# Web Hacking + Bug Bounty Tricks
![5829442](https://github.com/Mehdi0x90/Web_Hacking/assets/17106836/5ffcc3e2-3cc0-4327-b5f9-00c58f524c6b)

These are my **Bug Bounty / Pentest** notes that I have gathered from various sources. 

You can also contribute.

[![Twitter URL](https://img.shields.io/twitter/follow/mehdi0x90)](https://twitter.com/mehdi0x90)


## Golden Tips
* [Writeups](https://github.com/Mehdi0x90/Web_Hacking/blob/main/writeups.md)


## Recon & OSINT Techniques
* [Recon](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Recon.md)
* [OSINT](https://github.com/Mehdi0x90/Web_Hacking/blob/main/OSINT.md)


## List of Vulnerabilities
* [API Key Leak](https://github.com/Mehdi0x90/Web_Hacking/blob/main/API%20Key%20Leak.md)
* [CORS](https://github.com/Mehdi0x90/Web_Hacking/blob/main/CORS%20-%20Misconfigurations%20%26%20Bypass.md)
* [CRLF Injection](https://github.com/Mehdi0x90/Web_Hacking/blob/main/CRLF.md)
* [CSRF](https://github.com/Mehdi0x90/Web_Hacking/blob/main/CSRF.md)
* [Cache Poisoning / Deception](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Cache%20Deception.md)
* [Command Injection](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Command%20Injection.md)
* [DOM Clobbering](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Dom%20Clobbering.md)
* [File Inclusion](https://github.com/Mehdi0x90/Web_Hacking/blob/main/File%20Inclusion.md)
* [File Upload](https://github.com/Mehdi0x90/Web_Hacking/blob/main/File%20Upload.md)
* [GraphQL](https://github.com/Mehdi0x90/Web_Hacking/blob/main/GraphQL.md)
* [Host Header Injection](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Host%20Header%20Injection.md)
* [IDOR](https://github.com/Mehdi0x90/Web_Hacking/blob/main/IDOR.md)
* [JWT](https://github.com/Mehdi0x90/Web_Hacking/blob/main/JWT.md)
* [NoSQLi](https://github.com/Mehdi0x90/Web_Hacking/blob/main/NoSQL%20Injection.md)
* [Open Redirect](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Open%20Redirect.md)
* [Race Condition](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Race%20Condition.md)
* [Reverse Tab Nabbing](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Reverse%20Tab%20Nabbing.md)
* [SQLi](https://github.com/Mehdi0x90/Web_Hacking/blob/main/SQL%20Injection.md)
* [SSRF](https://github.com/Mehdi0x90/Web_Hacking/blob/main/SSRF.md)
* [XSS](https://github.com/Mehdi0x90/Web_Hacking/blob/main/XSS.md)
* [XXE](https://github.com/Mehdi0x90/Web_Hacking/blob/main/XXE.md)


## Bypass Techniques
* [General Evasive Techniques](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Evasive%20Techniques.md)
* [2FA / OTP Bypass](https://github.com/Mehdi0x90/Web_Hacking/blob/main/2FA_OTP_Bypass.md)
* [403 Bypass](https://github.com/Mehdi0x90/Web_Hacking/blob/main/403%20Bypass.md)
* [429 Bypass](https://github.com/Mehdi0x90/Web_Hacking/blob/main/429%20Bypass.md)
* [Captcha Bypass](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Captcha%20Bypass.md)
* [CSP Bypass](https://github.com/Mehdi0x90/Web_Hacking/blob/main/CSP%20Bypass.md)
* [Email Verification Bypass](https://github.com/Mehdi0x90/Web_Hacking/blob/main/email%20verification%20bypass.md)
* [Login Bypass](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Login%20Bypass.md)
* [Rate Limit Bypass](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Rate%20Limit%20Bypass.md)
* [Reset Password Bypass](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Reset%20Password%20Bypass.md)
* [WAF Detect / Bypass](https://github.com/Mehdi0x90/Web_Hacking/blob/main/WAF%20Bypass.md)


## Cloud / Docker
* [General](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Cloud-General.md)
* [Info Gathering](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Cloud%20-%20Info%20Gathering.md)
* [AWS](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Cloud%20-%20AWS.md)
* [Azure](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Cloud%20-%20Azure.md)
* [GCP](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Cloud%20-%20GCP.md)
* [CDN - Domain Fronting](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Cloud%20-%20CDN%20-%20Domain%20Fronting.md)
* [Docker & Kubernetes](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Cloud%20-%20Docker%20%26%20Kubernetes.md)
* [Container Attacks](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Container%20Attacks.md)


## Top Tools & Extensions
* [inql](https://github.com/doyensec/inql) - Burp extension for advanced GraphQL testing
* [Logger++](https://github.com/Mehdi0x90/Web_Hacking/blob/main/LoggerPlusPlus.md) - Burp extension, a multithreaded logging extension for Burp Suit
* [param-miner](https://github.com/PortSwigger/param-miner) - Burp extension, identifies hidden, unlinked parameters
* [Oralyzer](https://github.com/r0075h3ll/Oralyzer) - a simple python script that probes for Open Redirection vulnerability in a website
* [SQLiPy Sqlmap Integration](https://portswigger.net/bappstore/f154175126a04bfe8edc6056f340f52e) - SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API
* [ParamSpider](https://github.com/0xKayala/ParamSpider) - Parameter miner for humans
* [gf](https://github.com/tomnomnom/gf) - A wrapper around grep to avoid typing common patterns


## Mindmaps for Bug Hunters
* [XXE](mindmaps-pdf/XXE.pdf)
* [SSRF](mindmaps-pdf/SSRF.pdf)
* [CORS](mindmaps-pdf/CORS.pdf)
* [Prototype Pollution](mindmaps-pdf/Prototype%20Pollution.pdf)

## Red Team Attacks
* [Insecure Interfaces and APIs - For Cloud](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Insecure%20Interfaces%20and%20APIs.md)
* [Privilege escalation EC2](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Privilege%20escalation%20EC2.md)
* [SMTP](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Red%20Team%20-%20SMTP.md)

## Secure Coding
* [2FA](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Secure%20Coding%20-%202FA.md)
* [Password Reset](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Secure%20Coding%20-%20Password%20Reset.md)
* [Session Fixation](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Secure%20Coding%20-%20Session%20Fixation.md)
* [Broken Object Level Authorization](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Secure%20Coding%20-%20Broken%20Object%20Level%20Authorization.md)
* [Broken Authentication](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Secure%20Coding%20-%20Broken%20Authentication.md)
* [Broken Object Property Level Authorization](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Secure%20Coding%20-%20Broken%20Object%20Property%20Level%20Authorization.md)
* [Unrestricted Resource Consumption](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Secure%20Coding%20-%20Unrestricted%20Resource%20Consumption.md)
* [Broken Function Level Authorization](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Secure%20Coding%20-%20Broken%20Function%20Level%20Authorization.md)
* [Unrestricted Access to Sensitive Business Flows](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Secure%20Coding%20-%20Unrestricted%20Access%20to%20Sensitive%20Business%20Flows.md)
* [Server Side Request Forgery](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Secure%20Coding%20-%20Server%20Side%20Request%20Forgery.md)
* [Security Misconfiguration](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Secure%20Coding%20-%20Security%20Misconfiguration.md)
* [Improper Inventory Management](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Secure%20Coding%20-%20Improper%20Inventory%20Management.md)
* [Unsafe Consumption of APIs](https://github.com/Mehdi0x90/Web_Hacking/blob/main/Secure%20Coding%20-%20Unsafe%20Consumption%20of%20APIs.md)

-----
*All content of this repository will always be updated...*