medium.com/facebook-group-members-disclosure-e53eb83df39e\nhttps://github.com/six2dez/talks/blob/main/Gotta_ENG.pdf\n\n\n\npackets\nhttps://www.kitploit.com/2018/08/polymorph-real-time-network-packet.html\n\n\nAutomation\nhttps://gowthams.gitbook.io/bughunter-handbook/automation\n[Automated subdomain scanning with Findomain, PostgreSQL and Webhooks](https://medium.com/heck-the-packet/automated-subdomain-scanning-with-findomain-postgresql-and-webhooks-3e74ce9b5372)\n\n\n\nhttps://pentestbook.six2dez.com/\nhttps://github.com/m4ll0k\nhttps://github.com/six2dez\nhttps://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter\nhttps://github.com/shifa123\n\nWriteups\n\n\n## BugBounty Programs\n---\n\nhttps://greedybucks.medium.com/bug-bounty-programs-beginners-should-try-fe51cebe52a5\nhttps://opensourcelibs.com/lib/google-acquisitions\nhttps://opensourcelibs.com/libs/bugbounty\nList of .gov\nhttps://github.com/cisagov/dotgov-data\n[FireBounty](https://firebounty.com) The Ultimate Vulnerability Disclosure Program. FireBounty, aggregate your bounty.\n[Disclose.io](https://disclose.io/programs/) We're here to make vulnerability disclosure safe, simple, and standardized for everyone.\n[Security Ninja txt valuess list](https://crawler.ninja/files/security-txt-values.txt)\n[Security Ninja Files List](https://crawler.ninja/files/)\n\nhttps://allabouttesting.org/\n\n\nCheatSheets\nhttps://github.com/six2dez/bitup2021_subdominions/blob/main/Cheatsheet.md\n\n### Z\n\nZap\nhttps://github.com/sepehrdaddev/zap-scripts/fork\nhttps://www.zaproxy.org/authors/thorin/\nhttps://github.com/zaproxy/zap-extensions\n\n\n\nFrameworks\nhttps://core.intrigue.io/\nReconness\nPwnmachine\naxiom\nhttps://www.mandiant.com/\nhttps://trickest.com/\n\n(https://github.com/Findomain/Findomain/releases)\n*   [Configuing Findomain](https://www.youtube.com/watch?v=Wpm2C1LD9ns)\n*   https://github.com/findomain/findomain/blob/master/README.md#subdomains-monitoring\n\nAutomated Scanners\n\n* [Zeus-Scanner](https://github.com/Ekultek/Zeus-Scanner)\n* [Dalfox](https://github.com/hahwul/dalfox)\n* [XSSTrike](https://github.com/s0md3v/XSStrike)\n* [SSTI-xssfinder](https://awesomeopensource.com/project/darklotuskdb/SSTI-XSS-Finder?categoryPage=47)\n\n\n\nhttps://github.com/darklotuskdb/SSTI-XSS-Finder\n  * [Learn with @DarkLotusKDB: Recon with Shodan &amp; Spyse,XSS, Bypass Op enRed irects, SSRF, BugBunty Bot!!!](https://www.youtube.com/watch?v=66HqaFCF4Kk)\n  * https://twitter.com/0xJin/status/1470748925963513863\n  * https://twitter.com/0xJin/status/1470748925963513863/photo/1\n\n\n## Owasp Top 10\n---\n\n### Clickjacking\nhttps://hackerone.com/reports/8724\n\n### CSRF\n    * https://hackerone.com/reports/44146\n   - 7-19-16 \n     * [CSRF attack on paypal.me](https://www.youtube.com/watch?v=RjS47ojRQXk&amp;t=5s)\n     * https://hethical.io/paypal-bug-bounty-updating-the-paypal-me-profile-picture-without-consent-csrf-attack/\n   - 01-18-15 https://hackerone.com/reports/44146(Make API calls on behalf of another user (CSRF protection bypass))\n### XSS\n\nPaid Services\nhttps://findomain.app/#Pricing\n\n## Resources\n---\n[Automated subdomain scanning with Findomain, PostgreSQL and Webhooks](https://medium.com/heck-the-packet/automated-subdomain-scanning-with-findomain-postgresql-and-webhooks-3e74ce9b5372)\n How to view someones IP address and connection speed! https://www.youtube.com/watch?v=SXmv8quf_xM\nRecoon \neiIaaefwaaa m\nk\n- https://kathan19.gitbook.io/howtohunt/sensitive-info-leaks/shodan_cve_dorks\n\n[PrettyRecon](https://prettyrecon.com/auth/signup)\n\n### Dorks\nhttps://ask.fm/tags/bounty\n\n### Lists\nhttps://github.com/payloadbox/xss-payload-list\n\n### Githubs\n---\n\n  - [Book of secret knowledge](https://github.com/ruevaughn/the-book-of-secret-knowledge)\n  - [Disclose/diodb](https://github.com/disclose/diodb)\n  -\n\nActive Directory\nPenttesting Active Directory https://www.xmind.net/m/5dypm8/a\nhttps://adsecurity.org/\n\n### Streams\n[Nehamsec Twitch](https://www.twitch.tv/nahamsec)\nLive Bug Bounty Hunting Speedbiker https://www.youtube.com/watch?v=9W94AKLc5g8\nWatch Live [Current] https://www.youtube.com/c/Ch1R0n1n\n### Twitter Tweetin'\nhttps://twitter.com/samwcyo/status/1529888063576584202\nhttps://twitter.com/sshell_\nhttps://mobile.twitter.com/TechnoTimLive Devops tweets\nhttps://mobile.twitter.com/drunkrhin0/status/1344130729320435712\nhttps://twitter.com/0xMstar/status/1464658472981565444{{\nhttps://twitter.com/0xJin/status/1470748925963513863\n\npodcasts\nhttps://open.spotify.com/episode/2VaH6DgbghMEiaimqdxq4Q\n### Data\n---\n\n* [Disclose.io - program List Data](https://raw.githubusercontent.com/disclose/diodb/master/program-list.json)\n\nCVE-2019-11510 Detail \n/dana-na\n\n## CVE/CVD\n---\n\nCVE [2020-3452](https://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter)xx\n\n- https://vuls.cert.org/confluence/display/CVD/Executive+Summary\n- https://vuls.cert.org/confluence/display/CVD/Sightings\n\n\nhttps://kathan19.gitbook.io/howtohunt/subdomain-takeover/easy_methods\nhttps://opensourcelibs.com/lib/google-acquisitions\n\n\n\nReverse shells\nhttps://github.com/wwkenwong/Pentest-note\n\nhttps://github.com/tehryanx?tab=repositories\nhttps://github.com/sawzeeyy/Sanitiz3r\nhttps://buaq.net/go-249.html\n\n\n\n s\n\n(https://github.com/Findomain/Findomain/releases)\n*   [Configuing Findomain](https://www.youtube.com/watch?v=Wpm2C1LD9ns)\n*   https://github.com/findomain/findomain/blob/master/README.md#subdomains-monitoring\n\n\nhttps://github.com/D35m0nd142/LFISuite\n\nhttps://hub.docker.com/u/secsi\ntips\n\n\n\n\nWig\nhttps://linuxsecurity.expert/tools/wig/\nxxxzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzx\u03a9xxxxxxxxxxx\u2248\u2248\nBlindElephant\nhttps://linuxsecurity.expert/tools/blindelephant/alternatives/\n\n\nhttps://ronak-9889.medium.com/denial-of-service-using-cookie-bombing-55c2d0ef808c\n\nIOT\n                https://www.youtube.com/watch?v=AKoyZLibIeo  ", "creation_timestamp": "2026-07-10T00:21:33.129193Z"}, {"uuid": "4e2b65bf-0ac0-450c-91da-6770ad59a892", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://gist.github.com/morisono/425a7e299afea766050016d117b270da", "content": "                         \u2554\u2566\u2557\u2566 \u2566  \u2554\u2557 \u252c \u252c\u250c\u2500\u2510  \u2554\u2557 \u250c\u2500\u2510\u252c \u252c\u250c\u2510\u250c\u252c\u2510\u252c \u252c  \u2566\u2550\u2557\u250c\u2500\u2510\u250c\u2500\u2510\u250c\u2500\u2510\u252c \u252c\u252c\u2500\u2510\u250c\u2500\u2510\u250c\u2500\u2510\u250c\u2500\u2510\n                         \u2551\u2551\u2551\u255a\u2566\u255d  \u2560\u2569\u2557\u2502 \u2502\u2502 \u252c  \u2560\u2569\u2557\u2502 \u2502\u2502 \u2502\u2502\u2502\u2502\u2502 \u2514\u252c\u2518  \u2560\u2566\u255d\u251c\u2524 \u2514\u2500\u2510\u2502 \u2502\u2502 \u2502\u251c\u252c\u2518\u2502  \u251c\u2524 \u2514\u2500\u2510\n                         \u2569 \u2569 \u2569   \u255a\u2550\u255d\u2514\u2500\u2518\u2514\u2500\u2518  \u255a\u2550\u255d\u2514\u2500\u2518\u2514\u2500\u2518\u2518\u2514\u2518\u2534  \u2534   \u2569\u255a\u2550\u2514\u2500\u2518\u2514\u2500\u2518\u2514\u2500\u2518\u2514\u2500\u2518\u2534\u2514\u2500\u2514\u2500\u2518\u2514\u2500\u2518\u2514\u2500\u2518\n                                          \n                                           //\n                              ()==========&gt;&gt;======================================--\n                                           \\\\\n\n\n2FA Bypass\n  2fa bypass Mindmap https://www.mindmeister.com/1736437018?t=SEeZOmvt01 \n  2fa Bypass Methods https://workbook.securityboat.in/resources/web-app-pentest/business-logic-vulnerabilities/2fa-bypass\n\nAccount Takeovers\n  https://medium.com/@bathinivijaysimhareddy/tale-of-account-takeovers-part-2-9abf62de4ca3\n  https://kathan19.gitbook.io/howtohunt/subdomain-takeover/easy_methods\n\nAdminPanelFinder\n  \nadminphpfinder\nhttps://linux\nsecurity.expert/tools/admin-page-finder-php/\nAPI Security\n  https://www.cloudflare.com/learning/security/api/owasp-api-security-top-10/\n  Shadowe apis https://www.cloudflare.com/learning/access-management/what-is-shadow-it/\n  \nApi Keys\n  https://github.com/lanmaster53/recon-ng-marketplace/wiki/API-Keys\n\nAPI Hacking \nhttps://github.com/microsoft/restler-fuzzer\nhttps://github.com/hAPI-hacker/Hacking-APIs/fork\n\nAmass\n  https://securityweekly.com/wp-content/uploads/2021/05/AmassTechSegment-0.pdf\n\nAmass Scripting\\\nhttps://github.com/OWASP/Amass/tree/master/resources/scripts\nhttps://github.com/OWASP/Amass/blob/master/doc/scripting.md\namass scripting https://youtu.be/H1wdBgY1rtg?t=4987\n\n  Bug Bounty for Beginners Stream#4:AMASS, Subfinder, FFUF  https://www.youtube.com/watch?v=27zMfcr2fPE\n  https://hackbotone.com/blog/amass-osint-reconnaissance-tool/ \n  https://hakluke.medium.com/haklukes-guide-to-amass-how-to-use-amass-more-effectively-for-bug-bounties-7c37570b83f7\n  https://securityonline.info/amass-subdomain-enumeration/\n  https://github.com/OWASP/Amass/releases\n\nhttps://twitter.com/jeff_foley\n\nhttps://github.com/OWASP/Amass/blob/master/doc/scripting.md\nhttps://github.com/OWASP/Amass\nhttps://gist.github.com/sillydadddy/b1726c8e8ce281d55b82d4e2a1a610e8\nhttps://twitter.com/dokkillo/status/1305566849514471424\nhttps://github.com/PatrikFehrenbach/amass-tools/blob/master/assetfinder.ads\nhttps://github.com/OWASP/Amass#top-mentions\namass enum script command https://youtu.be/H1wdBgY1rtg?t=5408\nExample of api key configuration https://www.hahwul.com/2020/09/23/amass-go-deep-in-the-sea-with-free-apis/#chaos\n[31:33 / 1:56:06]\n[How to Use Amass Efficiently by @jeff_foley #NahamCon2020](https://youtu.be/H1wdBgY1rtg?t=1974)\n[OWASP AMass Boot Camp by Jeff Foley (Caffix)](https://www.youtube.com/watch?v=OOurkCPf2-I) \nAmass Tutorial https://github.com/OWASP/Amass/blob/master/doc/tutorial.md\nhttps://github.com/vortexau/dnsvalidator\nhttps://twitter.com/owaspamass\n\nAndroid\n  https://github.com/dzmitry-savitski/android-pentest-tool\n\nAngularJS\n  https://github.com/snoopysecurity/Public/blob/master/Old%20Presentations/MWRICON%202018/README.md\n  \nAuthentication Bypass Vulnerabilities\n\nAscii \n  https://github.com/heldersepu/hs-scripts/blob/master/ascii.txt\nAsset Monitoring  \n  https://github.com/ruevaughn/assetnote\n  https://github.com/yeswehack/pwn-machine\n  https://github.com/robre/jsmon\n\nAPI Hacking\n  https://github.com/Excloudx6/31-days-of-API-Security-Tips\n  https://gist.github.com/ruevaughn/51048bccdc753596443eca95cbf39356\n  https://apexvicky.medium.com/top-10-api-bugs-where-to-find-them-5dac338b3d73\n  https://attacker-codeninja.github.io/2021-08-28-Hacking-APIs-notes-from-bug-bounty-bootcamp/\n  https://dfir.blog/unfurl/\n  https://www.slideshare.net/programmableweb/why-api-security-is-more-complicated-than-you-think-and-why-its-your-1-priority\n  \nAmazon Cognito\nhttps://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html\nhttps://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/CommonParameters.html\n  https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-dg.pdf \n  https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html\n  https://github.com/RhinoSecurityLabs/Security-Research/blob/master/tools/aws-pentest-tools/iam_user_enum/default-word-list.txt\n\nBlockchain\n  https://hash.ai/@b/uniswap\n  https://medium.com/immunefi/hacking-the-blockchain-an-ultimate-guide-4f34b33c6e8b\n  https://github.com/ruby/webrick/blob/master/lib/webrick/httprequest.rb }9\n  https://twitter.com/0xAsm0d3us/status/1438149310080712709 cdC\n\n\nBlogs\n  https://respectxss.blogspot.com/\n\nBrowsers\n  Save multiple pages as a single html page https://github.com/gildas-lormeau/SingleFile\n  https://bughacking.com/best-browsers-for-hackers/\n  https://hackaday.com/2022/01/17/hack-the-web-without-a-browser/\n  https://woob.tech/\n  https://github.com/moonD4rk/HackBrowserData\n  https://resources.infosecinstitute.com/topic/ethical-hacking-top-10-browser-extensions-for-hacking/\n  https://github.com/Excloudx6/browser-compat-data\n  https://httpwg.org/specs/rfc7230.html#header.transfer-encoding\n  https://developer.mozilla.org/en-US/docs/Glossary/Forbidden_header_name\n  https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Length\n  https://stackoverflow.com/questions/978061/http-get-with-request-body?rq=1\n  https://datatracker.ietf.org/doc/html/rfc7230\n  https://groups.yahoo.com/neo/groups/rest-discuss/conversations/messages/9962\n  https://www.ietf.org/rfc/rfc2119.txt\n  https://www.elastic.co/guide/en/elasticsearch/guide/current/_empty_search.html\n  https://www.concise-courses.com/hacking-tools/web-browser-related-tools/\n  \nEthereum Hacking\nhttps://github.com/NafisiAslH/KnowledgeSharing\nhttps://github.com/SecurityInnovation/Smart-Contract-CTF\n https://twitter.com/CyberWarship/sta tus/1533710785914056705\n https://github.com/heldersepu/hs-scripts/blob/master/NodeJS/web3/VestingERC20.js\n \nBroken Access Control - https://cwe.mitre.org/data/definitions/1345.html\nBusines Logic\nhttps://shahmeeramir.com/breaking-the-web-with-logics-ce22e8a9c4e2\nBrowser Extensions - Chrome\n  Collusion - https://chrome.google.com/webstore/search/collusion\n  DotGit - https://chrome.google.com/webstore/detail/dotgit/pampamgoihgcedonnphgehgondkhikel?hl=en\n  Trufflehog https://chrome.google.com/webstore/detail/trufflehog/bafhdnhjnlcdbjcdcnafhdcphhnfnhjc\n  Tracy - https://github.com/nccgroup/tracy/wiki/Example-Workflows\n  \nBrowser Extensions - Firefox\n  Cookie Editor - https://addons.mozilla.org/en-US/firefox/addon/cookie-editor/\n  Bulk URL Opener - https://addons.mozilla.org/en-GB/firefox/addon/bulkurlopener/\n  Hacktoolshttps://addons.mozilla.org/en-US/firefox/addon/hacktools/\n  Tracy https://github.com/nccgroup/tracy/wiki/Example-Workflows\n\nBug Bounty Programs\n  https://blog.bugzero.io/bug-zero-is-going-to-pay-your-security-bill-for-2022-4b6396e2ee48\n  Bulk Load Programs https://gist.github.com/brevityinmotion/b86f7475d4cd2790003326a4d3a528ba\n  Google Acquisitions   https://opensourcelibs.com/lib/google-acquisitions\n  https://github.com/The-Art-of-Hacking/h4cker/tree/master/bug-bounties#bug-bounty-platforms\n  Discovery Header DoD - https://github.com/KingOfBugbounty/Discovery-Header-Bug-Bounty\n  King Recon DoD - https://github.com/KingOfBugbounty/KingRecon_DOD\n  Bentley Bug Bounty Program - https://www.bentley.com/en/products\n  https://lostsoulofawolf.medium.com/bug-bounty-how-to-get-private-invites-60062a5d0809\n  https://github.com/Hack-with-Github\n  Shopify\n    https://www.hulkapps.com/\n  BBP (Bug Bounty Programs!)\n  https://github.com/Excloudx6/KingRecon_DOD\n  https://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt\n  https://jsfiddle.net/ruevaughn/2mnq5vgf/9/\n  https://github.com/detectify/cs-challenge\n  https://github.com/projectdiscovery/public-bugbounty-programs\n  https://app.intigriti.com/programs/redbull/redbull/detailhttps://gist.github.com/ruevaughn/a365c7100f8dce26e550e2e3e239e138\n  https://huntr.dev/\n  https://gist.github.com/ruevaughn/a365c7100f8dce26e550e2e3e239e138\n  https://support.google.com/websearch/answer/2466433?hl=en\n  Dutch Gov - bug bounty scope https://gist.github.com/ruevaughn/f2d1157598a6156c3d51538b3fbd980c\n  https://gist.github.com/haxcited/e684df7f9ec210867d25f7ccac22c1d5\n  https://github.com/B3nac/Android-Reports-and-Resources\n  https://hackerone.com/alipay?type=team\n  https://render.alipay.com/p/c/183ecyeztvuo/dana-pay.html\n  https://github.com/The-Art-of-Hacking/h4cker  \n  Disclosure Assistance w/ Hackerone https://hackerone.com/disclosure-assistance/disclosure_assistance_requests/new?type=team\n  Disclose.io - program List Data](https://raw.githubusercontent.com/disclose/diodb/master/program-list.json)\n  Open Bug Bounty - openbugbounty.com\n\nBurp Collaborator ALternatives\n  https://github.com/anshumanbh/terraform-burp-collaborator\nhttps://honoki.net/2021/07/11/wilson-cloud-respwnder/\n  https://github.com/honoki/wilson-cloud-respwnder\n  Interactsh\n    https://github.com/4ARMED/interactsh\nBlogs\n  https://www.veracode.com/blog?utm_source=lpFooter&amp;utm_medium=Website\n  http://10degres.net/posts/\n  https://www.secureideas.com/blog\n  \nBrute Forcing\n  Brutesubs\n    https://github.com/anshumanbh/brutesubs\n      https://github.com/anshumanbh/brutesubs/compare/master...exploitprotocol:brutesubs:master\n      https://github.com/APTreat/brutesubs\n      https://github.com/janmasarik/brutesubs\n      https://github.com/RyanLongVA/brutesubs\n     \nChaining Vulnerabilites\n   2022-style OAuth account takeover on Facebook - $45,000 bug bounty  https://www.youtube.com/watch?v=pk7oYuz4x0Q\n  \nCertificate Transparancy\nhttps://github.com/anshumanbh/terraform-burp-collaborator#using-a-proper-tls-certificate/\nhttps://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.12\n   Attack Surface Management Series - EP1 - Certificate Transparency (In under 10 mins) - https://www.youtube.com/ watch?v=MGQ1GqmixY0\n\nCanaryTokens\nhttps://canarytokens.org/generate\n\nCerticiates\n  https://github.com/Echocipher/HackeroneSpider\nChecklists\n\nCheatsheet\nhttps://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet\nhttps://github.com/dgtlmoon/changedetection.io\n#### CVE\n\nCode Review\nhttps://www.youtube.com/watch?v=q5NqY2RRLj0\nhttps://www.youtube.com/watch?v=bfLQjZmD5jY&amp;feature=youtu.be\n\nCookie \nCSRF Tokens\n  https://www.veracode.com/security/csrf-token\n  \nCors\n  csors https://chawdamrunal.medium.com/insecure-cors-configuration-808437d7cfd7\n  python cors_scan.py -u example.com -p http://127.0.0.1:8080 # To use socks5 proxy, install PySocks with pip install \n  https://jakearchibald.com/2021/cors/playground/\n  \nCSP https://www.keycdn.com/support/content-security-policy  \nhttps://www.bloggersideas.com/cspisawesome/\nhttps://content-security-policy.com/\n\nCourses \n  https://web.stanford.edu/class/cs253/\n  Nehamsec Udemy Course https://www.udemy.com/course/intro-to-bug-bounty-by-nahamsec/\n  \nCharacter Encodings\nhttps://stat545.com/character-encoding.html\n\nCharles Proxy\n  Use Charles Proxy to Reverse Engiener an IOS App https://www.youtube.com/watch?v=cvvPLlP4518&amp;feature=emb_logo\n\nChecklists \n  https://pentestbook.six2dez.com/others/web-checklist\n  https://github.com/zactly/handouts/blob/master/generic_checks.md\n  https://linuxsecurity.expert/checklists/\n  https://apexvicky.medium.com/bug-bounty-methodology-web-vulnerabilities-checklist-86175dd29987\n  https://github.com/zactly/handouts/blob/master/example_template.md\n  https://github.com/zactly/handouts/blob/master/conferences/locomocosec22/notes.md \n  https://github.com/AnLoMinus/Bug-Bounty/tree/main/Checklist/Web%20App\n  https://github.com/security-checklist/php-security-check-list\n  https://apexvicky.medium.com/bug-bounty-methodology-web-vulnerabilities-checklist-86175dd29987\n\nCheckout \n  https://0day.hu/\n\nCheatsheets\n  https://pentester.land/cheatsheets\n  https://pentester.land/cheatsheets/2019/03/25/compilation-of-recon-workflows.html\n  https://pentester.land/cheatsheets/2019/04/15/recon-resources.html\n  https://pentester.land/cheatsheets/2018/11/02/open-redirect-cheatsheet.html\n  \n  https://securityzines.com/#comics \n  https://github.com/EdOverflow/bugbounty-cheatsheet\n  https://m0chan.github.io/2019/12/17/Bug-Bounty-Cheetsheet.html\n  \nCloud Hacking \n  https://github.com/janmasarik/generate-bucketnames\n  https://github.com/janmasarik/GCPBucketBrute\n  https://github.com/avicoder/notes/tree/master/Cloud\n  https://github.com/avicoder/notes\n  Pwned Cloud Society pdf https://www.slideshare.net/BryceKunz/pwned-cloud-society-bsidesslc-2017?from_action=save\n  Cloud Hacking  https://www.youtube.com/watch?v=ITSZ8743MUk\n  https://www.cloudvulndb.org/\nhttps://github.com/jordanpotti/CloudScraper \nhttps://github.com/appsecco/spaces-finder\n\nCode Review\n  https://raw.githubusercontent.com/zactly/handouts/master/Practical%20Secure%20Code%20Review%20-%20Whitepaper.pdf\n\nCodeql\n\nCookies\n  https://datatracker.ietf.org/doc/html/rfc6265#section-5.3w\n  https://github.com/jshttp/cookie\n\nCryptography\n  http://www.math.sci.hiroshima-u.ac.jp/m-mat/MT/ARTICLES/earticles.html#sfmt\n\nCTFs\nhttps://github.com/SecurityInnovation/Smart-Contract-CTF\n  Stripe ctf https://gist.github.com/evandrix/1901352\n  \nCWE \n  CWE-548: Exposure of Information Through Directory Listing -  https://cwe.mitre.org/data/definitions/548.html\n\n  Default creds \n    https://github.com/Viralmaniar/Passhunt\nDirectory Listing\n  Konan branch ofDeepsearch  https://github.com/rkreddypandu/Konan\n  deepsearch https://github.com/prosecurity/DeepSearch\n  Dirb  https://techyrick.com/dirb/\n  http://www.tecapi.com/public/rvr-view-attack-vector-gui.jsp?antiCsrfToken=null&amp;attackVectorId=254 \n  http://projects.webappsec.org/w/page/13246922/Directory%20Indexing\n\nDjango \n  https://blog.sonarsource.com/disclosing-information-with-a-side-channel-in-django/?utm_source=twitter&amp;utm_medium=social&amp;utm_campaign=djangodictsort&amp;utm_content=security&amp;utm_term=mofu\n  \ndns Rebinding \n  https://bugs.chromium.org/p/project-zero/issues/detail?id=1524\n  https://portswigger.net/research/so-you-want-to-be-a-web-security-researcher#forgottenknowledge\n\nDorks\n  https://github.com/random-robbie/bugbountydork/fork\n  Aline - Dork Automator CLI - https://github.com/ferreiraklet/Aline\n  Brtwitter dork: https://mobile.twitter.com/i/events/1417062625997991936\n  https://www.infosecmatter.com/bug-bounty-tips-1/#5-top-25-open-redirect-dorks\n  Shifa123 BugBounty Dorks https://github.com/shifa123/bugbountyDorks/blob/master/bbdorks\n  Goop https://github.com/s0md3v/goop\n  Go-Dork \n    https://github.com/dwisiswant0/go-dork\n    https://github.com/dwisiswant0/go-dork/compare/master...babaloveyou:go-dork:master\n  https://bxmbn.medium.com/ultimate-tips-and-tricks-to-find-more-cross-site-scripting-vulnerabilities-d2913765e2d5\n  Open Bug Bounty Targets https://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt\n  uDork https://github.com/m3n0sd0n4ld/uDork\n  \nffuf\n  How to Ffuf https://www.bugcrowd.com/blog/how-to-ffuf-with-codingo/\n  How to use ffuf - Hacker Toolbox https://www.youtube.com/watch?v=aN3Nayvd7FU\n  Fuzzing / FFUF -&gt; 5-30-22 Nehamssec stream covered fuzzing A LOT https://www.twitch.tv/videos/1312499916\n  Protips ffuf - tips and tricks https://www.youtube.com/watch?v=uwcRBSUl8e4&amp;t=358s\n  Late to the party, or, in other words massive web enumeration using ffuf. http://0entropy.blogspot.com/2020/05/late-to-party-or-in-other-words-massive.html\n  https://gowthams.gitbook.io/bughunter-handbook/fuzzing-fuff\n  https://0xmahmoudjo0.medium.com/how-i-found-multiple-sql-injection-with-ffuf-and-sqlmap-in-a-few-minutes-9c3bb3780e8f\n \n Fingerprinting\n   Fingerpint JS https://github.com/fingerprintjs/fingerprintjs\n   Whatweb\n   Wappalyze\n   Webanalyze\n   \nFrameworks\n  axiom \n    https://github.com/pry0cc/axiom\n    https://github.com/pry0cc/axiom/blob/master/images/provisioners/default.json\n  BBRF Client - https://github.com/honoki/bbrf-client\n  BugBounty Toolkit - Hackersploit Framework - https://github.com/AlexisAhmed/BugBountyToolkit\n  Findomain https://github.com/Findomain/Findomain\n  Hive https://hexway.io/blog/new-update-hive/\n  Intrigue \n    https://core.intrigue.io/\n    https://core.intrigue.io/getting-started/\n  LazyRecon - https://github.com/nahamsec/lazyrecon\n  Mandiant - Web GUI Take decisive action with industry-leading intelligence  https://www.mandiant.com\n  MooseDojo - apt2 - Pentesters Framework nmap centered \n    apt2 https://buaq.net/go-249.html  \n    apt2 MooseDojo/apt2: automated penetration toolkit   \n\n  Nerve \n    https://github.com/PaytmLabs/nerve\n  Osmedeus \n    https://docs.osmedeus.org/workflow/default-workflow/\n    https://github.com/j3ssie/osmedeus \n    https://xploitlab.com/osmedeus-the-most-complete-reconnaissance-tool-and-vulnerability-scanning/\n    https://docs.osmedeus.org/web-ui/ \n    https://github.com/osmedeus/osmedeus-workflow/blob/main/general/subdomain.yaml \n    https://discord.com/invite/mtQG2FQsYA \n    https://docs.osmedeus.org/installation/practical-usage\n    https://docs.osmedeus.org/workflow/\n  Pwn Machine https://github.com/yeswehack/pwn-machine  \n  \n  ReconFTW - https://github.com/six2dez/reconftw\n  Recon NG\n    https://github.com/anshumanbh/domain\n    https://raw.githubusercontent.com/anshumanbh/domain/master/enumall.py\n    Github https://github.com/lanmaster53/recon-ng \n    Welcome to the Recon-ng Marketplace https://github.com/lanmaster53/recon-ng-marketplace\n    API Key list   https://github.com/lanmaster53/recon-ng-marketplace/wiki/API-Keys\n    Setup script for Regon-ng  and altdns https://github.com/jhaddix/domain\n  Reconness - https://github.com/reconness/reconness\n  Rengine - \n    https://github.com/yogeshojha/rengine\n    https://github.com/yogeshojha/rengine/commit/cf30e98e0440424019cb2cad600892ce405f850e\n    Default Config Engine Yaml file https://raw.githubusercontent.com/yogeshojha/rengine/master/default_yaml_config.yaml\n  Sniper - https://github.com/1N3/Sn1per\n  TIDoS Framework https://github.com/0xInfection/TIDoS-Framework\n  Trickest https://www.youtube.com/watch?v=fXwWinE0sSg\n  Vajra - https://github.com/r3curs1v3-pr0xy/vajra\n  WebhackerWeapons https://github.com/hahwul/WebHackersWeapons\n\nFreq\n  Removes unnecesary output and only outputs happy (for us) path https://github.com/takshal/freq/compare/main...dmonteirosouza:freq:main\n  Fork by Realgoose. Adds a User-Agent bxss as well as robots.txt sprayer check https://github.com/takshal/freq/compare/main...RealGoose:freq:main\n  Removed unnecesary output https://github.com/takshal/freq/compare/main...dmonteirosouza:freq:main\n  Fork by kg11102 KaioGomes. Adds User-Agent firefox and Referrer Header check. Changes alert check. Ignored expired SSL Cert (Probably to skip errors) https://github.com/takshal/freq/compare/main...kg1102:freq:main\n  \n  \nGatsby\nhttps://www.gatsbyjs.com/docs/conceptual/security-in-gatsby/#key-security\nhttps://www.gatsbyjs.com/blog/2019-04-06-security-for-modern-web-frameworks/\n\nGit/Source Code Secret Finding\nhttps://github.com/auth0/repo-supervisor\nhttps://blog.gitleaks.io/finding-secrets-with-regular-expressions-d90493bb3784\n  https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning \n  https://github.com/takshal/Git-Finder \n  https://tillsongalloway.com/finding-sensitive-information-on-github/\n  https://secapps.com/tutorials/github-gist-recon\n  http://10degres.net/github-tools-collection/\n  https:// docs.github.com/en/rest/search\n  git-all-secrets\n    https://github.com/mhmdiaa/git-all-secrets\n    https://github.com/anshumanbh/git-all-secrets\n  https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_04B-3_Meli_paper.pdf\n  https://github.com/koto/gitpillage\n  https://github.com/hisxo/gitGraber\n  https://github.com/gwen001/github-search\n  https://github.com/darkseed/gitpillage\n  Tools to Get sensitive info / secrets from https://twitter.com/soaj1664ashar/status/1176769454035939328\n  https://github.com/trufflesecurity/trufflehog\n  Why Exposed API Keys and Sensitive Data are Growing Cause for Concern https://www.programmableweb.com/news/why-exposed-api-keys-and-sensitive-data-are-growing-cause-concern/analysis/2015/01/05\n  Secret Hunting - Google Dorks, Git Dorks, Employee OSINT, etc\n  https://gist.github.com/markofu/549fbd287edf08c38e869dacc740e49de\n  https://github.com/aquasecurity/cloudsploit  \n  Trufflehog https://www.youtube.com/watch?v=aioheMi1Wko\n  https://sapt.medium.com/perform-information-gathering-using-following-tools-on-the-given-targets-cyber-sapiens-internship-12c858166008\n  +Github Wiki Auditor https://www.smeegesec.com/2019/03/auditing-github-repo-wikis-for-fun-and.html\n  https://github.com/SmeegeSec/GitHub-Wiki-Auditor \n  https://www.kitploit.com/2022/04/gitbleedtools-for-extracting-data-from.html\n  https://github.com/phlmox/jslinkfinderv2\n  https://exposingtheinvisible.org/guides/google-dorking/ &lt;---- huge dorking guide!\n  https://github.com/phlmox/bingdork\n  \n  Git-Secrets\n   Adds supports for scanning aws, gcp, ads a gf regex pattern,   https://github.com/awslabs/git-secrets/compare/master...deshpandetanmay:git-secrets:master\n  Adds support for scaning entire drive, concept of install.uninstall, a global config file and a regex patterns file (nice!) https://github.com/awslabs/git-secrets/compare/master...dbrs:git-secrets:master\n  He adds one pattern to replace all the previous ones, and it adds a curl request. Other various changes. https://github.com/awslabs/git-secrets/compare/master...konakonall:git-secrets:master\n  \n  \n  https://github.com/toniblyx/my-arsenal-of-aws-security-tools\n  https://techvomit.net/aws-security/\n  https://github.com/gwen001/s3-bucketsdfinder.git\n  https://github.com/janmasarik/bucketsperm\n  https://github.com/phlmox/gdork\n  https://github.com/lc/secretz\n   https://github.com/kevthehermit/PasteHunter\n\ngitdump (TODO Take Notes and Implement from John Hammon Stream)\nhttps://github.com/topics/crawl?o=desc&amp;s=updated\n\nGraphql\n  https://github.com/IvanGoncharov/graphql-voyager\n  https://github.com/Escape-Technologies/graphinder\n  https://github.com/gsmith257-cyber/GraphCrawler\n  Learn Graphql https://www.gatsbyjs.com/docs/conceptual/graphql-concepts/\n  That single GraphQL issue that you keep missing https://blog.doyensec.com/2021/05/20/graphql-csrf.html\n  https://blog.assetnote.io/2021/08/29/exploiting-graphql/\n  https://twitter.com/holybugx/status/1441460070387261440?s=21\n  https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/GraphQL%20Injection\n  https://www.programmableweb.com/news/what-graphql-and-how-did-it-evolve-rest-and-other-api-technologies/analysis/2019/07/31\n  https://github.com/KathanP19/HowToHunt/blob/master/GraphQL/GraphQL.md\n  https://swizec.com/blog/reverse-engineer-a-graphql-api-to-automate-love-notes-codewithswiz-24/\n  https://www.youtube.com/watch?v=cvvPLlP4518&amp;feature=emb_logo\n  Graphwoof https://github.com/dolevf/graphw00f\n  Graphql Voyager https://ivangoncharov.github.io/graphql-voyager/\n  inQL graphql Burp Extension for burp [here](https://youtu.be/5qSq1S2sRC8?t=753)\n  \nGithubs \n    https://github.com/bbhunter\n\nHandson / Demos\nhttps://github.com/yandex/securitygym\n  aws test challenge http://flaws.cloud/\n  ABUH! https://darkrebel.net/metarget-framework-providing-automatic-consctions-of-vulnerable-infrastructures | metarget appv install dvwa | metarget install  cve-2021-2312\n  xss jigsaw - https://blog.innerht.ml/page/2/\n  https://google-gruyere.appspot.com/\n  https://hackxor.net/\n  https://github.com/takshal/FOR-FUN\n  Vulnrable Task Manger app https://github.com/redpointsec/vtm\nHacking Tools\n  https://reqbin.com\n  https://gist.github.com/bgoonz/524b4ea887b216b810d16429265a34a3\nHTTP\n  HTTP Pipelining in burp https://youtu.be/boHIjDHGmIo?t=204)\n\nHTTP Parameer Pollution \n  HPP  https://www.youtube.com/watch?v=QVZBl8yxVX0&amp;t=13s\n  \nHTTP Request Smuggling\n\nHTTP Security Headers https://blog.detectify.com/2019/02/05/guide-http-security-headers-for-better-web-browser-security/\nHTTP HEader Smuggling https://github.security.telekom.com/2020/05/smuggling-http-headers-through-reverse-proxies.html\nhttp headers  https://www.ibm.com/docs/en/ibm-mq/7.5?topic=headers-content-type-http-entity-header\n   \nRequest Smuggling\nhttps://github.com/ruevaughn/websocket-connection-smuggler\nhttps://portswigger.net/daily-swig/how-to-perform-an-http-header-smuggling-attack-through-a-reverse-proxy\nhttps://twitter.com/albinowax/status/1263122811683553283\nNote: kitploit guys is the hackbogtone guy\nhttps://www.kitploit.com/2021/08/http-request-smuggling-http-request.html\nhttps://hackbotone.com/blog/http-request-smuggling-detection-tool/\nhttps://www.youtube.com/watch?v=mijOcGLneLU&amp;t=303.658823s\n  Defparam Variant      - https://gist.github.com/defparam/840f7d9e31f77b3c5460c5921e0787ef/revisions\n  bbhunter mutations    - https://gist.github.com/bbhunter\n HTTP Request Smuggling - https://gist.github.com/ruevaughn/9c76260b412446f33b647c970bbb1001)\n\nHTTP Request Smuggling Tools\n  https://github.com/Sh1Yo/request_smuggler\n  \nIDOR\n  https://medium.com/pentesternepal/access-control-worth-2000-everyone-missed-this-idor-access-control-between-two-admins-9745eaf15d21\n  \nISS=\n\niis https://www.rapid7.com/db/vulnerabilities/spider-asp-dot-net-trace-axd/\n\n\nIos\n  https://medium.com/pentesternepal/access-control-worth-2000-everyone-missed-this-idor-access-control-between-two-admins-9745eaf15d21\n  https://havoc.app/package/crane\n  \n\nInsecure Deserialisation\nInsecure Deserialisation https://www.youtube.com/watch?v=SNi7gNkfLSM\n\nIP (INternet Protocol) https://youtu.be/C7CpfL1p6y0?t=320 \n                        \n\nJavascript\n  \ud83d\udd75\ufe0f Pinkerton is an JavaScript file crawler and secret finder developed in Python  https://github.com/oppsec/Pinkerton\n  Looking through javascript files live hacking https://youtu.be/xx5fF7i-dCQ?t=2582\n  https://www.bugbountyhunter.com/guides/?type=javascript_files\n  JAVASCRIPTRECON.md https://gist.github.com/m4ll0k/31ce0505270e0a022410a50c8b6311ff\n  https://portswigger.net/research/dom-based-angularjs-sandbox-escapes\n  Javascript for hackers https://www.youtube.com/watch?v=FTeE3OrTNoA\n  https://legallybreaking.com/discussion/88/full-featured-javascript-recon-automation-jsfscan-sh\n  https://labs.detectify.com/2016/12/08/the-pitfalls-of-postmessage/  \n  Javascript Enumeration https://www.youtube.com/watch?v=IsSWbVHk11M\n  https://cheatsheetseries.owasp.org/cheatsheets/Third_Party_Javascript_Management_Cheat_Sheet.html\n  unminifier http://dean.edwards.name/my/\n\n\n  https://github.com/robre/scripthunter\n\nJSON Attacks - JSON https://www.youtube.com/watch?v=oUAeWhW5b8c\n\nJWT\n  https://gist.github.com/ruevaughn/328067fadf926ddb788f98cd0d2d1a71 Crack JWT\n  https://medium.com/redteam/stealing-jwts-in-localstorage-via-xss-6048d91378a0\n  Security Weekly Unlocked: https://www.youtube.com/playlist?list=PLlPkFwQHxYE7nQtKNzjnsVyoSOu2K4l9e\n  https://anil-pace.medium.com/json-web-tokens-vs-oauth-2-0-85dd0b32057d\n  https://www.youtube.com/watch?v=muYmiEtPL8U JWT with bbking\n  JWT Traversal https://github.com/MoisesTapia/JwtTransversal\n\nMd5 \n  https://github.com/juuso/BozoCrack\n  \nMeg\n  https://github.com/blackhatethicalhacking/meg/compare/master...tomnomnom:meg:master\n  https://github.com/tomnomnom/meg/compare/master...3lpsy:megurl:master\n  https://github.com/tomnomnom/meg/compare/master...Cgboal:meg:master\n  https://github.com/tomnomnom/meg/compare/master...1ndianl33t:meg:master\n  https://github.com/tomnomnom/meg/compare/master...GwynHannay:meg:master\n  \nMethodologies (Hackers)\n   Cyberheartmi Methodology   https://gist.github.com/cyberheartmi9/1ac77d171d9b9dc9a5be45fa4f4c8dcb\n   Bug Bounty Mini Course:Automated Recon  https://www.youtube.com/watch?v=0VOWgM4klpM&amp;list=WL&amp;index=19&amp;t=53s\n   Zseanos Methodology https://www.bugbountyhunter.com/methodology/zseanos-methodology.pdf\n \n \nMime Type Sniffing\nhttps://www.keycdn.com/support/what-is-mime-sniffing\n\nMindmaps \n  List of Attack Vectors http://www.tecapi.com/public/relative-vulnerability-rating-gui.jsp\n  Huge Mind Map. Lots of resources. Has All Exploits and a lot of good info. https://www.xmind.net/m/Xy7XEW/\n  Collaborative Mindmaps - Collaborative Mind Mapping \n\nMobile\n  https://github.com/skateforever/pentest-scripts/tree/main/mobile\n  https://www.veracode.com/blog/2010/12/mobile-app-top-10-list \n  \nMootools\n  https://github.com/BlackFan/client-side-prototype-pollution/blob/master/pp/mootools-more.md\n  mootools 1.4.5 vuln \n    https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-31812/summary\n    Vulnerable Line https://github.com/vsviridov/mootools-node/commit/0fcc500aa1be356bc8745b322e8182f38ec8f0a0#diff-c4d2ea9c35bf14dd01cf28b174dba68fca9d2d9a2ae4b63d48ee496d7e9deedbR360-R367 \n    poc https://snyk.io/test/npm/mootools/1.4.5\nNmap\n  https://tecadmin.net/scanning-open-ports-with-nmap/inif\n  nmap pwn https://gist.github.com/BU9D4DDY/3e31890ae407e7c41a00f3715d00c5d7\n\nNodejs hacking\nhttps://github.com/zactly/handouts/blob/master/node_js_generic_checks.md\n\nOneliners\n    automate prototype polution https://twitter.com/R0X4R/status/1402906185301323776\n    https://github.com/D4Vinci/One-Lin3rt\n\n  https://github.com/Excloudx6/Elsfa7110-Oneliner-bughunting\n  https://hackingblogs.com/bug-bounty-builder-project-tool-use/#ONE-LINERRECONfor_FUZZ_XSS\n  https://github.com/KingOfBugbounty/KingOfBugBountyTips/compare/master...halencarjunior:KingOfBugBountyTips:master\n  https://www.youtube.com/watch?v=ZcG8ARatgs0&amp;t=467s\n  https://giters.com/okaayfine/oneliner-bugbounty\n  https://twitter.com/ofjaaah/status/1532581839344394241\n  https://gist.github.com/cyberheartmi9/c993542044fdc45834837c3f88484a63\n  https://github.com/trimstray/the-book-of-secret-knowledge\n\nOpen Redirects\nhttps://github.com/tomnomnom/meg/compare/master...1ndianl33t:meg:master\nhttps://www.infosecmatter.com/bug-bounty-tips-1/#5-top-25-open-redirect-dorks\nhttp://www.thespanner.co.uk/2014/03/21/rpo/\nhttps://nostarch.com/download/samples/RealWorldBugHunting_Ch02_Sample.pdf\nhttps://i.blackhat.com/asia-19/Fri-March-29/bh-asia-Wang-Make-Redirection-Evil-Again-wp.pdf\nhttps://devcraft.io/2020/10/19/github-gist-account-takeover.html\nhttps://portswigger.net/web-security/oauth/lab-oauth-stealing-oauth-access-tokens-via-an-open-redirecthttps://blog.intigriti.com/hackademy/open-redirect/\nhttp request smugglin open redorect defparam https://www.youtube.com/watch?v=3tpnuzFLU8g\nhttps://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/understanding-and-discovering-open-redirect-vulnerabilities/\nhttps://corneacristian.medium.com/top-25-open-redirect-bug-bounty-reports-5ffe11788794\nhttps://www.youtube.com/watch?v=4Jk_I-cw4WE\nhttps://www.youtube.com/watch?v=grkMW56WX2E\n  https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Open%20Redirect/Intruder/open_redirect_wwwist.txt\n  https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Open%20Redirect/Intruder/openredirects.txt\n  https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Open%20Redirect/Intruder/Open-Redirect-payloads.txt\n  https://pentester.land/cheatsheets/2018/11/02/open-redirect-cheatsheet.html\n  https://github.com/AnLoMinus/Bug-Bounty/blob/2d654a0a62c1194564aa841745c171c4b1374252/Checklist/Web%20App/Upload%20Function.md\nhttps://github.com/Excloudx6/open-redirect-payload-list\n * [Learn with @DarkLotusKDB: Recon with Shodan &amp; Spyse,XSS, Bypass OpenRedirects, SSRF, BugBunty Bot!!!](https://www.youtube.com/watch?v=66HqaFCF4Kk)\nhttps://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Open%20Redirect\n  https://web.archive.org/web/20201130145910/https://github.com/ptswarm/ptswarm-twitter/blob/main/2020-11-30-open-redirect-params.txt\nhttps://giters.com/okaayfine/oneliner-bugbounty#open-redirect\nhttps://infosecwriteups.com/bugbounty-linkedln-how-i-was-able-to-bypass-open-redirection-protection-2e143eb36941\nTnom and ori https://youtu.be/SYExiynPEKM?t=2630\n\nOwasp Top 10 (2021) https://cwe.mitre.org/data/definitions/1344.html\nParams\n  More Silent wheb running https://github.com/0xecho/parameth\n  Normal Branch https://github.com/maK-/parameth\n  Docker support https://github.com/Shaked/parameth\n  \nParameter Tampering - \n  http://www.tecapi.com/public/rvr-view-attack-vector-gui.jsp?antiCsrfToken=null&amp;attackVectorId=57\n\nPayloads / POCs\n    https://github.com/knownsec/pocsuite3\nhttps://github.com/pranav77/XSS-using-SVG-file\n  https://github.com/Excloudx6/Public/tree/master/payloads\n  https://github.com/sh377c0d3/Payloads/fork\n  https://github.com/RootUp/PersonalStuff\n  https://github.com/swisskyrepo/PayloadsAllTheThings \n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2019-nominations-open\n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2019\n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2020-nominations-open\n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2020\n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2021-nominations-open\n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2021\n  https://portswigger.net/research/top-10-web-hacking-techniques\n  https://portswigger.net/research/so-you-want-to-be-a-web-security-researcher#forgottenknowledge\n\nPOC Videos\n  https://repo.telematika.org/project/bminossi_allvideopocsfromhackerone/\n  https://github.com/zeroc00I/AllVideoPocsFromHackerOne\n\nPassword Cracking\n  https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-dg.pdf\n\nPeople \ntnom interview https://gist.github.com/ruevaughn/00638360841b2bec94149080c4f04f28\nAshar Jahvid https://twitter.com/soaj1664ashar\n\nProducts / Services \nTobuy https://order.shareit.com/cart/view | https://tryhackme.com/why-subscribe | https://findomain.app/#Pricing | https://github.com/Excloudx6/InfoSec-Black-Friday | HAKLUKE RECOMENDS https://securitytrails.com/corp/osint-toolkit?referral_code=LLDAK0F80M\n\n\nProtype Pollution\n  automate https://twitter.com/R0X4R/status/1402906185301323776\n  https://www.kitploit.com/2021/09/plution-prototype-pollution-scanner.html\n  https://github.com/dwisiswant0/ppfuzz?tag=v1.0.0\n  https://github.com/kosmosec/proto-find\n  https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#prototype-pollution\n  https://github.com/BlackFan/client-side-prototype-pollution\n  https://research.securitum.com/prototype-pollution-and-bypassing-client-side-html-sanitizers/\n  https://github.com/HoLyVieR/prototype-pollution-nsec18/blob/master/paper/JavaScript_prototype_pollution_attack_in_NodeJS.pdf\nhttps://www.youtube.com/watch?v=Gv1nK6Wj8qM&amp;t=1558s\nppmap \n  https://blog.intigriti.com/2021/07/14/bug-bytes-131-credential-stuffing-in-bug-bounty-hijacking-shortlinks-hacker-shows/\n  https://www.geeksforgeeks.org/ppmap-a-scanner-or-exploitation-tool-written-in-go/\n  https://book.hacktricks.xyz/pentesting-web/deserialization/nodejs-proto-prototype-pollution/client-side-prototype-pollution\nPrototype polution Tools\n  https://github.com/msrkp/PPScan\n\n\n\nPython\nhttps://hackernoon.com/10-common-security-gotchas-in-python-and-how-to-avoid-them-e19fbe265e03?utm_source=pocket-ff-recs\n\nRails\n  https://github.com/zactly/handouts/blob/master/oss_apps.md\n  https://github.com/zactly/handouts/blob/master/materials.md\n  https://github.com/gramantin/awesome-rails#apps-made-with-rails\n  Mass Assignment https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html\n  https://code.tutsplus.com/tutorials/mass-assignment-rails-and-you--net-31695\n  https://www.cloudbees.com/blog/preproduction-checklist-for-a-rails-app?utm_source=rubyweekly&amp;utm_medium=email\n  https://youtu.be/CIhHpkybYsY?t=1171\n  https://github.com/zactly/handouts/find/master\n  https://github.com/zactly/handouts/blob/master/conferences/virtual-appsecday-2020/skea_rails_routes.md\n  \n \nRecon\n  https://github.com/003random/003Recon\n  https://raw.githubusercontent.com/anshumanbh/domain/master/enumall.py\n  Reconmap GUI Website SaaS https://demo.reconmap.com/login\n  https://github.com/0xbharath/assets-from-spf\n  https://mavericknerd.github.io/knowledgebase/BugBountyRecon/\n  https://www.bugbountyhunter.com/methodology/zseanos-methodology.pdf   \n  https://ulir.ul.ie/bitstream/handle/10344/8278/Nuseibeh_2019_Text.pdf?sequence=2\n  https://github.com/janmasarik/resolvers\n  https://github.com/janmasarik/resolvers/pull/31/files\n\nResolvers\n  https://github.com/janmasarik/resolvers/pull/31/files\n  https://github.com/janmasarik/resolvers\n\n\nReporting\n  https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html\n\nReflected File Downloads\n Reflected File Download - A New Web Attack Vector https://www.youtube.com/watch?v=dl1BJUNk8V4\n https://blog.davidvassallo.me/2014/11/02/practical-reflected-file-download-and-jsonp/\nhttps://drive.google.com/file/d/0B0KLoHg_gR_XQnV4RVhlNl96MHM/view?resourcekey=0-NV7cTUTB48bltMEddlULLg\nhttps://www.blackhat.com/docs/eu-14/materials/eu-14-Hafif-Reflected-File-Download-A-New-Web-Attack-Vector.pdf\nhttps://www.davidsopas.com/reflected-file-download-cheat-sheet/\n\nRegexp\n  Regexp Basics https://www.youtube.com/watch?v=KJG1dETacLI\n  https://regexr.com/\n\nResources\n  https://portswigger.net/research/web-cache-entanglement\n  https://github.com/AnLoMinus/Bug-Bounty\n  https://github.com/ngalongc/bug-bounty-reference\n  https://www.youtube.com/c/krypt0muxbugbounty\n  https://github.com/OWASP/www-chapter-czech-republic/blob/master/slides/Getting_Started_with_Bug_Bounty.pdf\n  https://github.com/OWASP/www-chapter-czech-republic/blob/master/slides/Hacking_101.pdf\n  https://github.com/OWASP/www-chapter-czech-republic/blob/master/slides/Adela_Hanikova_All_roads_lead_to_domain_admin.pdf\n  https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE\n  Really good bug bounty playlist https://www.youtube.com/watch?v=FeXloh12Mnw&amp;list=PLlrnAg4kKF3r26OIyfoYQQ-YqySE3fyE_&amp;index=2\n  When looking for something ot hack https://web.archive.org/web/20210420062735/https://help.intrigue.io/reference/intrigue-core-api-endpoints\n  The 5 Hacking NewsLetter 107 - https://pentester.land/newsletter/2020/05/27/the-5-hacking-newsletter-107.html\n  Cloud Metadata - https://gist.github.com/rudSarkar/39f821249bf0d38093cafbfd23bc33ee | https://gist.github.com/BuffaloWill/fa96693af67e3a3dd3fb\n  Megathread https://twitter.com/ITSecurityguard/status/1519272305729458176\n  Reset Passwprd https://docs.google.com/presentation/d/1QzBl3k3n2q44ULyfZgr_gPZexj8nF5vD8JrS5AUJRbs/edit#slide=id.gb5aea10a86_0_167\n  Bug Bounty Google Doc https://docs.google.com/presentation/d/1o7GWUOYwcd3uMwLBRG9UzARYCvfuX3VKUHfoPu38t78/edit\n  Bug Bounty Udemy Courses Tip https://twitter.com/ITSecurityguard/status/1519272305729458176 \n  https://github.com/carlospolop/PEASS-ng \n  Saturday Night Bug Bounty Bytes w/ Ch1-R0n1n  https://www.youtube.com/watch?v=xx5fF7i-dCQ\n  Nicolas Gr\u00e9goire - Hunting for Top Bounties  https://www.youtube.com/watch?v=mQjTgDuLsp4\n  Hacktify Playlist to learn hacking https://www.youtube.com/watch?v=NBCrlRqX2AY&amp;list=RDCMUCS82DNnKOhXHcGKxGzQvNSQ&amp;start_radio=1&amp;rv=NBCrlRqX2AY&amp;t=0\n  \nRNG http://www.math.sci.hiroshima-u.ac.jp/m-mat/MT/ARTICLES/earticles.html  \n\nRPO (Relative Path overide) Gadgets \n  https://blog.innerht.ml/rpo-gadgets/\n  https://www2018.thewebconf.org/proceedings/\n  https://blog.acolyer.org/2018/05/28/large-scale-analysis-of-style-injection-by-relative-path-overwrite/\n  https://www.nds.rub.de/media/emma/veroeffentlichungen/2012/08/16/scriptlessAttacks-ccs2012.pdf\n  https://portswigger.net/research/detecting-and-exploiting-path-relative-stylesheet-import-prssi-vulnerabilities\ninurl:/.well-known/security ext:txt -hackerone -bugcrowd -synack -openbugbount\n\nSAML\nhttps://epi052.gitlab.io/notes-to-self/blog/2019-03-07-how-to-test-saml-a-methodology/\nhttps://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final91.pdf\nhttps://epi052.gitlab.io/notes-to-self/blog/2019-03-13-how-to-test-saml-a-methodology-part-two/\n\nScanners\n  2020_3452\nhttps://www.zoomeye.org/\nhttps://searchcode.com/\nhttps://fullhunt.io/\nhttps://github.com/RustScan/RustScan\nhttps://github.com/knassar702/scant3r\n\nS3 buckets \n  https://github.com/sa7mon/S3Scanner\n   Dumping S3 Buckets | Exploiting S3 Bucket Misconfigurations https://www.youtube.com/watch?v=ITSZ8743MUk\n   https://support.cloudflare.com/hc/en-us/articles/360037983412-Configuring-an-Amazon-Web-Services-static-site-to-use-Cloudflare\n\nSecond Order Takeovers\n  Shubbs Talking about it in his 5 years of hacking talk. Good. https://youtu.be/iG7-c0YbhbM?t=1472\n\nSelf Hosting \n  https://honoki.net/2021/07/11/wilson-cloud-respwnder/\n  Shodan like nmap results parser (https://github.com/shivammehta007/ScanX) PBNJ(http://pbnj.sourceforge.net/) (A suite of tools to monitor change in a network over time) store NMAP Results in a database to monitor changes on a network over time and then conducts historical analysis to identify new hosts - \n\nScripts\n  LFI https://web.archive.org/web/20100228162410/http://pastie.org/840199\n  https://github.com/killswitch-GUI/PenTesting-Scripts\n\nSession Poisoning - https://en.wikipedia.org/wiki/Session_poisoning \n https://github.com/t1m4/ptl_lab\n \nSetup\n  Bug Bounty Tools Setup - https://github.com/oliveira-andre/bug_bounty_tools\n  Redherd - https://redherd.readthedocs.io/en/latest/ | https://www.youtube.com/channel/UCYSM51oldVsryhZxGdB3hXA\n\nShells\n  https://github.com/tennc/webshell/blob/master/README_EN.md\n\nSmart Contracts\n  https://github.com/SecurityInnovation/Smart-Contract-CTF\n\nSSRF\n  SSRF HTTP Bypass List https://pastebin.com/YbsKrMpf\n SSRF - Practical  by Hacktify https://www.youtube.com/watch?v=NBCrlRqX2AY\nhttps://reconshell.com/jira-mobile-ssrf-exploit/\nhttps://gowthams.gitbook.io/bughunter-handbook/list-of-vulnerabilities-bugs/ssrf\n\n\nSubdomain Takeovers\n  https://github.com/mhmdiaa/tko-subs\n  https://github.com/mhmdiaa/second-order\nhttps://0xpatrik.com/subdomain-takeover-ns/\nhttps://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/\nhttps://www.hackerone.com/application-security/guide-subdomain-takeovers\nhttps://medium.com/@thebuckhacker/how-to-do-55-000-subdomain-takeover-in-a-blink-of-an-eye-a94954c3fc75\nhttps://import.cdn.thinkific.com/359809/courses/1386931/locomotivesubdomaintakeover-210608-154821.yamll\nhttps://github.com/buckhacker/SubDomainTakeoverTools\ngithub.com/lukasikic/subzy \n    -&gt; https://gist.githubusercontent.com/ruevaughn/91d3369fdf0d93b0bdc6662c771cb7ae/raw/79e07b315e465bae1f003ec8fd40fcf5471b223b/fingerprints.json\ngithub.com/mhmdiaa/second-order\n\nSubmitting a report\nhttps://about.gitlab.com/blog/2020/09/28/top-tips-for-better-bug-bounty-reports-and-a-hacker-contest/\n\nSQL INjection\nhttps://www.cloudflare.com/learning/security/threats/sql-injection/\n\nShodan\n  Awesome Shodan Queries https://github.com/jakejarvis/awesome-shodan-queries\n  Shodan Dorks https://twitter.com/0xhunster/status/1548382647759491074/photo/1\n  Shodan CVE Dorks Kathan https://kathan19.gitbook.io/howtohunt/sensitive-info-leaks/shodan_cve_dorks\n  https://carbon.now.sh/6nEp25xrtuu53L6aquU4\n  https://twitter.com/kotylevskiy/status/1551926067908182018/photo/1\nStatus Codes\n  Web status codes https://requests.readthedocs.io/en/latest/api/#status-code-lookup\n  \nSQL Injection\nhttps://github.com/ladecruze/Exploits/blob/master/sqlexploit.js\n  https://book.hacktricks.xyz/pentesting-web/sql-injection\n  (at the bottom of the page, the image and text for 2 sqli x-forwarded-for tips) https://medium.com/pentesternepal/access-control-worth-2000-everyone-missed-this-idor-access-control-between-two-admins-9745eaf15d21\n  https://github.com/0xEval/sql2shell\n  \nSource Code Analysis\n  https://twitter.com/dhakal_ananda/status/1544574015779606529\n\nTakeovers\n  https://github.com/musana/mx-takeover\n  \nTiming Attacks\nTime Attacks http://www.tecapi.com/public/relative-vulnerability-rating-gui.jsp?antiCsrfToken=null&amp;filterCategory=9\n\nTips\n  Parse Github URls https://github.com/ruevaughn/git-url-parse\n  Randomize IPs https://gist.github.com/yehgdotnet/27114d4bb5b28ec093e6dd36e329c389\n\n  Find IP Address behind CDN\n    \t\thttps://github.com/mandatoryprogrammer/cloudflare_enum\n    https://infosecwriteups.com/finding-the-origin-ip-behind-cdns-37cd18d5275\n    https://zdresearch.com/finding-the-origin-ip-behind-cdns/\n    https://twitter.com/HolyBugx/status/1343156549162852352?s=20 \n  Test Shodan Queries https://app.netlas.io/responses/\n  https://bbinfosec.medium.com/collection-of-bug-bounty-tip-will-be-updated-daily-605911cfa248\n  https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/bugbountytips.md\n  King of Bug Bounty Tips - https://github.com/KingOfBugbounty/KingOfBugBountyTips\n  https://abhinavprasad47.github.io/bugbounty-starter-notes/\n  https://www.google.com/search?tbm=bks&amp;q=recon-ng\n  gh dork: https://github.com/topics/one-liners\n  Sqlmap tip - https://youtu.be/rVu0GUjic_g?t=2246\n  Eval command and security issues https://mywiki.wooledge.org/BashFAQ/048\n  \ud83c\udf1f Find company's owned domains (company.*) with these #googledorks: | https://twitter.com/nil0x42/status/1533094473067995137 \n  https://redhuntlabs.com/nvadr\nTodo\n    read https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning\n      https://tillsongalloway.com/finding-sensitive-information-on-github/\nTODO: Make a worldist from these Amazon Cognito API actions GetUser etc https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminGetUser.html\n\n\nTools\n  https://github.com/ladecruze/Subdorker/fork\n   Brute Force Tomcat https://github.com/Excloudx6/tomcter\n  Code Snippets\n    https://carbon.now.sh/snippets\n  HTML Tools (CSV To HTML, Regexpal, 50+ tools) \n    https://www.cleancss.com/join.php\n  \n\n  Arjun                 \n    https://github.com/s0md3v/Arjun/wiki/Usage#scan-a-single-url  \n  crobat                    \n    https://www.onsecurity.io/blog/how-i-made-rapid7s-project-sonar-searchable/\n  Dom Invader               \n    https://www.youtube.com/watch?v=GeqVMOUugqY\n  ffuf                      \n    https://mikekitckchan.medium.com/holy-ffuf-a-beginner-guide-to-fuzz-with-ffuf-4bc6a66b5391 | https://thexssrat.medium.com/what-the-fuzz-the-truth-behind-content-discovery-77cd0c0756e7\n  gf       \n    Automate GF and gau https://gist.github.com/BU9D4DDY/eea5f7580577d9bf5d009ce923bac4fe\n    https://rengine.wiki/usage/tool_conf/ \n    https://github.com/1ndianl33t/Gf-Patterns \n    https://github.com/halencarjunior/BugBuntu/wiki/Installing-Gf-Patterns \n    https://github.com/NitinYadav00/gf-patterns/fork \n    https://twitter.com/sratarun/status/1361209626478276610 \n    MORE GF TEMPLATES https://github.com/lutfumertceylan/top25-parameter/releases/tag/v1.0.7 \n    https://github.com/tomnomnom/gf/compare/master...pry0cc:jf:master | \n    https://github.com/ResistanceIsUseless/gf | \n    https://github.com/tomnomnom/gf/compare/master...medbsq:gf:master | \n    https://github.com/mrofisr/gf-patterns\n    \n  gee                       \n    Similar to Tee. More Functionality. https://github.com/hahwul/gee\n    Gee Tips https://twitter.com/hahwul/status/1360495560843689989\n  FFMPEG-AVI-m3u-xbin       - https://github.com/Excloudx6/ffmpeg-avi-m3u-xbin\n  metabigor v2              - Metabigor https://twitter.com/j3ssiejjj/status/1528687407587299330/photo/1\n  pywhat -- Identify anything. pyWhat easily lets you identify PI from pcap files\n    https://github.com/bee-san/pyWhat/fork\n  recon-ng  https://raw.githubusercontent.com/anshumanbh/domain/master/enumall.py\n  SimpleApachePathTraversal - https://github.com/MrCl0wnLab/SimplesApachePathTraversal\n  Source2Url                - \n  \n  Tmux \n    tmux or screen https://youtu.be/a8LaNydbJyA?t=6406\n\n  \n  Tracy\n    https://newsroom.nccgroup.com/\n    https://github.com/nccgroup/tracy/blob/master/src/js/database-worker.js\n    https://github.com/nccgroup/tracy\n  \n  UrlEncode/Decode\n    https://www.w3schools.com/tags/ref_urlencode.ASP\n    https://network-tools.com/url-encode/\n    https://www.url-encode-decode.com/\n\nVulnerable Things\n  https://github.com/kiwicom/xssable\n   https://github.com/janmasarik/dumb-password-rules\n https://github.com/duffn/dumb-password-rules/fork\n \n \n WhatWeb                   - https://github.com/urbanadventurer/WhatWeb\n  WFUZZ                     - https://book.hacktricks.xyz/pentesting-web/web-tool-wfuzz\nwwwwwww\nahttps://useragent.me/\n\nWordlists\nhttps://gist.github.com/random-robbie/0f9d24a7b3c7268ee0c1ecdbe280611b\n  http://web.mit.edu/~mkgray/jik/src/Attic/kerberos_password_hacker/allwords\n  https://web.archive.org/web/20201130145910/https://github.com/ptswarm/ptswarm-twitter/blob/main/2020-11-30-open-redirect-params.txt\n  https://github.com/mhmdiaa/chronos\n  https://github.com/d4rckh/gorilla\n  https://github.com/jim3ma/crunch\n  https://github.com/the-xentropy/samlists/fork\n  https://github.com/AyProductions-Team/NEXTdependencydownloader/blob/588fa54b77743f808feec88070a4a0c76ac7c993/bin/Debug/net6.0-windows/DependencyDownloader.exe.WebView2/EBWebView/ZxcvbnData/3.0.0.0/passwords.txt\n  https://gist.github.com/random-robbie/c9671939d029848df38e06c5383e6395\n  Common Config Files by Tomnomnom   https://github.com/tomnomnom/meg/blob/master/lists/configfiles\n  Short Wordlist by Tomnomnom https://gist.github.com/tomnomnom/57af04c3422aac8c6f04451a4c1daa51\n  https://github.com/giteshnxtlvl/cook\n  https://imgur.com/user/silverblack1111/New%20Folder\n  https://gist.github.com/jhaddix/86a06c5dc309d08580a018c66354a056\n  https://github.com/RhinoSecurityLabs/Security-Research/blob/master/tools/aws-pentest-tools/iam_user_enum/default-word-list.txt\n  https://github.com/koaj/aws-s3-bucket-wordlist\n  https://github.com/Karanxa/Bug-Bounty-Wordlists\n  FUZZ.txt good -https://gist.github.com/m4ll0k/50efec5f04179b107c9d7597eec7d23c\n  https://gist.github.com/m4ll0k/https://gist.github.com/yassineaboukir/8e12adefbd505ef704674ad6ad48743d\n  Stream: Creating Target Specific Wordlist!!  https://www.youtube.com/watch?v=AF-zp6DROTs\n  API Endpoints https://gist.github.com/yassineaboukir/8e12adefbd505ef704674ad6ad48743d\n  https://bendtheory.medium.com/finding-and-exploiting-unintended-functionality-in-main-web-app-apis-6eca3ef000af\n  https://wordlists.assetnote.io/\n  https://gist.github.com/jhaddix/86a06c5dc309d08580a018c66354a056\n  https://github.com/six2dez/OneListForAll/blob/main/onelistforallmicro.txt\n  https://gist.github.com/miguelmota/706ebaeb661e246e1b682c400d49d1c9\n  https://github.com/ghostlulzhacks/wordlist/blob/master/directory-brute-wordlist.txt\n  to harvest https://youtu.be/YO3ldj4jkJk?t=275\n  Common Bucket Names https://github.com/buckhacker/buckhacker/blob/master/resources/common-bucket-names.txt\n  https://portswigger.net/web-security/authentication/auth-lab-passwords\n  https://portswigger.net/web-security/authentication/auth-lab-usernames\n  https://github.com/SmeegeSec/SmeegeScrape\n  make a wl from js https://gist.github.com/seqrity/d67608eb6372cd6f455bfeeefa77b9c2\n  Who what where when tomnomnom - https://www.youtube.com/watch?v=W4_QCSIujQ4\n  https://pentestbook.six2dez.com/recon/webs-recon Wordlist Gen\n  https://github.com/giteshnxtlvl/cook\n  https://gitlab.com/kalilinux/packages/amass/-/tree/91a5313226ab9ebd4ecbad40622584dd6f3f7cd5/wordlists Wordlists\n\n\n  \nWriteups\n  https://github.com/kh4sh3i/bug-bounty-writeups\n  securityforeveryone.com/scan-repository\n  2022-07-15 Exploiting Arbitrary Object Instantiations in PHP without Custom Classes  https://swarm.ptsecurity.com/exploiting-arbitrary-object-instantiations/\n  https://github.com/fardeen-ahmed/Bug-bounty-Writeups\n  https://github.com/devanshbatham/Awesome-Bugbounty-Writeups\n  https://twitter.com/ITSecurityguard/status/1519272305729458176\n  https://github.com/ngalongc/bug-bounty-reference\n  \n  https://github.com/djadmin/awesome-bug-bounty\n  https://ysamm.com/#\n  https://tarekbouali.com/posts/how-i-hacked-one-of-the-biggest-airlines-group-of-the-world/\n  https://github.com/jaiswalakshansh/Facebook-BugBounty-Writeups\n  https://infosecwriteups.com/intro-to-bug-bounty-automation-tool-chaining-with-bash-13e11348016f\n  https://hacklido.com/u/excloudx\n  https://subscription.packtpub.com/book/ssnetworking-and-servers/9781788626897/7/ch07lvl1sec47/example\n  https://subscription.packtpub.com/owned\n  https://id.bugbountyhub.com/auth/realms/bugbountyhub/login-actions/authenticate?execution=a484e1a7-bc42-472b-a339-15be49996b14&amp;client_id=prod-platform&amp;tab_id=MivkVulj_p8\n  https://prashantbhatkal2000.medium.com/svg-based-stored-xss-ee6e9b240dee\n  https://github.com/phlmox/public-reports/blob/main/hackerone-one-million-reports\n  https://footstep.ninja/posts/\n  https://twitter.com/omespino/status/1489310300708900868/photo/\n  https://github.com/phlmox/public-reports\n  https://blog.assetnote.io/2020/09/15/hacking-on-bug-bounties-for-four-years/\n  https://discord.com/channels/772850979955671103/772854181433573398/895230570366402590 Hacking Articles\n\nVhosts\n  https://github.com/Shaked/vhost-finder\n  Vhost Discovery https://github.com/projectdiscovery/tlsx#sancn-probe\n\nVPS\nhttps://github.com/bbhunter/pentest-scripts/blob/main/useful/get-tools.sh\nhttps://github.com/crawlab-team/crawlab\n  https://github.com/righettod/toolbox-pentest-web\n  google cloud official repos https://github.com/googleapis/google-cloud-ruby\n  google cloud repos https://github.com/orgs/4ARMED/repositories\n  Certifcate install   https://github.com/anshumanbh/terraform-burp-collaborator#using-a-proper-tls-certificate\n  https://github.com/orgs/4ARMED/repositories\n  Teraform Burp Colab server https://github.com/anshumanbh/terraform-burp-collaborator\n  Setup script for Regon-ng  and altdns https://github.com/jhaddix/domain\n  https://github.com/AntSwordProject/antSword\n  https://github.com/janmasarik/resolvers/blob/master/.github/workflows/main.yml\n  https://github.com/pry0cc/axiom/tree/master/images/provisioners\n  https://github.com/janmasarik/resolvers\n  Assetnote Setup and Installation   https://gist.github.com/sz3n/1fdf2f871a10d4e9180757afc8fd80e2\n  https://demo.ezxss.com/manage/dashboard\n  https://github.com/ssl/ezXSS/wiki/Installation\n  https://honoki.net/2021/07/11/wilson-cloud-respwnder/\n  https://github.com/ruevaughn/assetnote\n  https://github.com/robre/jsmon\n  Host and Deploy Assetnote https://gist.github.com/BU9D4DDY/9e023d0fae3314273302ae895ae7c5ed\n  vps_install.sh by Rajchowdhury420 https://gist.github.com/Rajchowdhury420/24fa500ebc4edbb2018860f85f93b8cf\n  https://hackingblogs.com/bug-bounty-builder-project-tool-use/\n  Beats - Lightweight shippers for Elasticsearch &amp; Logstash \n  https://github.com/nicolargo/glances\n  https://github.com/intrigueio/intrigue-core/wiki/Setting-up-a-Development-Environment-%28on-Ubuntu%2C-Kali%2C-Debian%29\n  https://www.udemy.com/course/learn-website-hacking-penetration-testing-from-scratch/learn/lecture/5878090?start=0#overview\n  Pt a website onlne https://www.youtube.com/watch?v=NQP89ish9t8\n  https://www.trenchesofit.com/2021/06/14/bug-bounty-vps-build/\n  https://github.com/intrigueio/intrigue-core/wiki/Setting-up-a-Development-Environment-%28on-Ubuntu%2C-Kali%2C-Debian%29\n  https://github.com/AlexisAhmed/BugBountyToolkit &lt;-- docker \n\nWhitepapers\nhttps://github.com/zactly/handouts/tree/master/conferences\n\nxss\nhttps://github.com/kiwicom/xssable\nhttps://twitter.com/soaj1664ashar\n  https://github.com/pranav77/XSS-using-SVG-file\n  https://www.openbugbounty.org/blog/devl00p/top-100-xss-dorks/\n  xss - https://threadreaderapp.com/thread/1508406052663934979.html\n  https://google-gruyere.appspot.com/\n  https://0x1.gitlab.io/web-security/Weaponised-XSS-Payloads/\n  https://infosecwriteups.com/weaponizing-reflected-xss-to-account-takeover-ae8aeea7aca3\n  https://hakluke.medium.com/upgrade-xss-from-medium-to-critical-cb96597b6cc4\n  https://github.com/hakluke/weaponised-XSS-payloads\n  https://medium.com/redteam/weaponising-angularjs-bypasses-4e59790a730a\n  https://github.com/dwisiswant0/findom-xss\n  https://www.secureideas.com/blog/2018/12/twelve-days-of-xssmas.html\n  https://www.geeksforgeeks.org/findom-xss-fast-dom-based-xss-vulnerability-scanner/?ref=rp\n  https://thexssrat.podia.com/free-labs\n  https://github.com/topics/xss\n  https://twitter.com/ofjaaah/status/1504932805431767046\n  https://portswigger.net/research/new-xss-vectors\n  https://medium.com/bugbountywriteup/how-i-was-able-to-find-50-cross-site-scripting-xss-security-vulnerabilities-on-bugcrowd-public-ba33db2b0ab1\n  https://github.com/takshal/freq\n  https://bytemeta.vip/index.php/@takshal\n  https://github.com/takshal/freq/pull/2/commits/ca176eee65889530b4896d782419edd0e4325713\n  https://www.kitploit.com/2018/05/xss-payload-list-cross-site-scripting.html\n  What is the best method to use dalfox?? https://attacker-codeninja.github.io/2021-09-09-portswigger-notes-on-host-header-attack/\n  https://github.sre.pub/topics/xss-scanners\n  https://medium.com/@skavans_/the-unobvious-about-xss-and-html-encoding-4e0d536a35d9\n  Al the ways you can alert js -&gt; https://gist.github.com/tomnomnom/14a918f707ef0685fdebd90545580309\n  https://github.com/wisec/domxsswiki/wiki\n  https://github.sre.pub/topics/xss-scanners\n  https://owasp.org/www-community/attacks/xss/\n  Moving beyond alert()xss https://av.tib.eu/media/49191\n  https://unescape-room.jobertabma.nl/\n  https://infosecwriteups.com/reflected-xss-on-microsoft-com-subdomains-4bdfc2c716df\n  https://github.com/danielthatcher/Cookieless-Session-Scanner session is for identifying xss as described here   https://blog.isec.pl/all-is-xss-that-comes-to-the-net/\n\nXSS Labs\nhttps://google-gruyere.appspot.com/\n\n\n\nScreenshots\nhttps://github.com/detectify/page-fetch/fork\n\nEyeballer\nhttps://github.com/BishopFox/eyeballer &lt;----- TODO BIG IG and [this](https://www.kaggle.com/datasets/altf42600/pentest-screensots)\nhttps://www.akamai.com/blog#HTTP2rs\nhttps://www.jhaddix.com/post/tooltime-2-ssl-certificate-parsers-for-recon\nRecon\nNotify -bulk - workflow to funnel everything to Notify https://youtu.be/v7FMPU3J3Qw?t=3044\nReconFTW Automation - https://youtu.be/v7FMPU3J3Qw?t=2841\nAutomation - what to do with all the subdomains  endpoints you found! https://youtu.be/v7FMPU3J3Qw?t=1864\n\nTools\nhttps://reconshell.com/awesome-bug-bounty-tools/\nhttps://reconshell.com/mobile-hackers-weapons/\nhttps://book.hacktricks.xyz/todo/more-tools\nhttps://github.com/fardeen-ahmed/Bug-bounty-Writeups#-bug-bounty-tools---\nhttps://github.com/vavkamil/awesome-bugbounty-tools#Recon\nImage upload\nhttps://github.com/barrracud4/image-upload-exploits\nhttps://hackbotone.com/blog/essential-recon-tools/\nhttps://github.com/danielthatcher/spydom\nhttps://allciber.com/web-attack-cheat-sheet/\n\nAlias / Snippet / Command Management\nhttps://github.com/nahamsec/recon_profile\nhttps://github.com/hahwul/hack-pet/commit/6405608c856551d241174d8c839c79efdff5153c\nhttps://github.com/hahwul/hack-pet\nhttps://github.com/knqyf263/pet\n\n\nhttps://github.com/anshumanbh/brutesubs\nhttps://github.com/VainlyStrain/Vailyn\n\nRECON\nhttps://gist.github.com/khanjanny/039d7c7d825a866b9020e3945e04ace9\nhttps://github.com/KathanP19/HowToHunt\nhttps://prettyrecon.com/auth/forgot_password/\n\nTweets Dorks\nhttps://twitter.com/hashtag/bugbountytips\nhttps://twitter.com/search?q=%23bugbountytips&amp;cn=ZmxleGlibGVfcmVjcw%3D%3D&amp;refsrc=email\nhttps://twitter.com/ghostlulz1337\n\nhttps://www.google.com/search?client=firefox-b-1-d&amp;q=site%3Agist.github.com+%22dalfox%22+automate\nhttps://gist.github.com/sec99\nhttps://gist.github.com/Bedrovelsen/starred\nhttps://gist.github.com/tranphuoctien/47c1242c8189b42fb4d268c548db4526\nhttps://gist.github.com/GrahamcOfBorg/601b9608c6010d9c82cf0e9535faac4b\nhttps://gist.github.com/babaloveyou\nhttps://www.google.com/search?client=firefox-b-1-d&amp;q=bug+bountny+automation\nhttps://www.reddit.com/r/bugbounty/comments/nkaz32/automation_for_bug_bounty_recon_framework/\nhttps://github.com/dirsoooo/Recon\nhttps://gowthams.gitbook.io/bughunter-handbook/automation\n\n\nCrawlers / Crawling\nhttps://github.com/Echocipher/HackeroneSpider\nxnLinkFinde\nhttps://github.com/spatie/crawler\nhttp://www.robotstxt.org/\nhttps://github.com/BruceDone/awesome-crawler\nhttps://github.com/tijme/not-your-average-web-crawler\nhttps://github.com/ghostlulzhacks/crawler\nhttps://scotthelme.co.uk/top-1-million-analysis-march-2020/\n\nhttps://crawler.ninja/\n\n  \n\n\nSqli\n  https://sapt.medium.com/sqli-on-a-bugcrowd-private-program-17858b57ec61\n  http://sqlninja.sourceforge.net/download.html\n  https://w3af.org/howtos/find-cross-site-scripting-and-sql-injections\n  https://www.securedyou.com/how-to-hack-sql-database-password-cracking/\n  https://www.securedyou.com/download-havij-free-automated-sql-injection-tool/\n\nsqlmap\n  https://h1pmnh.github.io/post/advanced-sqlmap-case-study-1\n\nDefault Credentials \nhttps://github.com/Excloudx6/WebCrack\n  The Open Cloud Vulnerability &amp; Security Issue Database  https://www.cloudvulndb.org/\n  \n  https://github.com/SummitRoute/csp_security_mistakes\n  Default Cred Scanner https://github.com/ztgrace/changeme\n  \n\n  \nFile Upload\nhttps://sm4rty.medium.com/hunting-for-bugs-in-file-upload-feature-c3b364fb01ba\nhttps://github.com/almandin/fuxploider - File upload vulnerability scanner and exploitation tool. \n\n\nMonitor Server Status\nhttps://github.com/sudo-jtcsec/server-status-mon\nhttps://github.com/Excloudx6/server-status_PWN\n\nTmux https://github.com/Excloudx6/clips\n# My Bug Bounty Wiki Page\nhttps://github.com/MrM8BRH/SuperLibrary\nhttps://github.com/zeroc00I/ReconNotes\n   https://gist.github.com/ruevaughn/71c31d7f67b7d105d9f480489e02c906\n\n\nA-Z Sorting in progress\nAwsCli https://aws.plainenglish.io/aws-s3-cli-cheatsheet-9078366fca83\nWelcome to my Bug Bounty Wiki page. It's currently not organized or cleaned up at all though that's a WIP. Originally was where I was dumping links and things I needed to rememnber.\nNews Articles\nhttps://www.bbc.com/news/technology-43581624\n\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=1524\n\nDeserialisation\nDeserialization example &lt;-https://youtu.be/oUAeWhW5b8c?t=1583\nAnother Deserialization example https://youtu.be/eDfGpu3iE4Q?t=266\nhttps://github.com/GerbenJavado/LinkFinder\nhttps://medium.com/@duhroach/how-png-works-f1174e3cc7b7\n\n\nhttps://github.com/beurtschipper/Depix &lt;-- unblur \n\n### A\n\nTwitter\nhttps://mobile.twitter.com/drunkrhin0/status/1344130730947825664\n\n\nhttps://kathmandupost.com/science-technology/2021/04/06/we-dream-to-be-nepal-s-first-billion-dollar-it-company\nhttps://reconwithme.com/\n\nhttps://jaeles-project.github.io/\n\nAPIs\nHuge API Resources list! https://dsopas.github.io/MindAPI/references\nhttps://thexssrat.podia.com/view/courses/free-api-testing-and-securing-guide/923506-api-top-10-videos/2699995-owasp-api-top-10-a0-to-a3\n\nhttps://www.hahwul.com/2019/07/01/easy-security-testing-with-applications-bridge-in-zap/\nhttps://github.com/PortSwigger\n\n### B\nBooks https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/BOOKS.md\nhttps://cheatsheetseries.owasp.org/cheatsheets/Authorization_Testing_Automation_Cheat_Sheet.html\nhttps://guidesmiths.github.io/cybersecurity-handbook/resources\nhttps://guidesmiths.github.io/cybersecurity-handbook/tooling\n\n\nhttps://github.com/1N3/Sn1per/blob/master/modes/normal_webporthttp.sh\nBlogs\nhttps://opsecx.com/index.php/category/blog/\n\n\nUrl FInder\nhttps://www.kitploit.com/2021/08/sigurlfind3r-reconnaissance-tool-it.html\n\n403 Bypasser\nhttps://www.kitploit.com/2021/11/4-zero-3-403401-bypass-methods-bash.html\nhttps://www.kitploit.com/2021/09/403bypasser-automates-techniques-used.html\n\nOauth\n#### Oauth Bug Bounty Cheatheet\nhttps://0xn3va.gitbook.io/cheat-sheets/web-application/oauth-2.0-vulnerabilities\nhttps://anil-pace.medium.com/json-web-tokens-vs-oauth-2-0-85dd0b32057d\n\nEmail\nhttps://www.ibm.com/docs/en/sqsp/32.0?topic=SSBRUQ_32.0.0/com.ibm.resilient.doc/install/resilient_install_defang s.htm\n\nNuclei\nNuclei : A Bug Bounty Tool https://www.youtube.com/watch?v=ZcG8ARatgs0\nhttps://www.reddit.com/r/infosec_daily/comments/lrz9bg/nuclei_tool_review/\nFinding bugs with Nuclei with PinkDraconian (Robbe Van Roey) https://www.youtube.com/watch?v=ewP0xVPW-Pk\n\nNuclei templates\nhttps://github.com/xm1k3/cent &lt;-- manage nuclei tempaltes and ibg list of templateseeeeeeeeeeeeeeeeeee\nhttps://github.com/aboul3la/nuclei-templates\nhttps://github.com/projectdiscovery/nuclei-templates/compare/master...s4e-labs:nuclei-templates:master\nhttps://github.com/projectdiscovery/nuclei-templates/discussions/693\nhttps://nuclei-templates.netlify.app/\n\ncool\nhttps://github.com/nikitastupin/param-miner-doc\n\n\nrxrdxrhttps://platforms.disclose.io/\nhttps://cardanofeed.com/cardano-doubled-the-rewards-for-its-bug-bounty-program-49977.html\nhttps://portswigger.net/daily-swig/bug-bounty-radar-the-latest-bug-bounty-programs-for-march-2022\nhttps://portswigger.net/daily-swig/cloudflare-bug-bounty-program-goes-public-with-3-000-rewards-on-offer\n\n\n### C\n\nFuzzing\nhttps://thugcrowd.com/kiosk/ Badass Fuzzing tools / Resources\nhttps://0xn3va.gitbook.io/cheat-sheets/resources/software/fuzzing\n\nBug Bounty Videos\nMix - webpwnized https://www.youtube.com/watch?v=Y_2JVREtDFk&amp;list=RDCMUCPeJcqbi8v46Adk59plaaXg&amp;start_radio=1\nBreaking Parser Logic: Take Your Path Normalization off and Pop 0days Out! - https://www.youtube.com/watch?v=CIhHpkybYsY&amp;t=2s\nVideos\n  HackTube5 Youtube https://www.youtube.com/channel/UCiiEXWVI8XDV_SbIOYVuKog\n  GynvaelEN https://www.youtube.com/user/GynvaelEN\n  Hacktify https://www.youtube.com/channel/UCS82DNnKOhXHcGKxGzQvNSQ\n  Hack the Box Youtube https://www.youtube.com/channel/UCi67lRCd5qpaHwSXNJisuRQ\n  Hackerone https://www.youtube.com/channel/UCsgzmECky2Q9lQMWzDwMhYw\n  Hackersploit https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q\n  Hacking Simplified https://www.youtube.com/channel/UCARsgS1stRbRgh99E63Q3ng\n  Hacking Simplifed (smaller channel) https://www.youtube.com/channel/UCTIHXPYJ4gT7PBQK9tUmFJA\nhttps://administraitor.video/edition/Hack.lu/2019\n\nhttps://portswigger.net/news\n\nNotify - https://youtu.be/rbr7ZmBI9qs?t=278\n\nhttps://www.youtube.com/watch?v=kbi2KaAzTLg\n\nWhat after Recon? - Sup Subdomains?!\n\n\nDORK\n  https://exposingtheinvisible.org/guides/google-dorking/\nhttps://www.google.com/imgres?imgurl=https%3A%2F%2Fpbs.twimg.com%2Fmedia%2FEf6ELytWAAAswXx%3Fformat%3Djpg%26name%3D4096x4096&amp;imgrefurl=https%3A%2F%2Fmobile.twitter.com%2Fbugbountyrecon&amp;tbnid=pQu57Q5pha2WIM&amp;vet=12ahUKEwixtNqk0vz1AhV0IX0KHWddCpQQMygLegUIARC-AQ..i&amp;docid=NghhHzdXU7Ey8M&amp;w=2480&amp;h=1302&amp;q=Bug%20bounty%20automation%20GitHub&amp;client=firefox-b-1-d&amp;ved=2ahUKEwixtNqk0vz1AhV0IX0KHWddCpQQMygLegUIARC-AQ\nhttps://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt\n\nReporting\nhttps://hacktify.in/bugbounty/ &lt;---- lots of resources for reporting\n\n\n#### Ruby on Rails\nhttps://hackerone.com/reports/904059\nhttps://hackerone.com/reports/1400309\nhttps://github.com/httpvoid/writeups/blob/main/Ruby-deserialization-gadget-on-rails.md\nhttps://bugbountyforum.com/resources/#ruby-on-rails\n\nFree Shodan key and nmap automatin script to search for big f5 ip acve\nhttps://learn.hacktify.in/courses/take/bug-bounty-hunting-and-penetration-testing/lessons/16862042-assets-resources\nhttps://github.com/shifa123/f5BigIPExploit/blob/master/assets\ndnmap\nhttps://github.com/vdjagilev/nmap-formatter\nhttps://www.darknet.org.uk/2016/07/dnmap-distributed-nmap-framework/?utm_source=pocket-ff-recs\nhttps://github.com/alt3kx/CVE-2021-21985_PoC/blob/main/CVE-2021-21985.nse\n# https://github.com/RootUp/PersonalStuff/blob/master/http-vuln-cve-2021-41773.nse\n# https://github.com/RootUp/PersonalStuff/blob/master/http-vuln-cve2020-3452.nse\naquatone - https://gist.github.com/random-robbie/beae1991e9ad139c6168c385d8a31f7d\nhttps://www.tib.eu/en/publishing-archiving/research-data\nhttps://github.com/erbbysam/Hunting-Certificates-And-Servers/blob/master/Hunting%20Certificates%20%26%20Servers.pdf\nBug Bouty Programs\nhttps://cheatsheetseries.owasp.org/cheatsheets/Authorization_Testing_Automation_Cheat_Sheet.html\nhttps://guidesmiths.github.io/cybersecurity-handbook/resources\nhttps://guidesmiths.github.io/cybersecurity-handbook/tooling\n\n\nrxrdxrhttps://platforms.disclose.io/\nhttps://cardanofeed.com/cardano-doubled-the-rewards-for-its-bug-bounty-program-49977.html\nhttps://portswigger.net/daily-swig/bug-bounty-radar-the-latest-bug-bounty-programs-for-march-2022\nhttps://portswigger.net/daily-swig/cloudflare-bug-bounty-program-goes-public-with-3-000-rewards-on-offer\n\nhttps://hackerone.com/alipay?type=team\nhttps://render.alipay.com/p/c/183ecyeztvuo/dana-pay.html\n\nDisclosure Assistance w/ Hackerone https://hackerone.com/disclosure-assistance/disclosure_assistance_requests/new?type=team\n* [Disclose.io - program List Data](https://raw.githubusercontent.com/disclose/diodb/master/program-list.json)\n\nhttps://github.com/detectify/cs-challenge\nhttps://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt\n\nVDP\nDutch Gov - bug bounty scope https://gist.github.com/ruevaughn/f2d1157598a6156c3d51538b3fbd980c\nhttps://www.justice.gov/criminal-ccips/page/file/983996/download\n\"Bug Bounty programs|VDP|launch\" -&gt; Google News etc\n\n\n\n#### J\n\n\n#### L\n\nLabs\n\nLinux\nhttps://linuxsecurity.expert/resources/\n\n#### M\n\nMonitoring\nhttps://github.com/dgtlmoon/changedetection.io Monitor Website Changes\n\n### P\n\n#### Podcasts\nLinks here -&gt; https://blog.intigriti.com/2019/11/12/bug-bytes-44-new-platform-new-programs-and-a-e25k-head-csrf/\nSelfHosted Podcast https://selfhosted.show/60?t=777\n\nPrograms\nhttps://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt\n\n### R\n#### \n#### Reverse Shells\n\n### Rate Limit\n\n\n### T\nTop 10\n\nDNS Hijacking\nhttps://www.cloudflare.com/en-ca/learning/security/global-dns-hijacking-threat/\nhttps://github.com/mdsecresearch/Publications/blob/master/presentations/Offensive%20Development%20-%20Post-Exploitation%20Tradecraft%20in%20an%20EDR%20World%20-%20x33fcon%202020.pdf\n\nIDN Homograph\nhttps://www.akamai.com/blog/security/watch-your-step-the-prevalence-of-idn-homograph-attacks\n\n\n#### Tools\nhttps://www.xmind.net/m/Xy7XEW/# &lt;----- \nhttps://github.com/Excloudx6/PentestTools#exploitation-tools\nhttps://linuxsecurity.expert/security-tools/top-100/\nhttps://intelx.io/tools\nhttps://github.com/nccgroup/ScoutSuite/tree/master/tools\nClean Ips Script\nhttps://gist.github.com/LuD1161/bd4ac4377de548990b47b0af8d03dc78\n### D\nhttps://github.com/nccgroup/tracy\n\n#### Todo\nhetty.xyz\nhttps://www.bugbountyhunting.com/\n    \nhttps://github.com/KingOfBugbounty/KingOfBugBountyTips#scan-log4j-using- -and-log4j-scan\nhttps://medium.com/hacking-info-sec/how-to-install-and-use-bbrf-35f6aa15fbc9\n\nhttps://github.com/Excloudx6/Guide-to-SSRF\nhttps://github.com/alphaSeclab/sec-daily-2020\nhttps://github.com/KathanP19/HowToHunt/blob/master/CheckList/mindmap.png\nhttps://github.com/topics/bugbounty\nhttps://gist.github.com/R0X4R/bc08d55e368965f22c0b41ee8475ba87\nSSRF\nhttps://cheatsheetseries.owasp.org/assets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet_SSRF_Big.pdf\nNmap\nhttps://github.com/killswitch-GUI/PenTesting-Scripts/blob/master/Nmap-Strings\nhttps://www.bugcrowd.com/blog/getting-started-bug-bounty-hunter-methodology/\nhttps://github.com/SmeegeSec/Security_Headers_Nmap_Parser\n\nssh bruting\n A simple multi-threaded distributed SSH brute-forcing tool written in Python  https://github.com/k4yt3x/orbitaldump\nhttps://github.com/d3vilbug/Brutal_SSH\n\nxsshunter\nhttps://github.com/mystech7/xsshunter - duplicate within 15 min check added\n\nhttps://gosecure.github.io/security-cheat-sheet/\n\n\nhttps://twitter.com/e11i0t_4lders0n/status/1489234267687497735\nhttps://snyk.io/log4j-vulnerability-resources/\n\n\n\nhttps://gist.github.com/sminez/571bd7bafb1b88630b85c85a0cd66e3a - grep through this\ntry\nhttps://github.com/arjunshibu/gcmd\n\nhttps://splash.readthedocs.io/en/stable/scripting-tutorial.html#scripting-tutorial\nhttps://github.com/phlmox\n\nRecon\n  https://github.com/Viralmaniar/BigBountyRecon\nhttps://www.kitploit.com/2021/10/webdiscover-purpose-of-this-script-is.html\nhttps://www.cobalt.io/blog/scope-based-recon-smart-recon-tactics\n\nChecklists\nhttps://gist.github.com/jhaddix/6b777fb004768b388fefadf9175982ab\nhttps://github.com/KathanP19/HowToHunt/blob/master/CheckList/Web_Checklist_by_Chintan_Gurjar.pdf\nhttps://blog.assetnote.io/2021/01/13/blind-ssrf-chains/\nhttps://gist.github.com/pdelteil/ba005609789ae14862f023da4191826d\nhttps://github.com/rails/rails/issues/37620\nSUBDOMAIN TAKEOVERS\nhttps://kathan19.gitbook.io/howtohunt/subdomain-takeover/easy_methods\nhttps://www.udemy.com/course/cloud-hacking/learn/lecture/8613164?start=0#overview\nhttps://github.com/indianajson/can-i-take-over-dns\n\n\nhttps://scotthelme.co.uk/top-1-million-analysis-march-2020/\n\nFINISH Watching - https://www.youtube.com/watch?v=12gtkYbMGd4&amp;t=362s\nHARSHBROTHA - https://www.youtube.com/watch?v=UrdvDCb4Gz8\nNOTIFY - https://www.youtube.com/watch?v=rbr7ZmBI9qs\nHandle your data carefully https://www.y\noutube.com/watch?v=rbr7ZmBI9qs\n\nUserAgents\nhttps://github.com/Shaked/user-agents\nhttps://github.com/BbhunterOne/ReconChef/blob/main/recon.sh#L82\n\nScreenshots\nhttps://github.com/spatie/browsershot\n# https://github.com/maaaaz/webscreenshot\nhttps://random-robbie.github.io/bugbounty-scans/\nhttps://buaq.net/go-99375.html\nhttps://stackoverflow.com/questions/5258977/are-http-headers-case-sensitive?rq=1\n\ncheatsheets\nhttps://0xn3va.gitbook.io/cheat-sheets/\nhttps://0xn3va.gitbook.io/cheat-sheets/web-application/http-request-smuggling\n   _   _   _   _   _   _   _   _   _   _  \n  / \\ / \\ / \\ / \\ / \\ / \\ / \\ / \\ / \\ / \\ \n ( F | R | A | M | E | W | O | R | K | S )\n  \\_/ \\_/ \\_/ \\_/ \\_/ \\_/ \\_/ \\_/ \\_/ \\_/ \n\n+ ------ +\n |Articles|\n + ------ +\n\n* E.crack jwt - https://github.com/brendan-rius/c-jwt-cracker\n\nhttps://github.com/SecureAuthCorp/impacket\nNeo4j vs postgres (graphdb)\nhttps://edoverflow.com/2019/ci-knew-there-would-be-bugs-here/\n\nAutomation script \nhttps://www.benteveo.kiwi/blog/automating-bug-bounties\nhttps://github.com/AlexisAhmed/BugBountyToolkit &lt;-- docker \nhttps://gowthams.gitbook.io/bughunter-handbook/automation\n\n\nSecret\nhttps://www.directdefense.com/csrf-in-the-age-of-json/\n\nhttps://buaq.net/go-249.html\n\nIntentionally Vulnerable Github repo\nhttps://github.com/shifa123/githubleak\n\nhttps://wiki.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contentsfff\nhttps://pentestbook.six2dez.com/\nhttps://github.com/m4ll0k\nhttps://github.com/six2dez\nhttps://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter\nhttps://github.com/shifa123\nhttps://www.udemy.com/course/web-application-ethical-hacking/learn/lecture/3305350?start=0#overview\n\n## BugBounty Programs\n---\nhttps://huntr.dev/\nhttps://www.zerodayinitiative.com/\nhttps://greedybucks.medium.com/bug-bounty-programs-beginners-should-try-fe51cebe52a5\nhttps://opensourcelibs.com/lib/google-acquisitions\nhttps://opensourcelibs.com/libs/bugbounty\nList of .gov\n\nTatget crypto https://arlolra.github.io/otr/\nhttps://github.com/cisagov/dotgov-data\n[FireBounty](https://firebounty.com) The Ultimate Vulnerability Disclosure Program. FireBounty, aggregate your bounty.\n[Disclose.io](https://disclose.io/programs/) We're here to make vulnerability disclosure safe, simple, and standardized for everyone.\n[Security Ninja txt valuess list](https://crawler.ninja/files/security-txt-values.txt)\n[Security Ninja Files List](https://crawler.ninja/files/)\n\nhttps://allabouttesting.org/\n\nTodo:\nhttps://boards.greenhouse.io/cobaltio/jobs/4141074002 &lt;--- solve challenge\n\n\nCheatSheets\nhttps://github.com/six2dez/bitup2021_subdominions/blob/main/Cheatsheet.md\n\n\n\n\nAutomated Scanners\n\n* [Zeus-Scanner](https://github.com/Ekultek/Zeus-Scanner)\n* [Dalfox](https://github.com/hahwul/dalfox)\n* [XSSTrike](https://github.com/s0md3v/XSStrike)\n* [SSTI-xssfinder](https://awesomeopensource.com/project/darklotuskdb/SSTI-XSS-Finder?categoryPage=47)\n\n[SSTI-XSS-Finder](https://github.com/darklotuskdb/SSTI-XSS-Finder)\n  * [Learn with @DarkLotusKDB: Recon with Shodan &amp; Spyse,XSS, Bypass OpenRedirects, SSRF, BugBunty Bot!!!](https://www.youtube.com/watch?v=66HqaFCF4Kk)\n  * https://twitter.com/0xJin/status/1470748925963513863\n  * https://twitter.com/0xJin/status/1470748925963513863/photo/1\n\n\nXXE\nhttps://book.hacktricks.xyz/pentesting-web/xxe-xee-xml-external-entity\nhttps://app.intigriti.com/programs/dpgm/libelle/detail\nhttps://web-in-security.blogspot.com/2016/03/xxe-cheat-sheet.html\nhttps://twitter.com/infosec_au/status/1340785029899698181?lang=en\nhttps://web-in-security.blogspot.com/2014/11/detecting-and-exploiting-xxe-in-saml.html\n\nUnderstanding DTD-&lt; https://web-in-security.blogspot.com/2014/11/detecting-and-exploiting-xxe-in-saml.html\n\n\n## Owasp Top 10\n---\nhttps://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/WhatsNew.html\n### Clickjacking\nhttps://lcamtuf.blogspot.com/2011/12/x-frame-options-or-solving-wrong.html\nhttps://blog.innerht.ml/page/2/\nhttps://hackerone.com/reports/8724\n\n### CSRF\n    * https://hackerone.com/reports/44146\n   - 7-19-16 \n     * [CSRF attack on paypal.me](https://www.youtube.com/watch?v=RjS47ojRQXk&amp;t=5s)\n     * https://hethical.io/paypal-bug-bounty-updating-the-paypal-me-profile-picture-without-consent-csrf-attack/\n   - 01-18-15 https://hackerone.com/reports/44146(Make API calls on behalf of another user (CSRF protection bypass))\n### XSS\n\nPaid Services\nhttps://findomain.app/#Pricing\n\n## Resources\n---\n\n\nParams\nConfig override using non-validated query parameter allows at least reflected XSS by injecting configuration into state \nhttps://hackerone.com/reports/1082847\n\nFuzzcon &amp; fuzzung\nhttps://twitter.com/hashtag/hacklu?src=hashtag_click\nhttps://github.com/rmusser01/Infosec_Reference/blob/master/Draft/Fuzzing.md\n\nRecoon \neiIaaefwaaa m\nk\n- https://kathan19.gitbook.io/howtohunt/sensitive-info-leaks/shodan_cve_dorks\n\n[PrettyRecon](https://prettyrecon.com/auth/signup)\n\n### Dorks\nhttps://ask.fm/tags/bounty\n\n### Lists\nhttps://github.com/payloadbox/xss-payload-list\n\nProtips and Trips\nMost of the sites use AWS nowadays...\n  AWS localhost is 169.254.169.2qqqd eede                                   4bs.com/2017/02/wallpaper-penetration-testing-and-exploit-dev-cheatsheet/\n\nhttps://githubhelp.com/topic/bugbountytips\n\n\nGithubs\nhttps://github.com/kleiton0x00?tab=stars\nhttps://github.com/fuzz-security\n\n---\n\n  - [Book of secret knowledge](https://github.com/ruevaughn/the-book-of-secret-knowledge)\n  - [Disclose/diodb](https://github.com/disclose/diodb)\n  -\n\n### Streams\n[Nehamsec Twitch](https://www.twitch.tv/nahamsec)\n\n### Twitter Tweetin'\nhttps://twitter.com/0xMstar/status/1464658472981565444{{\nhttps://twitter.com/0xJin/status/1470748925963513863\n\npodcasts\nhttps://open.spotify.com/episode/2VaH6DgbghMEiaimqdxq4Q\n### Data\n---\nBugcrowd Subdomain Enumeration https://www.youtube.com/watch?v=La3iWKRX-tE\n\n\nCVE-2019-11510 Detail \n/dana-na\n\n## CVE/CVD\n---\n\nCVE [2020-3452](https://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter)xx\n\n- https://vuls.cert.org/confluence/display/CVD/Executive+Summary\n- https://vuls.cert.org/confluence/display/CVD/Sightings\n\n\n\n\n\nhttps://github.com/detectify/cs-challenge\nhttps://github.com/r3curs1v3-pr0xy\n\nhttps://notsosecure.com/resources\nhttps://reconshell.com/bug-bounty-tips/\n\nhttps://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Subdomains%20Enumeration.md\n[Insecure Deserialization Part 1](https://www.youtube.com/watch?v=SNi7gNkfLSM)\n[Insecure Deserialization part 3](https://www.youtube.com/watch?v=icAKHE-iKOs)\n\nhttps://secoceans.com/blog-2/\nhttps://portswigger.net/research\nhttps://portswigger.net/blog\nhttps://portswigger.net/news\nhttps://portswigger.net/daily-swig\n\n\ncourses\nhttps://www.udemy.com/course/penetration-testing-bug-bounty-hunting-level-2-hacktify/\n\n\n\n\nhttps://spongebhav.medium.com/facebook-group-members-disclosure-e53eb83df39e\nhttps://github.com/six2dez/talks/blob/main/Gotta_ENG.pdf\n\n\n\npackets\nhttps://www.kitploit.com/2018/08/polymorph-real-time-network-packet.html\n\n\nAutomation\nhttps://gowthams.gitbook.io/bughunter-handbook/automation\n[Automated subdomain scanning with Findomain, PostgreSQL and Webhooks](https://medium.com/heck-the-packet/automated-subdomain-scanning-with-findomain-postgresql-and-webhooks-3e74ce9b5372)\n\n\n\nhttps://pentestbook.six2dez.com/\nhttps://github.com/m4ll0k\nhttps://github.com/six2dez\nhttps://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter\nhttps://github.com/shifa123\n\nWriteups\n\n\n## BugBounty Programs\n---\n\nhttps://greedybucks.medium.com/bug-bounty-programs-beginners-should-try-fe51cebe52a5\nhttps://opensourcelibs.com/lib/google-acquisitions\nhttps://opensourcelibs.com/libs/bugbounty\nList of .gov\nhttps://github.com/cisagov/dotgov-data\n[FireBounty](https://firebounty.com) The Ultimate Vulnerability Disclosure Program. FireBounty, aggregate your bounty.\n[Disclose.io](https://disclose.io/programs/) We're here to make vulnerability disclosure safe, simple, and standardized for everyone.\n[Security Ninja txt valuess list](https://crawler.ninja/files/security-txt-values.txt)\n[Security Ninja Files List](https://crawler.ninja/files/)\n\nhttps://allabouttesting.org/\n\n\nCheatSheets\nhttps://github.com/six2dez/bitup2021_subdominions/blob/main/Cheatsheet.md\n\n### Z\n\nZap\nhttps://github.com/sepehrdaddev/zap-scripts/fork\nhttps://www.zaproxy.org/authors/thorin/\nhttps://github.com/zaproxy/zap-extensions\n\n\n\nFrameworks\nhttps://core.intrigue.io/\nReconness\nPwnmachine\naxiom\nhttps://www.mandiant.com/\nhttps://trickest.com/\n\n(https://github.com/Findomain/Findomain/releases)\n*   [Configuing Findomain](https://www.youtube.com/watch?v=Wpm2C1LD9ns)\n*   https://github.com/findomain/findomain/blob/master/README.md#subdomains-monitoring\n\nAutomated Scanners\n\n* [Zeus-Scanner](https://github.com/Ekultek/Zeus-Scanner)\n* [Dalfox](https://github.com/hahwul/dalfox)\n* [XSSTrike](https://github.com/s0md3v/XSStrike)\n* [SSTI-xssfinder](https://awesomeopensource.com/project/darklotuskdb/SSTI-XSS-Finder?categoryPage=47)\n\n\n\nhttps://github.com/darklotuskdb/SSTI-XSS-Finder\n  * [Learn with @DarkLotusKDB: Recon with Shodan &amp; Spyse,XSS, Bypass Op enRed irects, SSRF, BugBunty Bot!!!](https://www.youtube.com/watch?v=66HqaFCF4Kk)\n  * https://twitter.com/0xJin/status/1470748925963513863\n  * https://twitter.com/0xJin/status/1470748925963513863/photo/1\n\n\n## Owasp Top 10\n---\n\n### Clickjacking\nhttps://hackerone.com/reports/8724\n\n### CSRF\n    * https://hackerone.com/reports/44146\n   - 7-19-16 \n     * [CSRF attack on paypal.me](https://www.youtube.com/watch?v=RjS47ojRQXk&amp;t=5s)\n     * https://hethical.io/paypal-bug-bounty-updating-the-paypal-me-profile-picture-without-consent-csrf-attack/\n   - 01-18-15 https://hackerone.com/reports/44146(Make API calls on behalf of another user (CSRF protection bypass))\n### XSS\n\nPaid Services\nhttps://findomain.app/#Pricing\n\n## Resources\n---\n[Automated subdomain scanning with Findomain, PostgreSQL and Webhooks](https://medium.com/heck-the-packet/automated-subdomain-scanning-with-findomain-postgresql-and-webhooks-3e74ce9b5372)\n How to view someones IP address and connection speed! https://www.youtube.com/watch?v=SXmv8quf_xM\nRecoon \neiIaaefwaaa m\nk\n- https://kathan19.gitbook.io/howtohunt/sensitive-info-leaks/shodan_cve_dorks\n\n[PrettyRecon](https://prettyrecon.com/auth/signup)\n\n### Dorks\nhttps://ask.fm/tags/bounty\n\n### Lists\nhttps://github.com/payloadbox/xss-payload-list\n\n### Githubs\n---\n\n  - [Book of secret knowledge](https://github.com/ruevaughn/the-book-of-secret-knowledge)\n  - [Disclose/diodb](https://github.com/disclose/diodb)\n  -\n\nActive Directory\nPenttesting Active Directory https://www.xmind.net/m/5dypm8/a\nhttps://adsecurity.org/\n\n### Streams\n[Nehamsec Twitch](https://www.twitch.tv/nahamsec)\nLive Bug Bounty Hunting Speedbiker https://www.youtube.com/watch?v=9W94AKLc5g8\nWatch Live [Current] https://www.youtube.com/c/Ch1R0n1n\n### Twitter Tweetin'\nhttps://twitter.com/samwcyo/status/1529888063576584202\nhttps://twitter.com/sshell_\nhttps://mobile.twitter.com/TechnoTimLive Devops tweets\nhttps://mobile.twitter.com/drunkrhin0/status/1344130729320435712\nhttps://twitter.com/0xMstar/status/1464658472981565444{{\nhttps://twitter.com/0xJin/status/1470748925963513863\n\npodcasts\nhttps://open.spotify.com/episode/2VaH6DgbghMEiaimqdxq4Q\n### Data\n---\n\n* [Disclose.io - program List Data](https://raw.githubusercontent.com/disclose/diodb/master/program-list.json)\n\nCVE-2019-11510 Detail \n/dana-na\n\n## CVE/CVD\n---\n\nCVE [2020-3452](https://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter)xx\n\n- https://vuls.cert.org/confluence/display/CVD/Executive+Summary\n- https://vuls.cert.org/confluence/display/CVD/Sightings\n\n\nhttps://kathan19.gitbook.io/howtohunt/subdomain-takeover/easy_methods\nhttps://opensourcelibs.com/lib/google-acquisitions\n\n\n\nReverse shells\nhttps://github.com/wwkenwong/Pentest-note\n\nhttps://github.com/tehryanx?tab=repositories\nhttps://github.com/sawzeeyy/Sanitiz3r\nhttps://buaq.net/go-249.html\n\n\n\n s\n\n(https://github.com/Findomain/Findomain/releases)\n*   [Configuing Findomain](https://www.youtube.com/watch?v=Wpm2C1LD9ns)\n*   https://github.com/findomain/findomain/blob/master/README.md#subdomains-monitoring\n\n\nhttps://github.com/D35m0nd142/LFISuite\n\nhttps://hub.docker.com/u/secsi\ntips\n\n\n\n\nWig\nhttps://linuxsecurity.expert/tools/wig/\nxxxzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzx\u03a9xxxxxxxxxxx\u2248\u2248\nBlindElephant\nhttps://linuxsecurity.expert/tools/blindelephant/alternatives/\n\n\nhttps://ronak-9889.medium.com/denial-of-service-using-cookie-bombing-55c2d0ef808c\n\nIOT\n                https://www.youtube.com/watch?v=AKoyZLibIeo  ", "creation_timestamp": "2026-07-10T00:21:33.489393Z"}]}