Technology cybersecurity Information Security Web Security Bug Bounty Programs
Abhishek Meena
Abhishek Meena

@Aacle_

7 Tweets 29 reads Feb 04, 2023
Twitter
✨Bug Bounty Pro Tip:
➡Escalate everything you find!
#bugbounty #Infosec #hacking
• Don’t report SSRF, Escalate to RCE.
• Don’t report Self-XSS, Chain it with Clickjacking.
• Don’t report Self-Stored XSS, Chain it with CSRF.
More🧵(1/n) : 👇
✨Bug Bounty Pro Tip: ➡Escalate everything you find! #bugbounty #Infosec #hacking • Don’t report SS...
• Don’t report Information Disclosure, try to use it (Privileges Escalation).
• Don’t report Open Redirect, Escalate it to ATO
➡List of Some Attacks Topics that You Should do some research and read the Blogs/reports on them.👇
More🧵:👇
- SQL Injection Attack
- Hibernate Query Language Injection
- Direct OS Code Injection
- XML Entity Injection
- Broken Authentication and Session Management
- Cross-Site Scripting (XSS)
- Insecure Direct Object References
- Missing Function Level Access Control
- Cross-Site Request Forgery (CSRF)
- Using Components with Known Vulnerabilities
- Unvalidated Redirects and Forwards
- ClickJacking Attacks
- DNS Cache Poisoning
- Symlinking
- Remote Code Execution Attacks
- Remote File inclusion
- Local file inclusion
- Denial oF Service Attack
- PHPwn
- NAT Pinning
- XSHM
- HTTP Parameter Pollution
- Tabnabbing
- LDAP injection
- Log Injection
- Path Traversal
- Reflected DOM Injection
- Repudiation Attack
- Resource Injection
- Server-Side Includes (SSI) Injection
- Session fixation
- Session hijacking attack
- Session Prediction
- Setting Manipulation
- Special Element Injection
- SMTP injection
- Traffic flood
- XPATH Injection
Thank You For Reading This Thread 🧵on Bug Bounty Pro Tips #bugbounty #infosec
🌟✨Hope you Like it 😃
If you want:✨
You can join My Bugbounty Tips Group :
t.me
Bug bounty Tips | Infosec Community Resources
t.me/bugbountyresou…

Bug bounty Tips | Infosec Community Resources

Bugbounty Resources • Tips • Security Zines • Writeups • Vulnerability Update • Notes • Mindmaps • C...

Categories

Technology cybersecurity Information Security Web Security Bug Bounty Programs

Some tweets missing

Loading suggestions...