#15

Metaskills

Learning XXS, XXE, deserialization any different bug class. It's what we often think about when talking about being a better hacker. However, there's a whole bunch of non-security related skills that may yield you even better return on invested time. I call them...

CI/CD Pipeline threat matrix

As we see from Dependency Confusion or “CI Knew There Would Be Bugs Here” — Exploring Continuous Integration Services as a Bug Bounty Hunter, CI/CD security is at least as important as the security of the application itself. At my last job, I was learning about these...

HTTP/2 Request smuggling labs

Portswigger released the long-awaited WebSec academy labs about HTTP/2 request smuggling. I haven't yet done them but surely I will do. Did you try them already? If yes, let me know what was the hardest part for you. Maybe it's worth making a video about it?...

Turbo Intruder observedWords

If during the passive scan you mark learn observed words setting, you will have the observedWords wordlist available to you in the Turbo Intruder. It's a dynamic list of words that Burp sees in your target. You can access it by wordlists.observedWords....

Speed-up your dorking

Installing the binary git clone https://github.com/tomnomnom/hacks cd webpaste go build Installing the extension Chrome > 3 dots > More tools > Extensions Enable Developer Mode Click Load unpacked and mark the extension folder which is inside the webpaste...

Million from bug bounty in 4 Years

Ozgur Alp lately passed $1 mln earned from bounties. That's a huge achievement. Thankfully for us, he decided to write a blogpost with a few tips about how to follow in his footsteps. I do encourage you to read the whole article but here are my most important...