Skip to content

Challenge to keep focus on Hacking & Learning For the Next 100days

Notifications You must be signed in to change notification settings

Xplo8E/Bugbounty100

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
 
 
 
 
 
 

Repository files navigation

Bugbounty100

Challenge to keep focus on Hacking & Learning For the Next 100days

Day 1

Reading :

https://hackerone.com/reports/1501611 https://hackerone.com/reports/1403176 https://ahmadaabdulla.medium.com/vulnerabilitymultiple-vulnerability-leading-to-account-takeover-in-tiktok-smb-subdomain-c99e4a50b377 https://akashhamal0x01.medium.com/watch-out-the-links-account-takeover-32b9315390a7 https://jjowi.medium.com/broken-authentication-login-with-google-b170fbb4b6d0 https://hackerone.com/reports/1074047 https://hackerone.com/reports/1323406 https://medium.com/@hacxyk/how-we-spoofed-ens-domains-52acea2079f6

Day 2

Hunting :

Reported information disclosure to sony

Hunted 2 Hours today

Reading :

https://hackerone.com/reports/1518343 https://hackerone.com/reports/1059758 https://hackerone.com/reports/962604 https://hackerone.com/reports/1080437

Video :

https://youtube.com/playlist?list=PLO5VPQH6OWdXKPThrch6U0imGdD3pHLXi

Day 3

Reading:

https://hackerone.com/reports/1370749 https://hackerone.com/reports/1084904 https://hackerone.com/reports/1466855 https://hackerone.com/reports/1084638

Video :

https://youtube.com/playlist?list=PLO5VPQH6OWdXKPThrch6U0imGdD3pHLXi

Day 4 & Day 5

Reading:

https://hackerone.com/reports/1237700 https://hackerone.com/reports/921780 https://hackerone.com/reports/915813 https://hackerone.com/reports/825646 https://hackerone.com/reports/810880 https://hackerone.com/reports/704266 https://hackerone.com/reports/920005 https://hackerone.com/reports/751870 https://hackerone.com/reports/882546 https://hackerone.com/reports/485748 https://hackerone.com/reports/422043 https://hackerone.com/reports/380103 https://hackerone.com/reports/473950 https://hackerone.com/reports/1504410 https://hackerone.com/reports/603764 https://hackerone.com/reports/1037714 https://hackerone.com/reports/1410459

Day 6 :

Reading :

https://medium.com/pinoywhitehat/bypass-hackerone-2fa-requirement-and-reporter-blacklist-46d7959f1ee5 https://infosecwriteups.com/authentication-bypass-using-root-array-4a179242b9f7

Graphql : https://securitycafe.ro/2021/10/01/practical-graphql-attack-vectors/

Day 7 :

Reading :

https://passkwall.medium.com/mindset-for-hacking-graphql-applications-5e72b7ba6b71 https://alsmola.medium.com/login-csrf-is-low-risk-and-high-risk-df91de8988bc https://ms-official5878.medium.com/account-takeover-using-forgot-password-functionality-c53a58566d8e

Day 8 :

Reading :

Graphql : https://infosecwriteups.com/graphql-idor-leads-to-information-disclosure-175eb560170d https://labs.detectify.com/2018/03/14/graphql-abuse/

Day 9 :

Reading :

https://medium.com/bugbountywriteup/whatsapp-bug-bounty-bypassing-biometric-authentication-using-voip-87548ef7a0ba https://medium.com/@itsdeepceh/a-business-logic-error-bug-worth-600-a0050720bfee https://mokhansec.medium.com/idor-via-websockets-allow-me-to-takeover-any-users-account-23460dacdeab?source=post_page-----808f0bdd8ac7----0---------------------------- https://mokhansec.medium.com/full-account-takeover-worth-1000-think-out-of-the-box-808f0bdd8ac7

Day 10, 11

Focussed Mainly on NahamCon2022 CTF and Got 170th Place

Day 12 - 01-05-2022

Took Rest and Watching Movies

Thinking about doing NahamCon2022 CTF Write-up

Day 13 & 14:

Doing HTB Web Challenges

Reading : https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html https://book.hacktricks.xyz/pentesting-web/ssti-server-side-template-injection

About

Challenge to keep focus on Hacking & Learning For the Next 100days

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages