├── BlockchainSecurity ├── README.md └── weeks │ ├── week001.md │ ├── week002-5.md │ ├── week006-9.md │ ├── week010-13.md │ ├── week014.md │ ├── week015.md │ ├── week016.md │ ├── week017.md │ ├── week018-19.md │ └── week020-21.md ├── CyberSecurity └── Web │ ├── 100BugBountySecrets │ ├── README.md │ ├── files │ │ ├── secret04-1.txt │ │ ├── secret04-2.txt │ │ └── secret04-3.txt │ ├── images │ │ ├── secret03-1.png │ │ ├── secret03-2.png │ │ ├── secret03-3.png │ │ ├── secret03-4.png │ │ ├── secret03-5.png │ │ ├── secret03-6.png │ │ ├── secret06-1.png │ │ ├── secret08-1.png │ │ ├── secret08-2.png │ │ ├── secret08-3.png │ │ ├── secret09-1.png │ │ ├── secret09-2.png │ │ ├── secret09-3.gif │ │ ├── secret10-1.png │ │ ├── secret10-2.png │ │ ├── secret10-3.png │ │ ├── secret10-4.png │ │ ├── secret10-5.png │ │ ├── secret10-6.png │ │ ├── secret10-7.png │ │ └── secret10-8.png │ └── secrets │ │ ├── secret01.md │ │ ├── secret02.md │ │ ├── secret03.md │ │ ├── secret04.md │ │ ├── secret05.md │ │ ├── secret06.md │ │ ├── secret07.md │ │ ├── secret08.md │ │ ├── secret09.md │ │ ├── secret10.md │ │ ├── secret11.md │ │ ├── secret12.md │ │ ├── secret13.md │ │ └── secret14.md │ ├── BountyStory │ ├── 403Bypass │ │ └── 20230510 - Bypassing 403s like a PRO!.md │ ├── Authentication │ │ ├── AuthenticationSchemaBypass │ │ │ ├── 20220824 - From Recon to Getting P1 on TESLA.md │ │ │ └── 20220830 - How I Account Takeover via XSS.md │ │ ├── RegistrationProcess │ │ │ └── 20220519 - Email Verification Bypass worth $5,000.md │ │ └── ResetPassword │ │ │ └── 20220824 - Account Takeover Via Reset Password Worth 2000$.md │ ├── BrokenAccessControl │ │ ├── 20230505 - Delete anyone's content remotely worth 15,000.md │ │ ├── 20230512 - Deleting Website Content Without Admin Access.md │ │ ├── 20230605 - IDOR leading to Privilege Escalation.md │ │ ├── 20230609 - Uncovering an IDOR Vulnerability in a Major Online Store.md │ │ └── 20230623 - IDOR a Highest Bounty.md │ ├── BusinessLogicFlaw │ │ └── 20220627 - Business Logic Bug Worth 600.md │ ├── CRLF │ │ └── 20230324 - 6000 with Microsoft Hall of Fame.md │ ├── CacheDeception │ │ └── 20230412 - Account takeover in ChatGPT.md │ ├── DependencyConfusion │ │ └── 20220517 - RCE via Dependecy Confusion.md │ ├── InformationLeakage │ │ ├── 20220511-Hack Admin Panel by JS.md │ │ ├── 20230508 - From Django Debug Mode to PII Data Leak of 500 Employees.md │ │ ├── 20230524 - Unauthorized access via leaked credentials.md │ │ ├── 20230616 - How Recon Leads to RCE and Many More Vulnerabilities.md │ │ └── 20230626 - How I escalated default credentials to RCE.md │ ├── InputValidation │ │ └── SSRF │ │ │ └── 20220901 - How I found SSRF on Bugcrowd Public program in 5 min.md │ ├── Miscellaneous │ │ └── RCE │ │ │ └── 20220831 - Path traversal to RCE worth $12000 on GitLab.md │ ├── RaceCondition │ │ └── 20230417 - Hacking the Like Functionality of Twitter.md │ ├── RateLimistBypass │ │ └── 20230413 - How I can Account Take Over any Account.md │ ├── RemoteCodeExecution │ │ ├── 20230314 - $10.000 bounty for exposed .git to RCE.md │ │ ├── 20230317 - Remote Command Execution in a Bank Server.md │ │ └── 20230320 - The Tale of a Command Injection by Changing the Logo.md │ ├── RequestSmuggling │ │ └── 20220620 - Mass Account Takeovers using HTTP Request Smuggling.md │ ├── SSRF │ │ └── 20230619 - My First Case of SSRF Using Dirsearch.md │ ├── XSS │ │ ├── 20230316 - How reading robots.txt file got me 4 XSS reports.md │ │ ├── 20230501 - RichText parser vulnerability allows XSS.md │ │ ├── 20230526 - How I found +100 XSS on Private Program.md │ │ ├── 20230602 - Accessing Admin Page via Blind XSS.md │ │ └── 20230612 - Found +6 DomXSS at different programs.md │ ├── XXE │ │ └── 20230315 - Exploiting Out-of-Band XXE in the Wild from P4 to P1.md │ └── images │ │ ├── 20220511-1.png │ │ ├── 20220511-2.png │ │ ├── 20220511-3.jpg │ │ ├── 20220511-4.png │ │ ├── 20220511-5.png │ │ ├── 20220511-6.png │ │ ├── 20220517-1.png │ │ ├── 20220517-2.png │ │ ├── 20220517-3.png │ │ ├── 20220517-4.png │ │ ├── 20220517-5.png │ │ ├── 20220620-1.png │ │ ├── 20220620-2.png │ │ ├── 20220620-3.png │ │ ├── 20220620-4.png │ │ ├── 20220620-5.png │ │ ├── 20220620-6.png │ │ ├── 20220824-1.png │ │ ├── 20220824-2.jpeg │ │ ├── 20220824-3.png │ │ ├── 20220824-4.png │ │ ├── 20220824-5.png │ │ ├── 20220824-6.png │ │ ├── 20220824-7.png │ │ ├── 20220824-8.png │ │ ├── 20220830-1.png │ │ ├── 20220830-2.png │ │ ├── 20220830-3.png │ │ ├── 20220831-1.png │ │ ├── 20220901-1.png │ │ ├── 20220901-2.jpeg │ │ ├── 20220901-3.jpeg │ │ ├── 20230314-1.png │ │ ├── 20230314-2.png │ │ ├── 20230314-3.png │ │ ├── 20230315-1.png │ │ ├── 20230315-2.png │ │ ├── 20230315-3.png │ │ ├── 20230315-4.png │ │ ├── 20230315-5.png │ │ ├── 20230315-6.png │ │ ├── 20230317-1.png │ │ ├── 20230317-2.png │ │ ├── 20230317-3.png │ │ ├── 20230317-4.png │ │ ├── 20230317-5.png │ │ ├── 20230317-6.png │ │ ├── 20230324-1.png │ │ ├── 20230324-2.png │ │ └── test │ ├── BugBountyTips │ ├── HowStart │ │ ├── 2022081 - How to get into Bug Bounty.md │ │ ├── 20220912 - What would I do if I start bug hunting from 0 again.md │ │ ├── 20220916 - 39 cybersecurity news resources.md │ │ └── 20230327 - 25 Cybersecurity Search Engines that Every Hacker Should Know.md │ ├── RateLimitBypass │ │ └── 20220823 - Bypassing Cloudflare Rate Limit.md │ ├── Recon │ │ ├── JS │ │ │ └── 20230628 - JS for Bug Hunters.md │ │ └── SubdomainEnumeration │ │ │ └── 20220608-Subdomain Enum Automation Script.md │ └── images │ │ └── 20220608-1.png │ ├── CVEs │ └── CVE-2022 │ │ ├── CVE-2022-1388 │ │ ├── CVE-2022-1388.py │ │ ├── CVE-2022-1388.yaml │ │ ├── README.md │ │ ├── how-work.jpg │ │ └── poc.png │ │ ├── CVE-2022-22954 │ │ ├── CVE-2022-22954-poc.png │ │ ├── CVE-2022-22954.py │ │ ├── CVE-2022-22954.yaml │ │ └── README.md │ │ ├── CVE-2022-26134 │ │ └── README.md │ │ ├── CVE-2022-30190 │ │ ├── README.md │ │ ├── cve-2022-30190.py │ │ ├── how-work.png │ │ └── poc.png │ │ └── CVE-2022-41040 │ │ ├── README.md │ │ ├── poc.jpg │ │ └── poc_aug3.py │ ├── Resources │ └── WordLists │ │ └── VendorsDefaultCredentials │ │ ├── README.md │ │ ├── cred.py │ │ └── credentials.csv │ └── WebServices │ └── Microsoft Exchange OWA │ ├── GAL │ ├── ewsManage.py │ └── exchanger.py │ ├── bruteforce │ ├── bruteforce.py │ ├── libs │ │ ├── __pycache__ │ │ │ └── logger.cpython-311.pyc │ │ └── logger.py │ ├── requirements.txt │ └── users.txt │ ├── get_exchange_version.py │ └── readme.md ├── HowTo └── LeaveItToJS │ ├── ExtractMeduimWriteups.js │ ├── PageProcessing.js │ └── ScrollDown.js └── README.md /BlockchainSecurity/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/BlockchainSecurity/README.md -------------------------------------------------------------------------------- /BlockchainSecurity/weeks/week001.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/BlockchainSecurity/weeks/week001.md -------------------------------------------------------------------------------- /BlockchainSecurity/weeks/week002-5.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/BlockchainSecurity/weeks/week002-5.md -------------------------------------------------------------------------------- /BlockchainSecurity/weeks/week006-9.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/BlockchainSecurity/weeks/week006-9.md -------------------------------------------------------------------------------- /BlockchainSecurity/weeks/week010-13.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/BlockchainSecurity/weeks/week010-13.md -------------------------------------------------------------------------------- /BlockchainSecurity/weeks/week014.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/BlockchainSecurity/weeks/week014.md -------------------------------------------------------------------------------- /BlockchainSecurity/weeks/week015.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/BlockchainSecurity/weeks/week015.md -------------------------------------------------------------------------------- /BlockchainSecurity/weeks/week016.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/BlockchainSecurity/weeks/week016.md -------------------------------------------------------------------------------- /BlockchainSecurity/weeks/week017.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/BlockchainSecurity/weeks/week017.md -------------------------------------------------------------------------------- /BlockchainSecurity/weeks/week018-19.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/BlockchainSecurity/weeks/week018-19.md -------------------------------------------------------------------------------- /BlockchainSecurity/weeks/week020-21.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/BlockchainSecurity/weeks/week020-21.md -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/README.md -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/files/secret04-1.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/files/secret04-1.txt -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/files/secret04-2.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/files/secret04-2.txt -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/files/secret04-3.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/files/secret04-3.txt -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret03-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret03-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret03-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret03-2.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret03-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret03-3.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret03-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret03-4.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret03-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret03-5.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret03-6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret03-6.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret06-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret06-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret08-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret08-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret08-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret08-2.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret08-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret08-3.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret09-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret09-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret09-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret09-2.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret09-3.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret09-3.gif -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret10-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret10-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret10-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret10-2.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret10-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret10-3.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret10-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret10-4.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret10-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret10-5.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret10-6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret10-6.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret10-7.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret10-7.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/images/secret10-8.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/images/secret10-8.png -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/secrets/secret01.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/secrets/secret01.md -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/secrets/secret02.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/secrets/secret02.md -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/secrets/secret03.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/secrets/secret03.md -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/secrets/secret04.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/secrets/secret04.md -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/secrets/secret05.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/secrets/secret05.md -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/secrets/secret06.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/secrets/secret06.md -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/secrets/secret07.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/secrets/secret07.md -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/secrets/secret08.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/secrets/secret08.md -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/secrets/secret09.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/secrets/secret09.md -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/secrets/secret10.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/secrets/secret10.md -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/secrets/secret11.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/secrets/secret11.md -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/secrets/secret12.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/secrets/secret12.md -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/secrets/secret13.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/secrets/secret13.md -------------------------------------------------------------------------------- /CyberSecurity/Web/100BugBountySecrets/secrets/secret14.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/100BugBountySecrets/secrets/secret14.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/403Bypass/20230510 - Bypassing 403s like a PRO!.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/403Bypass/20230510 - Bypassing 403s like a PRO!.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/Authentication/AuthenticationSchemaBypass/20220824 - From Recon to Getting P1 on TESLA.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/Authentication/AuthenticationSchemaBypass/20220824 - From Recon to Getting P1 on TESLA.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/Authentication/AuthenticationSchemaBypass/20220830 - How I Account Takeover via XSS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/Authentication/AuthenticationSchemaBypass/20220830 - How I Account Takeover via XSS.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/Authentication/RegistrationProcess/20220519 - Email Verification Bypass worth $5,000.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/Authentication/RegistrationProcess/20220519 - Email Verification Bypass worth $5,000.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/Authentication/ResetPassword/20220824 - Account Takeover Via Reset Password Worth 2000$.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/Authentication/ResetPassword/20220824 - Account Takeover Via Reset Password Worth 2000$.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/BrokenAccessControl/20230505 - Delete anyone's content remotely worth 15,000.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/BrokenAccessControl/20230505 - Delete anyone's content remotely worth 15,000.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/BrokenAccessControl/20230512 - Deleting Website Content Without Admin Access.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/BrokenAccessControl/20230512 - Deleting Website Content Without Admin Access.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/BrokenAccessControl/20230605 - IDOR leading to Privilege Escalation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/BrokenAccessControl/20230605 - IDOR leading to Privilege Escalation.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/BrokenAccessControl/20230609 - Uncovering an IDOR Vulnerability in a Major Online Store.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/BrokenAccessControl/20230609 - Uncovering an IDOR Vulnerability in a Major Online Store.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/BrokenAccessControl/20230623 - IDOR a Highest Bounty.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/BrokenAccessControl/20230623 - IDOR a Highest Bounty.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/BusinessLogicFlaw/20220627 - Business Logic Bug Worth 600.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/BusinessLogicFlaw/20220627 - Business Logic Bug Worth 600.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/CRLF/20230324 - 6000 with Microsoft Hall of Fame.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/CRLF/20230324 - 6000 with Microsoft Hall of Fame.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/CacheDeception/20230412 - Account takeover in ChatGPT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/CacheDeception/20230412 - Account takeover in ChatGPT.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/DependencyConfusion/20220517 - RCE via Dependecy Confusion.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/DependencyConfusion/20220517 - RCE via Dependecy Confusion.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/InformationLeakage/20220511-Hack Admin Panel by JS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/InformationLeakage/20220511-Hack Admin Panel by JS.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/InformationLeakage/20230508 - From Django Debug Mode to PII Data Leak of 500 Employees.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/InformationLeakage/20230508 - From Django Debug Mode to PII Data Leak of 500 Employees.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/InformationLeakage/20230524 - Unauthorized access via leaked credentials.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/InformationLeakage/20230524 - Unauthorized access via leaked credentials.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/InformationLeakage/20230616 - How Recon Leads to RCE and Many More Vulnerabilities.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/InformationLeakage/20230616 - How Recon Leads to RCE and Many More Vulnerabilities.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/InformationLeakage/20230626 - How I escalated default credentials to RCE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/InformationLeakage/20230626 - How I escalated default credentials to RCE.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/InputValidation/SSRF/20220901 - How I found SSRF on Bugcrowd Public program in 5 min.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/InputValidation/SSRF/20220901 - How I found SSRF on Bugcrowd Public program in 5 min.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/Miscellaneous/RCE/20220831 - Path traversal to RCE worth $12000 on GitLab.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/Miscellaneous/RCE/20220831 - Path traversal to RCE worth $12000 on GitLab.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/RaceCondition/20230417 - Hacking the Like Functionality of Twitter.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/RaceCondition/20230417 - Hacking the Like Functionality of Twitter.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/RateLimistBypass/20230413 - How I can Account Take Over any Account.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/RateLimistBypass/20230413 - How I can Account Take Over any Account.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/RemoteCodeExecution/20230314 - $10.000 bounty for exposed .git to RCE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/RemoteCodeExecution/20230314 - $10.000 bounty for exposed .git to RCE.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/RemoteCodeExecution/20230317 - Remote Command Execution in a Bank Server.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/RemoteCodeExecution/20230317 - Remote Command Execution in a Bank Server.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/RemoteCodeExecution/20230320 - The Tale of a Command Injection by Changing the Logo.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/RemoteCodeExecution/20230320 - The Tale of a Command Injection by Changing the Logo.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/RequestSmuggling/20220620 - Mass Account Takeovers using HTTP Request Smuggling.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/RequestSmuggling/20220620 - Mass Account Takeovers using HTTP Request Smuggling.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/SSRF/20230619 - My First Case of SSRF Using Dirsearch.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/SSRF/20230619 - My First Case of SSRF Using Dirsearch.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/XSS/20230316 - How reading robots.txt file got me 4 XSS reports.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/XSS/20230316 - How reading robots.txt file got me 4 XSS reports.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/XSS/20230501 - RichText parser vulnerability allows XSS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/XSS/20230501 - RichText parser vulnerability allows XSS.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/XSS/20230526 - How I found +100 XSS on Private Program.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/XSS/20230526 - How I found +100 XSS on Private Program.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/XSS/20230602 - Accessing Admin Page via Blind XSS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/XSS/20230602 - Accessing Admin Page via Blind XSS.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/XSS/20230612 - Found +6 DomXSS at different programs.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/XSS/20230612 - Found +6 DomXSS at different programs.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/XXE/20230315 - Exploiting Out-of-Band XXE in the Wild from P4 to P1.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/XXE/20230315 - Exploiting Out-of-Band XXE in the Wild from P4 to P1.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220511-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220511-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220511-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220511-2.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220511-3.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220511-3.jpg -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220511-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220511-4.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220511-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220511-5.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220511-6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220511-6.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220517-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220517-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220517-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220517-2.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220517-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220517-3.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220517-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220517-4.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220517-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220517-5.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220620-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220620-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220620-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220620-2.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220620-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220620-3.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220620-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220620-4.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220620-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220620-5.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220620-6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220620-6.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220824-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220824-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220824-2.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220824-2.jpeg -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220824-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220824-3.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220824-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220824-4.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220824-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220824-5.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220824-6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220824-6.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220824-7.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220824-7.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220824-8.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220824-8.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220830-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220830-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220830-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220830-2.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220830-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220830-3.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220831-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220831-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220901-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220901-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220901-2.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220901-2.jpeg -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20220901-3.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20220901-3.jpeg -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230314-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230314-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230314-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230314-2.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230314-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230314-3.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230315-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230315-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230315-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230315-2.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230315-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230315-3.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230315-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230315-4.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230315-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230315-5.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230315-6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230315-6.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230317-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230317-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230317-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230317-2.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230317-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230317-3.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230317-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230317-4.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230317-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230317-5.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230317-6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230317-6.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230324-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230324-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/20230324-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BountyStory/images/20230324-2.png -------------------------------------------------------------------------------- /CyberSecurity/Web/BountyStory/images/test: -------------------------------------------------------------------------------- 1 | d 2 | -------------------------------------------------------------------------------- /CyberSecurity/Web/BugBountyTips/HowStart/2022081 - How to get into Bug Bounty.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BugBountyTips/HowStart/2022081 - How to get into Bug Bounty.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BugBountyTips/HowStart/20220912 - What would I do if I start bug hunting from 0 again.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BugBountyTips/HowStart/20220912 - What would I do if I start bug hunting from 0 again.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BugBountyTips/HowStart/20220916 - 39 cybersecurity news resources.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BugBountyTips/HowStart/20220916 - 39 cybersecurity news resources.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BugBountyTips/HowStart/20230327 - 25 Cybersecurity Search Engines that Every Hacker Should Know.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BugBountyTips/HowStart/20230327 - 25 Cybersecurity Search Engines that Every Hacker Should Know.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BugBountyTips/RateLimitBypass/20220823 - Bypassing Cloudflare Rate Limit.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BugBountyTips/RateLimitBypass/20220823 - Bypassing Cloudflare Rate Limit.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BugBountyTips/Recon/JS/20230628 - JS for Bug Hunters.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BugBountyTips/Recon/JS/20230628 - JS for Bug Hunters.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BugBountyTips/Recon/SubdomainEnumeration/20220608-Subdomain Enum Automation Script.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BugBountyTips/Recon/SubdomainEnumeration/20220608-Subdomain Enum Automation Script.md -------------------------------------------------------------------------------- /CyberSecurity/Web/BugBountyTips/images/20220608-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/BugBountyTips/images/20220608-1.png -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-1388/CVE-2022-1388.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-1388/CVE-2022-1388.py -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-1388/CVE-2022-1388.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-1388/CVE-2022-1388.yaml -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-1388/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-1388/README.md -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-1388/how-work.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-1388/how-work.jpg -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-1388/poc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-1388/poc.png -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-22954/CVE-2022-22954-poc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-22954/CVE-2022-22954-poc.png -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-22954/CVE-2022-22954.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-22954/CVE-2022-22954.py -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-22954/CVE-2022-22954.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-22954/CVE-2022-22954.yaml -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-22954/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-22954/README.md -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-26134/README.md: -------------------------------------------------------------------------------- 1 | # CVE-2022-26134 2 | -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-30190/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-30190/README.md -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-30190/cve-2022-30190.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-30190/cve-2022-30190.py -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-30190/how-work.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-30190/how-work.png -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-30190/poc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-30190/poc.png -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-41040/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-41040/README.md -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-41040/poc.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-41040/poc.jpg -------------------------------------------------------------------------------- /CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-41040/poc_aug3.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-41040/poc_aug3.py -------------------------------------------------------------------------------- /CyberSecurity/Web/Resources/WordLists/VendorsDefaultCredentials/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/Resources/WordLists/VendorsDefaultCredentials/README.md -------------------------------------------------------------------------------- /CyberSecurity/Web/Resources/WordLists/VendorsDefaultCredentials/cred.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/Resources/WordLists/VendorsDefaultCredentials/cred.py -------------------------------------------------------------------------------- /CyberSecurity/Web/Resources/WordLists/VendorsDefaultCredentials/credentials.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/Resources/WordLists/VendorsDefaultCredentials/credentials.csv -------------------------------------------------------------------------------- /CyberSecurity/Web/WebServices/Microsoft Exchange OWA/GAL/ewsManage.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/WebServices/Microsoft Exchange OWA/GAL/ewsManage.py -------------------------------------------------------------------------------- /CyberSecurity/Web/WebServices/Microsoft Exchange OWA/GAL/exchanger.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/WebServices/Microsoft Exchange OWA/GAL/exchanger.py -------------------------------------------------------------------------------- /CyberSecurity/Web/WebServices/Microsoft Exchange OWA/bruteforce/bruteforce.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/WebServices/Microsoft Exchange OWA/bruteforce/bruteforce.py -------------------------------------------------------------------------------- /CyberSecurity/Web/WebServices/Microsoft Exchange OWA/bruteforce/libs/__pycache__/logger.cpython-311.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/WebServices/Microsoft Exchange OWA/bruteforce/libs/__pycache__/logger.cpython-311.pyc -------------------------------------------------------------------------------- /CyberSecurity/Web/WebServices/Microsoft Exchange OWA/bruteforce/libs/logger.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/WebServices/Microsoft Exchange OWA/bruteforce/libs/logger.py -------------------------------------------------------------------------------- /CyberSecurity/Web/WebServices/Microsoft Exchange OWA/bruteforce/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/WebServices/Microsoft Exchange OWA/bruteforce/requirements.txt -------------------------------------------------------------------------------- /CyberSecurity/Web/WebServices/Microsoft Exchange OWA/bruteforce/users.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/WebServices/Microsoft Exchange OWA/bruteforce/users.txt -------------------------------------------------------------------------------- /CyberSecurity/Web/WebServices/Microsoft Exchange OWA/get_exchange_version.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/WebServices/Microsoft Exchange OWA/get_exchange_version.py -------------------------------------------------------------------------------- /CyberSecurity/Web/WebServices/Microsoft Exchange OWA/readme.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/CyberSecurity/Web/WebServices/Microsoft Exchange OWA/readme.md -------------------------------------------------------------------------------- /HowTo/LeaveItToJS/ExtractMeduimWriteups.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/HowTo/LeaveItToJS/ExtractMeduimWriteups.js -------------------------------------------------------------------------------- /HowTo/LeaveItToJS/PageProcessing.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/HowTo/LeaveItToJS/PageProcessing.js -------------------------------------------------------------------------------- /HowTo/LeaveItToJS/ScrollDown.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/HowTo/LeaveItToJS/ScrollDown.js -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NafisiAslH/KnowledgeSharing/HEAD/README.md --------------------------------------------------------------------------------