5 Burp Suite Tips & Tricks
If you're using Burp Suite, you have to know these 5 Tips and Tricks for the best usage when bug bounty hunting or penetration testing.
Simple Bug Bounty Methodology
Defining your bug bounty methodology is important to ensure you have a defined way to tackle each bug bounty program. In this blog, we detail our simple testing methodology to get you from start to money.
cPanel CVE-2023-29489
CVE-2023-29489 is a security vulnerability in cPanel that can allow an attacker to execute arbitrary code and effect users of the application via XSS. To protect against this, it is important to keep software up to date and use additional security measures where possible.
Testing for SSL/TLS flaws
Ciphers can be weak because they use various components that have known flaws. In this blog we show how to determine if a protocol or cipher is weak.
Bypassing CAPTCHAs
In this article, we're going to use 'buster', a tool in the Google Chrome and Firefox add-on stores that will easily bypass CAPTCHA services.
Bug Bounty Phase 4 - Reporting
In this short blog, we provide you the resources to review to ensure you write a thorough and well presented bug bounty report.
Bug Bounty Phase 3 - Vulnerability Assessment
In this short blog, we discuss the tools and continuous learning required to keep finding vulnerabilities for your bug bounty journey.
Bug Bounty Phase 2 - Recon
In this short blog we discuss Bug Bounty Recon to find assets which may be vulnerable to our exploits.
Bug Bounty Phase 0 - Practice and Research
Practice makes perfect, as they say. In this short blog, we discuss the resources and continual learning to help stay relevant in bug bounty hunting and penetration testing.
Windows Zero-Day (CVE-2023-28252)
CVE-2023-28252 is a security vulnerability that can allow an attacker to execute arbitrary code on a system running the affected software. To protect against this vulnerability and other similar ones, it is important to keep software up to date and use additional security measures where possible.
Bug Bounty Phase 1 - Platforms
You may wonder where to begin when searching for bug bounty programs. This short blog aims to help you narrow down your search for the best platforms and programs to get you finding those elusive bugs.