BBRE Premium
  • Case Studies
  • Archive by issues
  • Courses
  • Archive by category
  • Account
Select Page

JSluice: Extract URLs, paths, secrets and more from JS files

#59, Tools

You are unauthorized to view this page.

Whose Input Is It Anyways? by Rael Sasiak-Rushby

#59, Non-technical

You are unauthorized to view this page.

Exploiting HTTP Parsers Inconsistencies

#59, Server-side hacking techniques

You are unauthorized to view this page.

Applying a growth mindset in bug bounty

#58, Non-technical

You are unauthorized to view this page.

An interesting behaviour of nonce-based CSPs

#58, Writeups

You are unauthorized to view this page.
« Older Entries
Next Entries »

categories

  • AI
  • Articles by Issue
  • Bug Bounty
  • Burp
  • Case Studies
  • Challenges
  • Cheat sheets
  • Client-side hacking techniques
  • Cloud
  • Hacking Techniques
  • Labs
  • Mobile
  • Non-technical
  • Recon
  • Server-side hacking techniques
  • Source code
  • Tools
  • Web3
  • Writeups

tags

.net (3) 2fa (1) account-takeover (23) api (2) aws (5) cache-poisoning (9) cicd (2) cloud (2) codeql (8) cors (3) crypto (2) csrf (8) ctf (6) cve (3) debugging (4) dependency-confusion (1) deserialisation (2) dns (2) free (379) ghactions (4) graphql (7) idor (2) java (8) js (21) json (2) learning (2) mongodb (1) nuclei (1) path-traversal (4) postmessage (2) premium (162) proto-pollution (6) python (4) qa (1) rails (2) rce (18) regex (3) request-smuggling (8) rpc (1) ruby (5) salesforce (2) secrets (5) semgrep (3) session (1) sqli (6) ssrf (21) ssti (1) talks (6) terminal (4) unicode (2) urls (5) vscode (2) waf (4) web3 (7) websockets (3) wordpress (4) xml (3) xss (39)

Categories

  • Facebook
  • X
© Bug Bounty Reports Explained Grzegorz Niedziela 2022. Company registration number: PL6751745962