Web_Hacking/README.md

Web Hacking + Bug Bounty Tricks

These are my Bug Bounty / Pentest notes that I have gathered from various sources.

You can also contribute.

List of Vulnerabilities

• API Key Leak
• CSRF
• Cache Poisoning / Deception
• DOM Clobbering
• File Inclusion
• File Upload
• IDOR
• JWT
• NoSQLi
• Open Redirect
• Race Condition
• SQLi
• SSRF
• XSS
• XXE

Bypass Techniques

• 2FA / OTP Bypass
• 403 Bypass
• 429 Bypass
• Captcha Bypass
• CSP Bypass
• Login Bypass
• Rate Limit Bypass
• Reset Password Bypass
• WAF Detect / Bypass

Recon & OSINT Techniques

• Recon
• OSINT

Top Tools & Extensions

• Logger++ (Burp extension)
• param-miner (Burp extension)

---

All content of this repository will always be updated...