├── days
├── day151.md
├── day102.md
├── day103.md
├── day154.md
├── day131.md
├── day30.md
├── day5.md
├── day95.md
├── day99.md
├── day110.md
├── day23.md
├── day47.md
├── day94.md
├── day101.md
├── day22.md
├── day77.md
├── day82.md
├── day119.md
├── day42.md
├── day57.md
├── day78.md
├── day106.md
├── day12.md
├── day15.md
├── day27.md
├── day79.md
├── day80.md
├── day83.md
├── day85.md
├── day108.md
├── day25.md
├── day29.md
├── day4.md
├── day6.md
├── day127.md
├── day21.md
├── day40.md
├── day70.md
├── day86.md
├── day87.md
├── day92.md
├── day117.md
├── day44.md
├── day59.md
├── day123.md
├── day126.md
├── day62.md
├── day91.md
├── day93.md
├── day130.md
├── day14.md
├── day145.md
├── day52.md
├── day71.md
├── day153.md
├── day38.md
├── day39.md
├── day63.md
├── day137.md
├── day19.md
├── day50.md
├── day141.md
├── day65.md
├── day66.md
├── day115.md
├── day124.md
├── day133.md
├── day135.md
├── day18.md
├── day35.md
├── day37.md
├── day43.md
├── day64.md
├── day84.md
├── day96.md
├── day138.md
├── day72.md
├── day73.md
├── day9.md
├── day104.md
├── day114.md
├── day152.md
├── day46.md
├── day7.md
├── day98.md
├── day118.md
├── day132.md
├── day17.md
├── day56.md
├── day107.md
├── day148.md
├── day69.md
├── day121.md
├── day45.md
├── day53.md
├── day125.md
├── day139.md
├── day147.md
├── day67.md
├── day120.md
├── day142.md
├── day150.md
├── day136.md
├── day146.md
├── day111.md
├── day112.md
├── day113.md
├── day116.md
├── day149.md
├── day54.md
├── day134.md
├── day55.md
├── day75.md
├── day144.md
├── day81.md
├── day122.md
├── day143.md
├── day16.md
├── day36.md
├── day140.md
├── day74.md
├── day8.md
├── day100.md
├── day20.md
├── day26.md
├── day28.md
├── day34.md
├── day76.md
├── day13.md
├── day24.md
├── day109.md
├── day41.md
├── day32.md
├── day10.md
├── day129.md
├── day31.md
├── day68.md
├── day2.md
├── day3.md
├── day105.md
├── day61.md
├── day58.md
├── day51.md
├── day1.md
├── day33.md
├── day11.md
├── day128.md
├── day49.md
├── day48.md
├── day60.md
└── day97.md
├── suggestions.md
└── README.md
/days/day151.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * Solved Lame Box - HTB
10 |
--------------------------------------------------------------------------------
/days/day102.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Hacking APIs - Book](https://nostarch.com/hacking-apis)
10 |
--------------------------------------------------------------------------------
/days/day103.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Hacking APIs - Book](https://nostarch.com/hacking-apis)
10 |
--------------------------------------------------------------------------------
/days/day154.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Solved Lame Box - HTB](https://app.hackthebox.com/machines/Beep)
10 |
--------------------------------------------------------------------------------
/days/day131.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Demystifying Frida - Video](https://www.youtube.com/watch?v=kd05JjCqViY)
10 |
--------------------------------------------------------------------------------
/days/day30.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Pentesting API Top 10 - Talk](https://www.youtube.com/watch?v=OJ3tZWIwYgs)
10 |
--------------------------------------------------------------------------------
/days/day5.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Learn JavaScript [Revision] ](https://www.youtube.com/watch?v=KGkiIBTq0y0)
10 |
--------------------------------------------------------------------------------
/days/day95.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [API Authentication: Hacking APIs - Book](https://nostarch.com/hacking-apis)
10 |
--------------------------------------------------------------------------------
/days/day99.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [API Insecurities: Hacking APIs - Book](https://nostarch.com/hacking-apis)
10 |
--------------------------------------------------------------------------------
/days/day110.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Supplemental Tools : Hacking APIs - Book](https://nostarch.com/hacking-apis)
10 |
--------------------------------------------------------------------------------
/days/day23.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Crontab for Linux Admins - Video](https://www.youtube.com/watch?v=c8F7LtRzMdY)
10 |
--------------------------------------------------------------------------------
/days/day47.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Solved Flag 12 & 13 - Injured Android](https://github.com/B3nac/InjuredAndroid)
10 |
--------------------------------------------------------------------------------
/days/day94.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Diva apk analysis - Writeup](https://reversingbinaries.in/diva-apk-analysis/)
10 |
--------------------------------------------------------------------------------
/days/day101.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Open Android Security Assessment Methodology - Repo](https://github.com/b66l/OASAM)
10 |
--------------------------------------------------------------------------------
/days/day22.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Chrome DevTools Crash Course - Video](https://www.youtube.com/watch?v=gTVpBbFWry8)
10 |
--------------------------------------------------------------------------------
/days/day77.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android Development (1:45 Hrs) - Video](https://www.youtube.com/watch?v=mXjZQX3UzOs)
10 |
--------------------------------------------------------------------------------
/days/day82.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [From XSS to RCE (dompdf 0day) - Writeup](https://positive.security/blog/dompdf-rce)
10 |
--------------------------------------------------------------------------------
/days/day119.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Hacking Android Apps with Frida - Video](https://www.youtube.com/watch?v=iMNs8YAy6pk)
10 |
--------------------------------------------------------------------------------
/days/day42.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Troubleshooting connection between WSL and android emulator](https://www.google.com)
10 |
--------------------------------------------------------------------------------
/days/day57.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Web Authentication and Authorization Zine](https://securityzines.com/zines/webauth.html)
10 |
--------------------------------------------------------------------------------
/days/day78.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android Development: Java Refresher - Video](https://www.youtube.com/watch?v=mXjZQX3UzOs)
10 |
--------------------------------------------------------------------------------
/days/day106.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Bypassing a WAF by Finding the Origin IP - Video](https://www.youtube.com/watch?v=jfjzYpgte-A)
10 |
--------------------------------------------------------------------------------
/days/day12.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [A simple Data Exfiltration! Excel magic - Writeup](https://shubhamchaskar.com/excel-magic/)
10 |
--------------------------------------------------------------------------------
/days/day15.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Hunting postMessage Vulnerabilities - White Paper (pg 1-17)](https://wiki.ioin.in/url/4Pn)
10 |
--------------------------------------------------------------------------------
/days/day27.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Read zseano's methodology [pg 27-38] - Book](https://www.bugbountyhunter.com/methodology/)
10 |
--------------------------------------------------------------------------------
/days/day79.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android Development: Activities & Layouts - Video](https://www.youtube.com/watch?v=mXjZQX3UzOs)
10 |
--------------------------------------------------------------------------------
/days/day80.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android Development: MultiScreen Apps - Video](https://www.youtube.com/watch?v=mXjZQX3UzOs)
10 |
--------------------------------------------------------------------------------
/days/day83.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [A Detailed Guide on httpx - Writeup](https://www.hackingarticles.in/a-detailed-guide-on-httpx/)
10 |
--------------------------------------------------------------------------------
/days/day85.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Preparing for API Security Testing : Hacking APIs - Book](https://nostarch.com/hacking-apis)
10 |
--------------------------------------------------------------------------------
/days/day108.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [NoSQL Injection in Plain Sight - Writeup](https://kuldeep.io/posts/nosql-injection-in-plain-sight/)
10 |
--------------------------------------------------------------------------------
/days/day25.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Hacking REST APIs: A beginner's guide - Course](https://www.udemy.com/course/hacking-rest-apis/)
10 |
--------------------------------------------------------------------------------
/days/day29.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [WebSockets and Hacking - Writeup](https://manash01.medium.com/websockets-and-hacking-32c5a83330ca)
10 |
--------------------------------------------------------------------------------
/days/day4.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Learn CSS](https://www.youtube.com/watch?v=5p8e2ZkbOFU)
10 | * Learn Python
11 | * Request Library
12 |
--------------------------------------------------------------------------------
/days/day6.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Solved DOM based XSS Labs on Portswigger](https://portswigger.net/web-security/cross-site-scripting)
10 |
--------------------------------------------------------------------------------
/days/day127.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [The $16,000 Dev Mistake - Writeup](https://medium.com/@masonhck357/the-16-000-dev-mistake-13e516e86be6)
10 |
--------------------------------------------------------------------------------
/days/day21.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [DVGA - Damn Vulnerable GraphQL Application Part 2 - Video](https://www.youtube.com/watch?v=YA-mL9Z8SNI)
10 |
--------------------------------------------------------------------------------
/days/day40.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android App Reverse Engineering LIVE! Part 1 - Workshop ](https://www.youtube.com/watch?v=BijZmutY0CQ)
10 |
--------------------------------------------------------------------------------
/days/day70.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Pwning a Server using Markdown - Writeup](https://blog.dixitaditya.com/pwning-a-server-using-markdown)
10 |
--------------------------------------------------------------------------------
/days/day86.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [How web applications work : Hacking APIs - Book : Hacking APIs - Book](https://nostarch.com/hacking-apis)
10 |
--------------------------------------------------------------------------------
/days/day87.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [The Anatomy of Web APIs : Hacking APIs - Book : Hacking APIs - Book](https://nostarch.com/hacking-apis)
10 |
--------------------------------------------------------------------------------
/days/day92.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [The Anatomy of Web APIs : Hacking APIs - Book : Hacking APIs - Book](https://nostarch.com/hacking-apis)
10 |
--------------------------------------------------------------------------------
/days/day117.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Creating Code for Bypassing Android Security Checks - Video](https://www.youtube.com/watch?v=Bwf3eyU-hi4)
10 |
--------------------------------------------------------------------------------
/days/day44.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android Security Part 2: Android Pentesting Lab Setup](https://payatu.com/blog/amit/android_pentesting_lab)
10 |
--------------------------------------------------------------------------------
/days/day59.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [ANDROID APP SECURITY BASICS (Static analysis - Part 1) - Video](https://www.youtube.com/watch?v=a8Gh7d8GebA)
10 |
--------------------------------------------------------------------------------
/days/day123.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Getting started with Frida on Android Apps - Writeup](https://payatu.com/blog/amit/Getting%20_started_with_Frida)
10 |
--------------------------------------------------------------------------------
/days/day126.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [DVGA - Batch Query Attack GraphQL Exploitation Part 3 DVGA - Video](https://www.youtube.com/watch?v=kUTIFx8vGQs)
10 |
--------------------------------------------------------------------------------
/days/day62.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android Penetration Testing: Drozer - Writeup](https://www.hackingarticles.in/android-penetration-testing-drozer/)
10 |
--------------------------------------------------------------------------------
/days/day91.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [DIVA Android App: Walkthrough - Writeup](https://danishzia.medium.com/diva-android-app-walkthrough-bce72b7f273a)
10 |
--------------------------------------------------------------------------------
/days/day93.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android Penetration Testing: Frida - Writeup](https://www.hackingarticles.in/android-penetration-testing-frida/)
10 |
--------------------------------------------------------------------------------
/days/day130.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Add JNI (C/C++) into your existing Android app - Writeup](https://erev0s.com/blog/add-jnicc-your-existing-android-app/)
10 |
--------------------------------------------------------------------------------
/days/day14.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Finding The Origin IP Behind CDNs - Writeup](https://infosecwriteups.com/finding-the-origin-ip-behind-cdns-37cd18d5275)
10 |
--------------------------------------------------------------------------------
/days/day145.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [SQL injection through HTTP headers - Writeup](https://resources.infosecinstitute.com/topic/sql-injection-http-headers/)
10 |
--------------------------------------------------------------------------------
/days/day52.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Bug Bounty - Bypassing Endpoints - Writeup](https://aaryanapex.medium.com/bug-bounty-bypassing-endpoints-55254df2cbff)
10 |
--------------------------------------------------------------------------------
/days/day71.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Critical XSS in chrome extension - Writeup](https://medium.com/@p3rr0x22/critical-xss-in-chrome-extension-b55757a2074)
10 |
--------------------------------------------------------------------------------
/days/day153.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Dependency Confusion – A Supply Chain Attack - Writeup](https://securityboat.in/dependency-confusion-a-supply-chain-attack/)
10 |
--------------------------------------------------------------------------------
/days/day38.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android App Reverse Engineering 101](https://www.ragingrock.com/AndroidAppRE/)
10 | * Exercise 1
11 | * Exercise 2
12 |
--------------------------------------------------------------------------------
/days/day39.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android App Reverse Engineering 101](https://www.ragingrock.com/AndroidAppRE/)
10 | * Exercise 3
11 | * Exercise 4
12 |
--------------------------------------------------------------------------------
/days/day63.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android Pentest: Deep Link Exploitation - Writeup](https://www.hackingarticles.in/android-pentest-deep-link-exploitation/)
10 |
--------------------------------------------------------------------------------
/days/day137.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [XML External Entity (XXE) : The Ultimate Guide - Writeup](https://securityboat.in/xml-external-entity-xxe-the-ultimate-guide/)
10 |
--------------------------------------------------------------------------------
/days/day19.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [The Tale of a Click leading to RCE - Writeup](https://medium.com/manomano-tech/the-tale-of-a-click-leading-to-rce-8f68fe93545d)
10 |
--------------------------------------------------------------------------------
/days/day50.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [The Ultimate Guide to Android SSL Pinning Bypass - Guide](https://redhuntlabs.com/ultimate-guide-to-android-ssl-pinning-bypass)
10 |
--------------------------------------------------------------------------------
/days/day141.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [My Bug Bounty Adventure (Fuzzing + Information Disclosure - Writeup](https://hcibo.medium.com/my-bug-bounty-adventure-1-b060b5bb1b2e)
10 |
--------------------------------------------------------------------------------
/days/day65.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [OAuth Sign Up AND Log In (1-6 Slides) - Slides](https://docs.google.com/presentation/d/1eu_b8jqrjr0OeetbrNHWPy9KCh8J1GEjuA4CeiRWokI)
10 |
--------------------------------------------------------------------------------
/days/day66.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Authentication bypass due to weak verification of SAML Token - Writeup](https://www.accorian.com/penetration-testing-anecdote-series/)
10 |
--------------------------------------------------------------------------------
/days/day115.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Testing-Local-Authentication - Owasp Guide](https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05f-Testing-Local-Authentication.md)
10 |
--------------------------------------------------------------------------------
/days/day124.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Exploration of Native Modules on Android with Frida - Writeup](https://payatu.com/blog/amit/explore_android_native_modules_using_frida)
10 |
--------------------------------------------------------------------------------
/days/day133.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Instrumenting Native Android Functions using Frida - Writeup](https://notsosecure.com/instrumenting-native-android-functions-using-frida)
10 |
--------------------------------------------------------------------------------
/days/day135.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Getting started with Android NDK: Android Tutorial - Writeup](https://blog.mindorks.com/getting-started-with-android-ndk-android-tutorial)
10 |
--------------------------------------------------------------------------------
/days/day18.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Read BugBounty BootCamp [247 pg - 260 pg] - Book](https://www.amazon.in/Bug-Bounty-Bootcamp-Reporting-Vulnerabilities-ebook/dp/B08YK368Y3)
10 |
--------------------------------------------------------------------------------
/days/day35.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Read BugBounty BootCamp [295pg - 300pg] - Book](https://www.amazon.in/Bug-Bounty-Bootcamp-Reporting-Vulnerabilities-ebook/dp/B08YK368Y3)
10 |
--------------------------------------------------------------------------------
/days/day37.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Read BugBounty BootCamp [300pg - 306pg] - Book](https://www.amazon.in/Bug-Bounty-Bootcamp-Reporting-Vulnerabilities-ebook/dp/B08YK368Y3)
10 |
--------------------------------------------------------------------------------
/days/day43.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Everything you need to know about Mobexler - A Mobile Application Penetration Testing Platform](https://www.youtube.com/watch?v=Im7NX4jdQtc)
10 |
--------------------------------------------------------------------------------
/days/day64.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android Applications Pentesting (Static Analysis) - HackTricks](https://book.hacktricks.xyz/mobile-apps-pentesting/android-app-pentesting)
10 |
--------------------------------------------------------------------------------
/days/day84.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Chapter 24 API Hacking : BugBounty BootCamp - Book](https://www.amazon.in/Bug-Bounty-Bootcamp-Reporting-Vulnerabilities-ebook/dp/B08YK368Y3)
10 |
--------------------------------------------------------------------------------
/days/day96.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Watch out the links : Account takeover! - Writeup](https://medium.com/@AkashHamal0x01/watch-out-the-links-account-takeover-32b9315390a7)
10 |
--------------------------------------------------------------------------------
/days/day138.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Bug Bounty Redacted #3: Hacking APIs & XSS, SQLi, WAF Bypass in a regional web application - Video](https://www.youtube.com/watch?v=vaA6Sj7huWg)
10 |
--------------------------------------------------------------------------------
/days/day72.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Penetrate the Protected Component in Android Part1 - Writeup](https://payatu.com/blog/amit/Penetrate_the_protected_component_in_android_Part-0)
10 |
--------------------------------------------------------------------------------
/days/day73.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Penetrate the Protected Component in Android Part2 - Writeup](https://payatu.com/blog/amit/Penetrate_the_protected_component_in_android_Part-2)
10 |
--------------------------------------------------------------------------------
/days/day9.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [WebSockets not Bound by SOP and CORS? - Writeup](https://blog.securityevaluators.com/websockets-not-bound-by-cors-does-this-mean-2e7819374acc)
10 |
--------------------------------------------------------------------------------
/days/day104.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [How I made $10K in bug bounties from GitHub secret leaks - Writeup](https://tillsongalloway.com/finding-sensitive-information-on-github/index.html)
10 |
--------------------------------------------------------------------------------
/days/day114.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Exploiting Android Fingerprint Authentication - Writeup](https://medium.com/@ashishf6/exploiting-android-fingerprint-authentication-25dd9263bd74)
10 |
--------------------------------------------------------------------------------
/days/day152.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Understanding And Identifying Insecure Deserialization - Writeup](https://securityboat.in/understanding-and-identifying-insecure-deserialization/)
10 |
--------------------------------------------------------------------------------
/days/day46.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [SINGLE-SIGN-ON SECURIT ISSUES : BugBounty BootCamp - Book](https://www.amazon.in/Bug-Bounty-Bootcamp-Reporting-Vulnerabilities-ebook/dp/B08YK368Y3)
10 |
--------------------------------------------------------------------------------
/days/day7.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Solved DOM based XSS Labs on Portswigger](https://portswigger.net/web-security/cross-site-scripting)
10 | * Learn Python
11 | * Class and object
12 |
--------------------------------------------------------------------------------
/days/day98.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Vulnerable Android Broadcast Receivers - Writeup](https://oldbam.github.io/android/security/android-vulnerabilities-insecurebank-broadcast-receivers)
10 |
--------------------------------------------------------------------------------
/days/day118.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Sharpening your FRIDA scripting skills with Frida Tool - Writeup](https://blog.securelayer7.net/sharpening-your-frida-scripting-skills-with-frida-tool/)
10 |
--------------------------------------------------------------------------------
/days/day132.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [How to hook Android Native methods with Frida (Noob Friendly) - Writeup](https://erev0s.com/blog/how-hook-android-native-methods-frida-noob-friendly/)
10 |
--------------------------------------------------------------------------------
/days/day17.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [How to find new/more domains of a company? - Recon Stuff - Writeup](https://www.cyberick.com/post/how-to-find-new-more-domains-of-a-company-recon-stuff)
10 |
--------------------------------------------------------------------------------
/days/day56.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Authentication bypass via OAuth implicit flow - Lab](https://portswigger.net/web-security/oauth/lab-oauth-authentication-bypass-via-oauth-implicit-flow)
10 |
--------------------------------------------------------------------------------
/days/day107.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Inspecting Android Traffic using Proxyman + apk-mitm - Writeup](https://bismobaruno.medium.com/inspecting-android-traffic-using-proxyman-apk-mitm-a3e1fa6308c8)
10 |
--------------------------------------------------------------------------------
/days/day148.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Bypassing File Upload Restriction using Magic Bytes - Writeup](https://systemweakness.com/bypassing-file-upload-restriction-using-magic-bytes-eb13e801f264)
10 |
--------------------------------------------------------------------------------
/days/day69.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Authorizationcode_tester - Tester: Exploit Mistakes](https://github.com/koenbuyens/Vulnerable-OAuth-2.0-Applications/blob/master/authorizationcode_tester.md)
10 |
--------------------------------------------------------------------------------
/days/day121.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [NahamCon CTF 2022 Write-up: Click Me! Android challenge - Writeup](https://infosecwriteups.com/nahamcon-ctf-2022-write-up-click-me-android-challenge-63ccba7cb663)
10 |
--------------------------------------------------------------------------------
/days/day45.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Hacking Android Deeplink Issues and Insecure URL Validation - Video](https://www.youtube.com/watch?v=jn2qkLH_wjU&list=PLGJe0xGh7cH2lszCZ7qwsqouEK23XCMGp&index=7)
10 |
--------------------------------------------------------------------------------
/days/day53.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [How I made 25000 USD in bug bounties with reverse proxy - Writeup](https://infosecwriteups.com/how-i-made-25000-usd-in-bug-bounties-with-reverse-proxy-d29dba4570d7)
10 |
--------------------------------------------------------------------------------
/days/day125.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [How to exploit GraphQL endpoint: introspection, query, mutations & tools - Writeup](https://blog.yeswehack.com/yeswerhackers/how-exploit-graphql-endpoint-bug-bounty/)
10 |
--------------------------------------------------------------------------------
/days/day139.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [PHP Command Injection -> Time Based SQL $2000 bounty - Writeup](https://medium.com/@chouhanhimanshu532/php-command-injection-time-based-sql-2000-bounty-4e716fdaba9f)
10 |
--------------------------------------------------------------------------------
/days/day147.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [How I Found a company’s internal S3 Bucket with 41k Files - Writeup](https://infosecwriteups.com/how-i-found-a-companys-internal-s3-bucket-with-41k-files-94b453e588b5)
10 |
--------------------------------------------------------------------------------
/days/day67.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Bypassing Google Authentication on Periscope's Administration Panel - Writeup](https://whitton.io/articles/bypassing-google-authentication-on-periscopes-admin-panel/)
10 |
--------------------------------------------------------------------------------
/days/day120.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [ATO without any interaction [aws cognito misconfiguration] - Writeup](https://shreyaskoli.medium.com/ato-without-any-interaction-aws-cognito-misconfiguration-d690f4b3da11)
10 |
--------------------------------------------------------------------------------
/days/day142.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Exploiting CRLF Injection can lands into a nice bounty - Writeup](https://infosecwriteups.com/bugbounty-exploiting-crlf-injection-can-lands-into-a-nice-bounty-159525a9cb62)
10 |
--------------------------------------------------------------------------------
/days/day150.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [How to find & access Admin Panel by digging into JS files - Writeup](https://medium.com/@ratnadip1998/how-to-find-access-admin-panel-by-digging-into-js-files-282d89391a2d)
10 |
--------------------------------------------------------------------------------
/days/day136.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Can analyzing javascript files lead to remote code execution? - Writeup](https://melotover.medium.com/can-analyzing-javascript-files-lead-to-remote-code-execution-f24112f1aa1f)
10 |
--------------------------------------------------------------------------------
/days/day146.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Automate your recon With Censys | HOW Pro hacker use Censys - Writeup](https://pallabjyoti218.medium.com/automate-your-recon-with-censys-how-pro-hacker-use-censys-871aeabd517e)
10 |
--------------------------------------------------------------------------------
/days/day111.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android Root Detection Bypass Using Objection and Frida Scripts - Writeup](https://gowthamr1.medium.com/android-root-detection-bypass-using-objection-and-frida-scripts-d681d30659a7)
10 |
--------------------------------------------------------------------------------
/days/day112.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Configuring Frida with BurpSuite and Genymotion to bypass Android SSL Pinning - Writeup](https://arben.sh/bugbounty/Configuring-Frida-with-Burp-and-GenyMotion-to-bypass-SSL-Pinning/)
10 |
--------------------------------------------------------------------------------
/days/day113.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Find new domains of a company using SSL Certificates - Bug Bounty Recon - Writeup](https://www.cyberick.com/post/find-new-domains-of-a-company-using-ssl-certificates-bug-bounty-recon)
10 |
--------------------------------------------------------------------------------
/days/day116.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Bypass of Biometrics & Password Security Functionality For android - Writeup](https://infosecwriteups.com/bypass-of-biometrics-password-security-functionality-for-android-8e0174ac7cac)
10 |
--------------------------------------------------------------------------------
/days/day149.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Story about more than 3.5 million PII leakage in Yahoo!!! (Using an IOS) - Writeup](https://dhakalbibek.medium.com/story-about-more-than-3-5-million-pii-leakage-in-yahoo-3a530210dcc6)
10 |
--------------------------------------------------------------------------------
/days/day54.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Intercepting Android Emulator SSL traffic with burp using magisk - Writeup](https://infosecwriteups.com/intercepting-android-emulator-ssl-traffic-with-burp-using-magisk-bc948dca68f9)
10 |
--------------------------------------------------------------------------------
/days/day134.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Forging OAuth tokens using discovered client id and client secret - Writeup](https://basyounii.medium.com/forging-oauth-tokens-using-discovered-client-id-and-client-secret-d224e4e7892a)
10 |
--------------------------------------------------------------------------------
/days/day55.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Subdomains Tools Review: a full and detailed comparison of subdomain enumeration tools - Writeup](https://blog.yeswehack.com/yeswerhackers/subdomains-tools-review-full-detailed-comparison/)
10 |
--------------------------------------------------------------------------------
/days/day75.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [How Tapjacking Made a Return with Android Marshmallow and Nobody Noticed - Writeup](https://www.xda-developers.com/how-tapjacking-made-a-return-with-android-marshmallow-and-nobody-noticed/)
10 |
--------------------------------------------------------------------------------
/days/day144.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [How I Hacked NASA to execute arbitrary commands in their server! - Writeup](https://medium.com/@harishhacker3010/how-i-hacked-nasa-to-execute-arbitrary-commands-in-their-server-29d44292a60a)
10 |
--------------------------------------------------------------------------------
/days/day81.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [How I Found multiple SQL Injection with FFUF and Sqlmap in a few minutes - Writeup](https://infosecwriteups.com/how-i-found-multiple-sql-injection-with-ffuf-and-sqlmap-in-a-few-minutes-2824cd4dfab)
10 |
--------------------------------------------------------------------------------
/days/day122.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android Application Security [chapter 0x1] - Introduction to Frida - Writeup](https://mobappsecurity.github.io/blog/android_application_security/2021/03/25/android_application_security_chapter_0x1.html)
10 |
--------------------------------------------------------------------------------
/days/day143.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [PayPal IDOR via billing Agreement Token (closed Informative, payment fraud) - Writeup](https://medium.com/@h4x0r_dz/paypal-idor-via-billing-agreement-token-closed-informative-payment-fraud-3245202fab38)
10 |
--------------------------------------------------------------------------------
/days/day16.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [120 Days of High Frequency Hunting - WriteUp](https://kuldeep.io/posts/120-days-of-high-frequency-hunting/)
10 | * [Hunting postMessage Vulnerabilities - White Paper (page 18-25)](https://wiki.ioin.in/url/4Pn)
11 |
--------------------------------------------------------------------------------
/days/day36.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Solved 1-10 Challenges of InjuredAndroid - Lab](https://github.com/B3nac/InjuredAndroid)
10 | * [Recon methodology of @GodfatherOrwa - Video](https://www.youtube.com/playlist?list=PLiLvsecrejRhQ7lOGgZSga47Jwhf5YXwD)
11 |
--------------------------------------------------------------------------------
/days/day140.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [How Did I Leak 5.2k Customer Data From a Large Company? (via Broken Access Control) - Writeup](https://infosecwriteups.com/how-did-i-leak-5-2k-customer-data-from-a-large-company-via-broken-access-control-709eb4027409)
10 |
--------------------------------------------------------------------------------
/days/day74.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [From Recon via Censys and DNSdumpster, to Getting P1 by Login Using Weak Password - Writeup](https://infosecwriteups.com/from-recon-via-censys-and-dnsdumpster-to-getting-p1-by-login-using-weak-password-password-504e617956ce)
10 |
--------------------------------------------------------------------------------
/days/day8.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [A Cool Account Takeover Vulnerability due to lack of Client Side Validation - Writeup](https://medium.com/@arthbajpai277/hello-everyone-my-name-is-arth-bajpai-im-from-lucknow-india-and-this-is-my-first-writeup-2ec6a54226c5)
10 |
--------------------------------------------------------------------------------
/days/day100.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [How a YouTube Video lead to pwning a web application via SQL Injection worth $4324 bounty - Writeup](https://medium.com/@k4k4r07/how-a-youtube-video-lead-to-pwning-a-web-application-via-sql-injection-worth-4324-bounty-285f0a9b9f6c)
10 |
--------------------------------------------------------------------------------
/days/day20.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [PostMessage Vulnerabilities Part I - Writeup](https://jlajara.gitlab.io/web/2020/06/12/Dom_XSS_PostMessage.html)
10 | * [PostMessage Vulnerabilities. Part II - Writeup](https://jlajara.gitlab.io/web/2020/07/17/Dom_XSS_PostMessage_2.html)
11 |
--------------------------------------------------------------------------------
/days/day26.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Read BugBounty BootCamp [pg 275-281]- Book](https://www.amazon.in/Bug-Bounty-Bootcamp-Reporting-Vulnerabilities-ebook/dp/B08YK368Y3)
10 |
11 | * [Read zseano's methodology [pg 1-27]- Book](https://www.bugbountyhunter.com/methodology/)
12 |
--------------------------------------------------------------------------------
/days/day28.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Read zseano's methodology [pg 38-71] - Book](https://www.bugbountyhunter.com/methodology/)
10 | * [Params — Discovering Hidden Treasure in WebApps - Writeup](https://medium.com/geekculture/params-discovering-hidden-treasure-in-webapps-b4a78509290f)
11 |
--------------------------------------------------------------------------------
/days/day34.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Mobile Application Penetration Testing](https://academy.tcm-sec.com/p/mobile-application-penetration-testing)
10 | * Penetration Testing Process
11 | * Android Intro and Security Architecture
12 | * Android Lab Setup
13 | * Android Static Analysis
14 |
--------------------------------------------------------------------------------
/days/day76.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [How I was able to find 50+ Cross-site scripting (XSS) Security Vulnerabilities on Bugcrowd Public Program? - Writeup](https://infosecwriteups.com/how-i-was-able-to-find-50-cross-site-scripting-xss-security-vulnerabilities-on-bugcrowd-public-ba33db2b0ab1)
10 |
--------------------------------------------------------------------------------
/days/day13.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [One Token to leak them all : The story of a $8000 NPM_TOKEN - Writeup](https://infosecwriteups.com/one-token-to-leak-them-all-the-story-of-a-8000-npm-token-79b13af182a3)
10 | * [Introduction to GraphQL - GraphQL Exploitation - Part1 - Video](https://www.youtube.com/watch?v=w0QOAacuPgQ)
11 |
--------------------------------------------------------------------------------
/days/day24.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Template Injection in Action: 2-hour workshop on Template Injection (SSTI) - workshop](https://gosecure.github.io/template-injection-workshop/)
10 | * [Read BugBounty BootCamp [pg 261-274] - Book](https://www.amazon.in/Bug-Bounty-Bootcamp-Reporting-Vulnerabilities-ebook/dp/B08YK368Y3)
11 |
--------------------------------------------------------------------------------
/days/day109.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Configuring an out-of-band callback listener and notification service in under 10 minutes using AWS Lambda function URLs and Discord webhooks - Writeup](https://www.brevityinmotion.com/configuring-an-out-of-band-callback-and-notification-service-in-under-10-minutes-using-aws-lambda-and-discord-webhooks/)
10 |
--------------------------------------------------------------------------------
/days/day41.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android Architecture + Static Analysis with apktool + gf + jadx](https://www.youtube.com/watch?v=6-M_7O3A8AI&list=PLGJe0xGh7cH2lszCZ7qwsqouEK23XCMGp&index=2)
10 | * [Insecure Logging & Storage + Setup Genymotion & pidcat](https://www.youtube.com/watch?v=JYUa3i_FYjE&list=PLGJe0xGh7cH2lszCZ7qwsqouEK23XCMGp&index=3)
11 |
--------------------------------------------------------------------------------
/days/day32.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android: Quick History on Smartphones - Video](https://mobisec.reyammer.io/slides)
10 | * [Intro to App Development - Video](https://mobisec.reyammer.io/slides)
11 | * [Top 25 Browser Extensions for Pentesters and Bugbounty Hunters (2022) - Writeup](https://www.p1boom.com/2022/02/top25-browser-extensions-for-hacker.html)
12 |
--------------------------------------------------------------------------------
/days/day10.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Unauth Cache Purging - Writeup](https://sapt.medium.com/apple-hall-of-fame-for-a-small-misconfiguration-unauth-cache-purging-faf81b19419b)
10 | * [How I was able to change victim’s password using IDN Homograph Attack - Writeup](https://infosecwriteups.com/how-i-was-able-to-change-victims-password-using-idn-homograph-attack-587111843aff)
11 |
--------------------------------------------------------------------------------
/days/day129.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Exploring Native Functions with Frida on Android part 1 - Writeup](https://medium.com/swlh/exploring-native-functions-with-frida-on-android-part-1-bf93f0bfa1d3)
10 | * [Exploring Native Functions with Frida on Android part 2 - Writeup](https://mobsecguys.medium.com/exploring-native-functions-with-frida-on-android-part-2-98b97e89eb3d)
11 |
--------------------------------------------------------------------------------
/days/day31.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Read BugBounty BootCamp (pg 283-293) - Book](https://www.amazon.in/Bug-Bounty-Bootcamp-Reporting-Vulnerabilities-ebook/dp/B08YK368Y3)
10 | * [Bypassing SSRF Protection to Exfiltrate AWS Metadata from LarkSuite - Writeup](https://sirleeroyjenkins.medium.com/bypassing-ssrf-protection-to-exfiltrate-aws-metadata-from-larksuite-bf99a3599462)
11 |
--------------------------------------------------------------------------------
/days/day68.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * Burp Bounty v2 Documentation
10 | * [Architect: Major Design Decisions - OAuth](https://github.com/koenbuyens/Vulnerable-OAuth-2.0-Applications/blob/master/architect.md)
11 | * [Classic Web Application: Authorization Code Grant Flow - OAuth](https://github.com/koenbuyens/Vulnerable-OAuth-2.0-Applications/blob/master/authorizationcode.md)
12 |
--------------------------------------------------------------------------------
/suggestions.md:
--------------------------------------------------------------------------------
1 | # Learn365 - Suggestions
2 |
3 | Penetration Testing is a vast ocean and thinking of new topics everyday is sometimes quite a difficult task. However, with the help of amazing community, the steak will keep going. If you know any nice topic to work on, study or research about, please add them to the below list so that I can pick them up once I am exhausted out of topics.
4 |
5 | ---
6 |
7 | S.No. | Topic for Learn365
8 | --- | ---
9 | **1** | < Add Here >
10 |
--------------------------------------------------------------------------------
/days/day2.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Learn Javascript [13:14 Hr - 15:03 Hr]](https://www.youtube.com/watch?v=KGkiIBTq0y0)
10 |
11 | * [Read BugBounty BootCamp [216 pg - 224 pg] - Book](https://www.amazon.in/Bug-Bounty-Bootcamp-Reporting-Vulnerabilities-ebook/dp/B08YK368Y3)
12 |
13 | * Learn Python
14 | * System call
15 | * Argument for program
16 | * File Operations
17 |
--------------------------------------------------------------------------------
/days/day3.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Learn Javascript [15:03 Hr - 16:20 Hr]](https://www.youtube.com/watch?v=KGkiIBTq0y0)
10 | * [A tale of zero click account takeover - writeup](https://medium.com/pentesternepal/a-tale-of-zero-click-account-takeover-56b51fdbd7ae)
11 | * [AWS Lambda Command Injection - writeup](https://towardsaws.com/aws-lambda-command-injection-124a5cc44be7)
12 |
--------------------------------------------------------------------------------
/days/day105.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android: How to Bypass Root Check and Certificate Pinning - Writeup](https://medium.com/@cintainfinita/android-how-to-bypass-root-check-and-certificate-pinning-36f74842d3be)
10 | * [Comparison of Different Android Root-Detection Bypass Tools - Writeup](https://medium.com/secarmalabs/comparison-of-different-android-root-detection-bypass-tools-8fd477251640)
11 |
--------------------------------------------------------------------------------
/days/day61.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android App Security & Testing - Writeup](https://infosecwriteups.com/android-app-security-testing-156a052ce7e8)
10 | * [Exploiting Android activity android:exported="true" - Writeup](https://aupsham98.medium.com/exploiting-android-activity-activity-android-exported-true-93ffeb263682)
11 | * [Exploiting Activity in medium android app - Writeup](https://infosecwriteups.com/exploiting-activity-in-medium-android-app-e2e6f3553eef)
12 |
--------------------------------------------------------------------------------
/days/day58.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Forced OAuth profile linking - Lab](https://portswigger.net/web-security/oauth/lab-oauth-forced-oauth-profile-linking)
10 | * [OAuth account hijacking via redirect_uri - Lab](https://portswigger.net/web-security/oauth/lab-oauth-account-hijacking-via-redirect-uri)
11 | * [Stealing OAuth access tokens via an open redirect - Lab](https://portswigger.net/web-security/oauth/lab-oauth-stealing-oauth-access-tokens-via-an-open-redirect)
12 |
--------------------------------------------------------------------------------
/days/day51.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [OAuth terminologies and flows explained - Video](https://www.youtube.com/watch?v=3pZ3Nh8tgTE)
10 | * [OAuth 2.0 Hacking Simplified — Part 1 — Understanding Basics - Writeup](https://infosecwriteups.com/oauth-2-0-hacking-simplified-part-1-understanding-basics-ad323cb4a05c)
11 | * [OAuth 2.0 Hacking Simplified — Part 2 — Vulnerabilities and Mitigation - Writeup](https://infosecwriteups.com/oauth-2-0-hacking-simplified-part-2-vulnerabilities-and-mitigation-d01dd6d5fa2c)
12 |
--------------------------------------------------------------------------------
/days/day1.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Learn Javascript [12:07 Hr - 13:14 Hr]](https://www.youtube.com/watch?v=KGkiIBTq0y0)
10 |
11 | * [The Tool Box | karma v2 and 4-ZERO-3 - Talk](https://www.youtube.com/watch?v=ZMSX0vCsLOY)
12 |
13 | * [Finding and exploiting unintended functionality in main web app APIs - Writeup](https://bendtheory.medium.com/finding-and-exploiting-unintended-functionality-in-main-web-app-apis-6eca3ef000af)
14 |
15 | * [Workflow for Javascript Recon](https://twitter.com/0xAwali/status/1465272310491979776)
16 |
--------------------------------------------------------------------------------
/days/day33.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Intro to Android Architecture and Security - Video](https://mobisec.reyammer.io/slides)
10 | * [What is an Android Operating System & Its Features - Writeup](https://www.elprocus.com/what-is-android-introduction-features-applications/)
11 | * [Android Internals 101: How Android OS Starts You Application - Writeup](https://proandroiddev.com/android-internals-101-how-android-os-starts-you-application-e1c98a014c05)
12 | * [Android Security Part 1- Understanding Android Basics - Writeup](https://payatu.com/blog/amit/Need-to-know-Android)
13 |
--------------------------------------------------------------------------------
/days/day11.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Controlling the web message source - Lab](https://portswigger.net/web-security/dom-based/controlling-the-web-message-source)
10 | * [JavaScript for Hackers - Video](https://www.youtube.com/watch?v=FTeE3OrTNoA)
11 | * [HACKING postMessage() - Video](https://www.youtube.com/watch?v=CWNxoxOX6sI)
12 | * [Introduction postmessage vulnerabilities - Writeup](https://blog.yeswehack.com/yeswerhackers/introduction-postmessage-vulnerabilities/)
13 | * [Postmessage vulnerability demo -Lab](https://github.com/shurmajee/postmessage-vulnerability-demo)
14 |
--------------------------------------------------------------------------------
/days/day128.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * https://www.bugbountyhunter.com/hackevents/report?id=48
10 | * https://www.bugbountyhunter.com/hackevents/report?id=279
11 | * https://www.bugbountyhunter.com/hackevents/report?id=81
12 | * https://www.bugbountyhunter.com/hackevents/report?id=172
13 | * https://www.bugbountyhunter.com/hackevents/report?id=109
14 | * https://www.bugbountyhunter.com/hackevents/report?id=193
15 | * https://www.bugbountyhunter.com/hackevents/report?id=197
16 | * https://www.bugbountyhunter.com/hackevents/report?id=184
17 | * https://www.bugbountyhunter.com/hackevents/report?id=214
18 | * https://www.bugbountyhunter.com/hackevents/report?id=265
19 |
20 |
--------------------------------------------------------------------------------
/days/day49.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Bypassing OkHttp Certificate Pinning - Writeup](https://web.archive.org/web/20201112010745/https://captmeelo.com/pentest/2020/02/24/bypass-okhttp-cert-pinning.html)
10 | * [Disabling SSL Pinning in Android Apps using Frida / Objection - Writeup](https://onappsec.com/disabling-ssl-pinning-in-android-apps-using-frida-objection/)
11 | * [How To Bypass Apps Root Detection In Android - Writeup](https://techviral.net/bypass-apps-root-detection-android/)
12 | * [Bug Bounty on Android : setup your Genymotion environment for APK analysis](https://blog.yeswehack.com/yeswerhackers/bug-bounty-android-setup-genymotion-environment-apk-analysis/)
13 |
--------------------------------------------------------------------------------
/days/day48.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [Android SSL Pinning Bypass for Bug Bounties & Penetration Testing - Video](https://www.youtube.com/watch?v=ENyEcwLaz-A&t=1398s)
10 | * [SSL Pinning in Android Part 1 - Writeup](https://tech.groww.in/ssl-pinning-in-android-part-1-d23a01d51fd6)
11 | * [SSL Pinning in Android Part 2 - Writeup](https://tech.groww.in/ssl-pinning-in-android-part-2-b591dfc8c2f1)
12 | * [What is Android Rooting? - Writeup](https://www.geeksforgeeks.org/what-is-android-rooting/)
13 | * [Four Ways to Bypass Android SSL Verification and Certificate Pinning - Writeup](https://www.netspi.com/blog/technical/mobile-application-penetration-testing/four-ways-bypass-android-ssl-verification-certificate-pinning/)
14 |
--------------------------------------------------------------------------------
/days/day60.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [HACKING ANDROID WebViews (Static analysis - Part 2) - Video](https://www.youtube.com/watch?v=qS5PkC-37io)
10 | * [Getting Started with Android Application Security - Writeup](https://cobalt.io/blog/getting-started-with-android-application-security)
11 | * [Android Pentest: Automated Analysis using MobSF - Writeup](https://www.hackingarticles.in/android-pentest-automated-analysis-using-mobsf/)
12 | * [Static Analysis of Android Application & Tools Used - Writeup](https://blog.securelayer7.net/static-analysis-of-android-application-tools-used-securelayer7/)
13 | * [Complete Android Pentesting Guide - Writeup](https://oscp.medium.com/complete-android-pentesting-guide-203ed34035e3)
14 |
--------------------------------------------------------------------------------
/days/day97.md:
--------------------------------------------------------------------------------
1 | Index | Section
2 | --- | ---
3 | **1** | Learning Resource
4 |
5 | ---
6 |
7 | #### Learning Resource:
8 |
9 | * [10 things you must do when Pentesting Android Applications - Writeup](https://securityboulevard.com/2020/06/understanding-the-owasp-mobile-top-10-security-risks-part-two-m4-m7/)
10 | * [Dumping Android application memory with fridump - Writeup](https://securitygrind.com/dumping-android-application-memory-with-fridump/)
11 | * [Mobile Risks: M1 – Improper platform usage - Writeup](https://securitygrind.com/mobile-risks-m1-improper-platform-usage/)
12 | * [Mobile Risks: M2 – Insecure data storage - Writeup](https://securitygrind.com/mobile-risks-m2-insecure-data-storage/)
13 | * [Mobile Risks: M3 – Insecure communication - Writeup](https://securitygrind.com/mobile-risks-m3-insecure-communication/)
14 | * [Understanding the OWASP Mobile Top 10 Security Risks: Part Two (M4-M7) - Writeup](https://securityboulevard.com/2020/06/understanding-the-owasp-mobile-top-10-security-risks-part-two-m4-m7/)
15 | * [Understanding the OWASP Mobile Top 10 Security Risks: Part Three (M8-M10) - Writeup](https://securityboulevard.com/2020/06/understanding-the-owasp-mobile-top-10-security-risks-part-three-m8-m10/)
16 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Learn365
2 |
3 | This repository contains all the information shared during my Learn 365 Challenge. Learn 365 is a challenge to keep the learning spirit going on and challenge myself to learn something daily for the whole year, it can be anything from infosec to general life. Follow me on Twitter for Regular Updates: [Anubhav Singh](https://twitter.com/AnubhavSingh_). Huge thanks to [Harsh Bothra](https://twitter.com/harshbothra_), from whoam I got motivated to start this Learn365 challenge.
4 |
5 | -------
6 | Day | Topic
7 | --- | ---
8 | **1** | [- Learn Javascript
- The Tool Box karma v2 and 4-ZERO-3 - Talk
- Finding and exploiting unintended functionality in main web app APIs - Writeup
- Workflow for Javascript Recon
](/days/day1.md)
9 | **2** | [- Learn Javascript
- Read BugBounty BootCamp - Book
- Learn Python
](/days/day2.md)
10 | **3** | [- Learn Javascript
- AWS Lambda Command Injection - Writeup
- A tale of zero click account takeover - Writeup
](/days/day3.md)
11 | **4** | [](/days/day4.md)
12 | **5** | [- Learn Javascript [Revision]
](/days/day5.md)
13 | **6** | [- Solved DOM based XSS Labs on Portswigger
](/days/day6.md)
14 | **7** | [- Solved DOM based XSS Labs on Portswigger
- Learn Python
](/days/day7.md)
15 | **8** | [- A Cool Account Takeover Vulnerability due to lack of Client Side Validation - WriteUp
](/days/day8.md)
16 | **9** | [- WebSockets not Bound by SOP and CORS? - WriteUp
](/days/day9.md)
17 | **10** | [- Unauth Cache Purging - WriteUp
- How I was able to change victim’s password using IDN Homograph Attack - WriteUp
](/days/day10.md)
18 | **11** | [- Controlling the web message source - Lab
- JavaScript for Hackers - Video
- HACKING postMessage() - Video
- Introduction postmessage vulnerabilities - Writeup
- Postmessage vulnerability demo -Lab
](/days/day11.md)
19 | **12** | [- A simple Data Exfiltration! Excel magic - Writeup
](/days/day12.md)
20 | **13** | [- One Token to leak them all : The story of a $8000 NPM_TOKEN - Writeup
- Introduction to GraphQL - GraphQL Exploitation Part1 - Video
](/days/day13.md)
21 | **14** | [- Finding The Origin IP Behind CDNs - Writeup
](/days/day14.md)
22 | **15** | [- Hunting postMessage Vulnerabilities - White Paper
](/days/day15.md)
23 | **16** | [- 120 Days of High Frequency Hunting - WriteUp
- Hunting postMessage Vulnerabilities - White Paper
](/days/day16.md)
24 | **17** | [- How to find new/more domains of a company? - Recon Stuff - Writeup
](/days/day17.md)
25 | **18** | [- Read BugBounty BootCamp - Book
](/days/day18.md)
26 | **19** | [- The Tale of a Click leading to RCE - Writeup
](/days/day19.md)
27 | **20** | [- PostMessage Vulnerabilities - WriteUp
](/days/day20.md)
28 | **21** | [- DVGA - Damn Vulnerable GraphQL Application Part 2 - Video
](/days/day21.md)
29 | **22** | [- Chrome DevTools Crash Course - Video
](/days/day22.md)
30 | **23** | [- Crontab for Linux Admins - Video
](/days/day23.md)
31 | **24** | [- Template Injection in Action: 2-hour workshop on Template Injection (SSTI)
- Read BugBounty BootCamp - Book
](/days/day24.md)
32 | **25** | [- Hacking REST APIs: A beginner's guide - Course
](/days/day25.md)
33 | **26** | [- Read BugBounty BootCamp - Book
- Read zseano's methodology - Book
](/days/day26.md)
34 | **27** | [- Read zseano's methodology - Book
](/days/day27.md)
35 | **28** | [- Read zseano's methodology - Book
- Params — Discovering Hidden Treasure in WebApps - Writeup
](/days/day28.md)
36 | **29** | [- WebSockets and Hacking - Writeup
](/days/day29.md)
37 | **30** | [- Pentesting API Top 10 - Talk
](/days/day30.md)
38 | **31** | [- Read BugBounty BootCamp - Book
- Bypassing SSRF Protection to Exfiltrate AWS Metadata from LarkSuite - Writeup
](/days/day31.md)
39 | **32** | [- Android: Quick History on Smartphones - Video
- Intro to App Development - Video
- Top 25 Browser Extensions for Pentesters and Bugbounty Hunters (2022) - Writeup
](/days/day32.md)
40 | **33** | [- Intro to Android Architecture and Security - Video
- What is an Android Operating System & Its Features - Writeup
- Android Internals 101: How Android OS Starts You Application - Writeup
- Android Security Part 1- Understanding Android Basics - Writeup
](/days/day33.md)
41 | **34** | [- Mobile Application Penetration Testing - TCM Course
](/days/day34.md)
42 | **35** | [- Read BugBounty BootCamp - Book
](/days/day35.md)
43 | **36** | [- Solved 1-10 Challenges of InjuredAndroid
- Recon methodology of @GodfatherOrwa - Video
](/days/day36.md)
44 | **37** | [- Read BugBounty BootCamp - Book
](/days/day37.md)
45 | **38** | [- 1,2 Exercises: Android App Reverse Engineering 101
](/days/day38.md)
46 | **39** | [- 3,4 Exercises: Android App Reverse Engineering 101
](/days/day39.md)
47 | **40** | [- Android App Reverse Engineering LIVE! Part 1 - Workshop
](/days/day40.md)
48 | **41** | [- Android Architecture + Static Analysis with apktool + gf + jadx
- Insecure Logging & Storage + Setup Genymotion & pidcat
](/days/day41.md)
49 | **42** | [- Troubleshooting connection between WSL and android emulator
](/days/day42.md)
50 | **43** | [- Mobexler : A Mobile Application Penetration Testing Platform - Video
](/days/day43.md)
51 | **44** | [- Android Pentesting Lab Setup - Writeup
](/days/day44.md)
52 | **45** | [- Hacking Android Deeplink Issues and Insecure URL Validation - Video
](/days/day45.md)
53 | **46** | [- SINGLE-SIGN-ON SECURITY ISSUES : BugBounty BootCamp - Book
](/days/day46.md)
54 | **47** | [- Solved Flag 12 & 13 of Injured Android
](/days/day47.md)
55 | **48** | [- Android SSL Pinning Bypass for Bug Bounties & Penetration Testing - Video
- SSL Pinning in Android Part 1 - Writeup
- SSL Pinning in Android Part 2 - Writeup
- What is Android Rooting? - Writeup
- Four Ways to Bypass Android SSL Verification and Certificate Pinning - Writeup
](/days/day48.md)
56 | **49** | [- Bypassing OkHttp Certificate Pinning - Writeup
- Disabling SSL Pinning in Android Apps using Frida / Objection - Writeup
- How To Bypass Apps Root Detection In Android - Writeup
- Bug Bounty on Android : setup your Genymotion environment for APK analysis - Writeup
](/days/day49.md)
57 | **50** | [- The Ultimate Guide to Android SSL Pinning Bypass - Guide
](/days/day50.md)
58 | **51** | [- OAuth terminologies and flows explained - Video
- OAuth 2.0 Hacking Simplified — Part 1 — Understanding Basics - Writeup
- OAuth 2.0 Hacking Simplified — Part 2 — Vulnerabilities and Mitigation - Writeup
](/days/day51.md)
59 | **52** | [- Bug Bounty — Bypassing Endpoints - Writeup
](/days/day52.md)
60 | **53** | [- How I made 25000 USD in bug bounties with reverse proxy - Writeup
](/days/day53.md)
61 | **54** | [- Intercepting Android Emulator SSL traffic with burp using magisk - Writeup
](/days/day54.md)
62 | **55** | [- Subdomains Tools Review: a full and detailed comparison of subdomain enumeration tools - Writeup
](/days/day55.md)
63 | **56** | [- Lab: Authentication bypass via OAuth implicit flow
](/days/day56.md)
64 | **57** | [- Web Authentication and Authorization Zine - Zine
](/days/day57.md)
65 | **58** | [- Forced OAuth profile linking - Lab
- OAuth account hijacking via redirect_uri - Lab
- Stealing OAuth access tokens via an open redirect - Lab
](/days/day58.md)
66 | **59** | [- ANDROID APP SECURITY BASICS (Static analysis - Part 1) - Video
](/days/day59.md)
67 | **60** | [- HACKING ANDROID WebViews (Static analysis - Part 2) - Video
- Getting Started with Android Application Security - Writeup
- Android Pentest: Automated Analysis using MobSF - Writeup
- Static Analysis of Android Application & Tools Used - Writeup
- Complete Android Pentesting Guide - Writeup
](/days/day60.md)
68 | **61** | [- Android App Security & Testing - Writeup
- Exploiting Android activity android:exported="true" - Writeup
- Exploiting Activity in medium android app - Writeup
](/days/day61.md)
69 | **62** | [- Android Penetration Testing: Drozer - Writeup
](/days/day62.md)
70 | **63** | [- Android Pentest: Deep Link Exploitation - Writeup
](/days/day63.md)
71 | **64** | [- Android Applications Pentesting (Static Analysis) - HackTricks
](/days/day64.md)
72 | **65** | [- OAuth Sign Up AND Log In (1-6 Slides) - Slides
](/days/day65.md)
73 | **66** | [- Authentication bypass due to weak verification of SAML Token - Writeup
](/days/day66.md)
74 | **67** | [- Bypassing Google Authentication on Periscope's Administration Panel - Writeup
](/days/day67.md)
75 | **68** | [- Burp Bounty v2 Documentation
- Architect: Major Design Decisions - OAuth
- Classic Web Application: Authorization Code Grant Flow - OAuth
](/days/day68.md)
76 | **69** | [- Authorizationcode_tester - Tester: Exploit Mistakes
](/days/day69.md)
77 | **70** | [- Pwning a Server using Markdown - Writeup
](/days/day70.md)
78 | **71** | [- Critical XSS in chrome extension - Writeup
](/days/day71.md)
79 | **72** | [- Penetrate the Protected Component in Android Part 1 - Writeup
](/days/day72.md)
80 | **73** | [- Penetrate the Protected Component in Android Part 2 - Writeup
](/days/day73.md)
81 | **74** | [- From Recon via Censys and DNSdumpster, to Getting P1 by Login Using Weak Password - Writeup
](/days/day74.md)
82 | **75** | [- How Tapjacking Made a Return with Android Marshmallow and Nobody Noticed - Writeup
](/days/day75.md)
83 | **76** | [- How I was able to find 50+ Cross-site scripting (XSS) Security Vulnerabilities on Bugcrowd Public Program? - Writeup
](/days/day76.md)
84 | **77** | [- Android Development (1:45 Hrs) - Video
](/days/day77.md)
85 | **78** | [- Android Development: Java Refresher - Video
](/days/day78.md)
86 | **79** | [- Android Development: Activities & Layouts - Video
](/days/day79.md)
87 | **80** | [- Android Development: MultiScreen Apps - Video
](/days/day80.md)
88 | **81** | [- How I Found multiple SQL Injection with FFUF and Sqlmap in a few minutes - Writeup
](/days/day81.md)
89 | **82** | [- From XSS to RCE (dompdf 0day) - Writeup
](/days/day82.md)
90 | **83** | [- A Detailed Guide on httpx - Writeup
](/days/day83.md)
91 | **84** | [- Chapter 24 API Hacking : BugBounty BootCamp - Book
](/days/day84.md)
92 | **85** | [- Preparing for API Security Testing : Hacking APIs - Book
](/days/day85.md)
93 | **86** | [- How web applications work : Hacking APIs - Book
](/days/day86.md)
94 | **87 - 90** | [- The Anatomy of Web APIs : Hacking APIs - Book
](/days/day87.md)
95 | **91** | [- DIVA Android App: Walkthrough - Writeup
](/days/day91.md)
96 | **92** | [- The Anatomy of Web APIs : Hacking APIs - Book
](/days/day92.md)
97 | **93** | [- Android Penetration Testing: Frida - Writeup
](/days/day93.md)
98 | **94** | [- Diva apk analysis - Writeup
](/days/day94.md)
99 | **95** | [- API Authentication: Hacking APIs - Book
](/days/day95.md)
100 | **96** | [- Watch out the links : Account takeover! - Writeup
](/days/day96.md)
101 | **97** | [- 10 things you must do when Pentesting Android Applications - Writeup
- Dumping Android application memory with fridump - Writeup
- Mobile Risks: M1 – Improper platform usage - Writeup
- Mobile Risks: M2 – Insecure data storage - Writeup
- Mobile Risks: M3 – Insecure communication - Writeup
- Understanding the OWASP Mobile Top 10 Security Risks: Part Two (M4-M7) - Writeup
- Understanding the OWASP Mobile Top 10 Security Risks: Part Three (M8-M10) - Writeup
](/days/day97.md)
102 | **98** | [- Vulnerable Android Broadcast Receivers - Writeup
](/days/day98.md)
103 | **99** | [- API Insecurities Hacking APIs - Book
](/days/day99.md)
104 | **100** | [- How a YouTube Video lead to pwning a web application via SQL Injection worth $4324 bounty - Writeup
](/days/day100.md)
105 | **101** | [- Open Android Security Assessment Methodology - Repo
](/days/day101.md)
106 | **102** | [- API Insecurities Hacking APIs (page 72 - 81) - Book
](/days/day102.md)
107 | **103** | [- API Insecurities Hacking APIs (page 84 - 96) - Book
](/days/day103.md)
108 | **104** | [- How I made $10K in bug bounties from GitHub secret leaks - Writeup
](/days/day104.md)
109 | **105** | [- Android: How to Bypass Root Check and Certificate Pinning - Writeup
- Comparison of Different Android Root-Detection Bypass Tools - Writeup
](/days/day105.md)
110 | **106** | [- Bypassing a WAF by Finding the Origin IP - Video
](/days/day106.md)
111 | **107** | [- Inspecting Android Traffic using Proxyman + apk-mitm - Writeup
](/days/day107.md)
112 | **108** | [- NoSQL Injection in Plain Sight - Writeup
](/days/day108.md)
113 | **109** | [- Configuring an out-of-band callback listener and notification service in under 10 minutes using AWS Lambda function URLs and Discord webhooks - Writeup
](/days/day109.md)
114 | **110** | [- Supplemental Tools : Hacking APIs - Book
](/days/day110.md)
115 | **111** | [- Android Root Detection Bypass Using Objection and Frida Scripts - Writeup
](/days/day111.md)
116 | **112** | [- Configuring Frida with BurpSuite and Genymotion to bypass Android SSL Pinning - Writeup
](/days/day112.md)
117 | **113** | [- Find new domains of a company using SSL Certificates - Bug Bounty Recon - Writeup
](/days/day113.md)
118 | **114** | [- Exploiting Android Fingerprint Authentication - Writeup
](/days/day114.md)
119 | **115** | [- Testing-Local-Authentication - Owasp Guide
](/days/day115.md)
120 | **116** | [- Bypass of Biometrics & Password Security Functionality For android - Writeup
](/days/day116.md)
121 | **117** | [- Creating Code for Bypassing Android Security Checks: Frida - Video
](/days/day117.md)
122 | **118** | [- Sharpening your FRIDA scripting skills with Frida Tool - Writeup
](/days/day118.md)
123 | **119** | [- Hacking Android Apps with Frida - Video
](/days/day119.md)
124 | **120** | [- ATO without any interaction : aws cognito misconfiguration - Writeup
](/days/day120.md)
125 | **121** | [- NahamCon CTF 2022 Write-up: Click Me! Android challenge - Writeup
](/days/day121.md)
126 | **122** | [- Android Application Security [chapter 0x1] - Introduction to Frida - Writeup
](/days/day122.md)
127 | **123** | [- Getting started with Frida on Android Apps - Writeup
](/days/day123.md)
128 | **124** | [- Exploration of Native Modules on Android with Frida - Writeup
](/days/day124.md)
129 | **125** | [- How to exploit GraphQL endpoint: introspection, query, mutations & tools - Writeup
](/days/day125.md)
130 | **126** | [- DVGA Batch Query Attack GraphQL Exploitation : Part 3 DVGA - Video
](/days/day126.md)
131 | **127** | [- The $16,000 Dev Mistake - Writeup
](/days/day127.md)
132 | **128** | [- FirstBlood : HackEvent BugBountyHunter.com - Reports
](/days/day128.md)
133 | **129** | [- Exploring Native Functions with Frida on Android - Writeup
](/days/day129.md)
134 | **130** | [- Add JNI(C/C++) into your existing Android app - Writeup
](/days/day130.md)
135 | **131** | [- Demystifying Frida - Video
](/days/day131.md)
136 | **132** | [- How to hook Android Native methods with Frida (Noob Friendly) - Writeup
](/days/day132.md)
137 | **133** | [- Instrumenting Native Android Functions using Frida - Writeup
](/days/day133.md)
138 | **134** | [- Forging OAuth tokens using discovered client id and client secret - Writeup
](/days/day134.md)
139 | **135** | [- Getting started with Android NDK: Android Tutorial - Writeup
](/days/day135.md)
140 | **136** | [- Can analyzing javascript files lead to remote code execution? - Writeup
](/days/day136.md)
141 | **137** | [- XML External Entity (XXE) : The Ultimate Guide - Writeup
](/days/day137.md)
142 | **138** | [- Bug Bounty Redacted #3: Hacking APIs & XSS, SQLi, WAF Bypass in a regional web application - Video
](/days/day138.md)
143 | **139** | [- PHP Command Injection ->Time Based SQL $2000 bounty - Writeup
](/days/day139.md)
144 | **140** | [- How Did I Leak 5.2k Customer Data From a Large Company? (via Broken Access Control) - Writeup
](/days/day140.md)
145 | **141** | [- My Bug Bounty Adventure (Fuzzing + Information Disclosure) - Writeup
](/days/day141.md)
146 | **142** | [- Exploiting CRLF Injection can lands into a nice bounty - Writeup
](/days/day142.md)
147 | **143** | [- PayPal IDOR via billing Agreement Token (closed Informative, payment fraud) - Writeup
](/days/day143.md)
148 | **144** | [- How I Hacked NASA to execute arbitrary commands in their server! - Writeup
](/days/day144.md)
149 | **145** | [- SQL injection through HTTP headers - Writeup
](/days/day145.md)
150 | **146** | [- Automate your recon With Censys HOW Pro hacker use Censys - Writeup
](/days/day146.md)
151 | **147** | [- How I Found a company’s internal S3 Bucket with 41k Files - Writeup
](/days/day147.md)
152 | **148** | [- Bypassing File Upload Restriction using Magic Bytes - Writeup
](/days/day148.md)
153 | **149** | [- Story about more than 3.5 million PII leakage in Yahoo!!! (Using an IOS) - Writeup
](/days/day149.md)
154 | **150** | [- How to find & access Admin Panel by digging into JS files - Writeup
](/days/day150.md)
155 | **151** | [](/days/day151.md)
156 | **152** | [- Understanding And Identifying Insecure Deserialization - Writeup
](/days/day152.md)
157 | **153** | [- Dependency Confusion : A Supply Chain Attack - Writeup
](/days/day153.md)
158 | **154** | []()
159 | **155** | [- This is why you shouldn’t trust your Federated Identity Provider - Writeup
](https://medium.com/@soufianehabti/this-is-why-you-shouldnt-trust-your-federated-identity-provider-62160f50d8b2)
160 | **156** | [- If It’s a Feature!!! Let’s Abuse It for $750 - Writeup
](https://medium.com/@shakti.gtp/if-its-a-feature-let-s-abuse-it-for-750-19cfb9848d4b)
161 | **157** | [- Business Logic Errors - Art of Testing Cards - Writeup
](https://shahjerry33.medium.com/business-logic-errors-art-of-testing-cards-4907cfb46a57)
162 | **158** | [- Hacking Nginx: Best ways - Writeup
](https://infosecwriteups.com/hacking-nginx-best-ways-7c576cc17ccc)
163 | **159** | [- Frida hooking android part 1 - Writeup
](https://11x256.github.io/Frida-hooking-android-part-1/)
164 | **160** | [- Frida hooking android part 2 - Writeup
](https://11x256.github.io/Frida-hooking-android-part-2/)
165 | **161** | [- Frida hooking android part 3 - Writeup
](https://11x256.github.io/Frida-hooking-android-part-3/)
166 | **162** | [- Frida hooking android part 4 - Writeup
](https://11x256.github.io/Frida-hooking-android-part-4/)
167 | **163** | [- Frida hooking android part 5: Bypassing AES encryption - Writeup
](https://11x256.github.io/Frida-hooking-android-part-5/)
168 | **164** | [- Exploiting esoteric android vulnerability - Workshop by Sharan & Sanjay at BSides Ahmedabad 2021 - Video
](https://www.youtube.com/watch?v=nr4I1aXii-w)
169 | **165** | [- Andromeda- GUI based Dynamic Instrumentation Toolkit powered by Frida - Shivang Desai - Video
](https://www.youtube.com/watch?v=qOEaA2CNNmU)
170 | **166** | [- How I found a Critical Bug in Instagram and Got 49500$ Bounty From Facebook - Writeup
](https://infosecwriteups.com/how-i-found-a-critical-bug-in-instagram-and-got-49500-bounty-from-facebook-626ff2c6a853)
171 | **167** | [- Hacking into WordPress themes for CVEs and Fun - Writeup
](https://medium.com/pentesternepal/hacking-into-wordpress-themes-for-cves-and-fun-bdde6c834344)
172 | **168** | [- Bug Bounty Redacted #4: Writing to S3 buckets & Insecure JWT Implementation - Writeup
](https://www.youtube.com/watch?v=F7QvhHJB-ck)
173 | **169 - 177** | [- Android development - Video
](https://www.youtube.com/playlist?list=PLjVLYmrlmjGdDps6HAwOOVoAtBPAgIOXL)
174 | **178 - 183** | [](https://academy.tcm-sec.com/p/linux-101)
175 | **184 - 189** | [- Linux Privilege Escalation for Beginners - Course
](https://academy.tcm-sec.com/p/linux-privilege-escalation)
176 | 190 | [- Admin account takeover via weird Password Reset Functionality - Writeup
](https://0xmahmoudjo0.medium.com/admin-account-takeover-via-weird-password-reset-functionality-166ce90b1e58)
177 | 191 | [- Access control worth $2000 : everyone missed this IDOR+Access control between two admins - Writeup
](https://medium.com/pentesternepal/access-control-worth-2000-everyone-missed-this-idor-access-control-between-two-admins-9745eaf15d21)
178 | 192 | [- How I was able edit target website’s AWS files from the file upload function? - Writeup
](https://infosecwriteups.com/bug-bounty-how-i-was-able-edit-awss-files-from-file-upload-function-cb33bc3bd3a9)
179 | 193 | [- XXE in Public Transport Ticketing Mobile APP - Writeup
](https://infosecwriteups.com/xxe-in-public-transport-ticketing-mobile-app-81ae245c01a1)
180 | 194 | [- RCE IN EC2 INSTANCE VIA SSH WITH PRIVATE KEY EXPOSED ON PUBLIC GITHUB REPOSITORY – $XX,000 USD - Writeup
](https://omespino.com/write-up-private-bug-bounty-rce-in-ec2-instance-via-ssh-with-private-key-exposed-on-public-github-repository-xx000-usd/)
181 | 195 | [- How I was able to Regain access to account deleted by Admin leading to $$$ - Writeup
](https://rajeshranjan457.medium.com/how-i-was-able-to-regain-access-to-account-deleted-by-admin-leading-to-a2c29025f8cd)
182 | 196 | [- OAuth Misconfiguration Leads To Pre-Account Takeover - Writeup
](https://infosecwriteups.com/oauth-misconfiguration-leads-to-pre-account-takeover-8f94c1ef50be)
183 | 197 | [- How to find Origin IP - Writeup
](https://medium.com/@bobby.S/how-to-find-origin-ip-1f684f459942)
184 | 198 | [- PII Disclosure of Apple Users ($10k) - Writeup
](https://ahmdhalabi.medium.com/pii-disclosure-of-apple-users-10k-d1e3d29bae36)
185 | 199 | [- Android and Java API : Frida - Documentation
](https://learnfrida.info/#android-and-java-api)
186 | 200 | [- Behind the Bug: Password reset poisoning - Writeup
](https://noob3xploiter.medium.com/behind-the-bug-password-reset-poisoning-f5a51d890260)
187 | 201 | [- Websocket Hijacking to steal Session_ID of victim user - Writeup
](https://infosecwriteups.com/websocket-hijacking-to-steal-session-id-of-victim-users-bca84243830)
188 | 202 | [- How to use Burp Suite Like a PRO? PART – 1 - Writeup
](https://www.pethuraj.com/blog/use-burpsuite-like-a-pro-part-1/)
189 | 203 | [- Ultimate Tips And Tricks To Find More Cross-Site Scripting Vulnerabilities - Writeup
](https://bxmbn.medium.com/ultimate-tips-and-tricks-to-find-more-cross-site-scripting-vulnerabilities-d2913765e2d5)
190 | 204 | [- Setting iOS App Testing Environment with Burp-suite & Corellium - Writeup
](https://medium.com/@prinsharma1999/setting-ios-app-testing-environment-with-burp-suite-corellium-21d6eb82b5ca)
191 | 205 | [- How I Test For Web Cache Vulnerabilities + Tips And Tricks - Writeup
](https://bxmbn.medium.com/how-i-test-for-web-cache-vulnerabilities-tips-and-tricks-9b138da08ff9)
192 | 206 | [- Information Disclosure to Account Takeover - Writeup
](https://sunilyedla.medium.com/information-disclosure-to-account-takeover-a21b2b54147a)
193 | 207 | [- You MUST sanitize PHP mail() inputs — or else RCE! - Writeup
](https://infosecwriteups.com/you-must-sanitize-php-mail-inputs-or-else-rce-7ac7ba906dca)
194 | 208 | [- Mail Server Misconfiguration leads to sending a fax from anyone’s account on HelloFax (Dropbox BBP) for a bounty of $4,913 - Writeup
](https://infosecwriteups.com/mail-server-misconfiguration-leads-to-sending-a-fax-from-anyones-account-on-hellofax-dropbox-bbp-aab3d97ab4e7)
195 | 209 | [- How to prevent hackers from reverse engineering your Android apps - Writeup
](https://proandroiddev.com/how-to-prevent-hackers-from-reverse-engineering-your-android-apps-2981661ab1c2)
196 | 210 | [- How this team accidentally found a SSRF in Slack exposing AWS credentials! A $4000 bug bounty - Writeup
](https://infosecwriteups.com/how-this-team-accidentally-found-a-ssrf-in-slack-exposing-aws-credentials-a-4000-bug-bounty-513be19286e)
197 | 211 - 212 | [- Linux Privilege Escalation - Pentester acacademy bootcamp
]()
198 | 213 - 214 | [- Solve linuxprivesc Room - Tryhackme
](https://tryhackme.com/room/linuxprivesc)
199 | 215 - 217 | [- Frida Scripting Guide for Java - Writeup
](https://cmrodriguez.me/blog/frida-scripting-guide/)
200 | 218| [- Exploring Native Functions with Frida on Android : part 3 - Writeup
](https://mobsecguys.medium.com/exploring-native-functions-with-frida-on-android-part-3-45422ae18caa)
201 | 219 | [- Exploring Native Functions with Frida on Android : part 4 - Writeup
](https://medium.com/swlh/exploring-native-functions-with-frida-on-android-part-4-22db2c247e29)
202 | 220 | [- Stored XSS to Account Takeover : Going beyond document.cookie : Stealing Session Data from IndexedDB - Writeup
](https://infosecwriteups.com/stored-xss-to-account-takeover-going-beyond-document-cookie-970e42362f43)
203 | 221 | [- SQL Injection filter bypass to perform blind SQL Injection - Writeup
](http://www.mannulinux.org/2020/09/sql-injection-filter-bypass-to-perform.html)
204 | 222 | [- Abusing URL Shortners for fun and profit - Writeup
](https://infosecwriteups.com/abusing-url-shortners-for-fun-and-profit-c83c67713916 )
205 | 223 | [- Android WebView Hacking : Enable WebView Debugging - Writeup
](https://infosecwriteups.com/android-webview-hacking-enable-webview-debugging-d292b53f7a63)
206 | 224 | [- Defeat the HttpOnly flag to achieve Account Takeover : RXSS - Writeup
](https://medium.com/@mohamedtarekq/defeat-the-httponly-flag-to-achieve-account-takeover-rxss-c16849d3d192)
207 | 225 -230 | [- Android App Hacking - Black Belt Edition - Udemy Course
](https://www.udemy.com/course/android-app-hacking-black-belt-edition/)
208 | 231 | [- Solving CTF with Frida : Part 1 - Writeup
](https://cmrodriguez.me/blog/hpandro-1/)
209 | 232 | [- Solving CTF with Frida : Part 2 - Writeup
](https://cmrodriguez.me/blog/hpandro-2/)
210 | 233 | [- Solving CTF with Frida : Part 3 - Writeup
](https://cmrodriguez.me/blog/hpandro-3/)
211 | 234| [- Solving CTF with Frida : Part 4 - Writeup
](https://cmrodriguez.me/blog/hpandro-4/)
212 | 235 - 240 | [- Watched Android CTF video from Youtube channel Umar_0x01 - Video
](https://www.youtube.com/c/Umar0x01)
213 | 241 | [- Bypassing ModSecurity for RCEs - Writeup
](https://s0md3v.github.io/blog/modsecurity-rce-bypass)
214 | 242 | [- Bypassing Amazon WAF to pop an alert() - Writeup
](https://infosecwriteups.com/bypassing-amazon-waf-to-pop-an-alert-4646ce35554e)
215 | 243 | [- Exploiting Android’s Task Hijacking - Writeup
](https://medium.com/mobis3c/android-task-hijacking-6a3a8848f16e)
216 | 244 - 248 | [- Windows Privilege Escalation for Beginners - TCM Course
](https://academy.tcm-sec.com/p/windows-privilege-escalation-for-beginners)
217 | 249 | [- Cool Recon techniques every hacker misses! - Writeup
](https://infosecwriteups.com/cool-recon-techniques-every-hacker-misses-1c5e0e294e89)
218 | 250 | [- Intruder and CSRF-protected form, without macros - Writeup
](https://www.agarri.fr/blog/archives/2020/01/13/intruder_and_csrf-protected_form_without_macros/index.html)
219 | 251 | [- New technique 403 bypass - Writeup
](https://infosecwriteups.com/403-bypass-lyncdiscover-microsoft-com-db2778458c33)
220 | 252 | [- Exploiting XSS with Javascript/JPEG Polyglot - Writeup
](https://systemweakness.com/exploiting-xss-with-javascript-jpeg-polyglot-4cff06f8201a)
221 | 253 | [- Hacking Android Foreground Services Escalation Of Privileges by Rony Das - Nullcon Goa
- Jailbreaking iOS in the post-apocalyptic era by CoolStar & Tihmstar - Nullcon Goa
]()
222 | 254 | [- Can write single Exploit payload which can exploit both HTML and JS injection - Tweet
](https://twitter.com/sec_r0/status/1566470552050716677)
223 | 255 | [- A context insensitive sqli payload polyglot - Tweet
](https://twitter.com/sec_r0/status/1566833869764136962)
224 | 256 | [- Find References: The most underrated and underused feature of @Burp_Suite - Tweet
](https://twitter.com/sec_r0/status/1569008077331959809)
225 | 257 | [- Reversing an Android sample which uses Flutter - Writeup
](https://medium.com/@cryptax/reversing-an-android-sample-which-uses-flutter-23c3ff04b847)
226 | 258 - 261 | [- Windows Privilege Escalation for Beginners - TCM Course
](https://academy.tcm-sec.com/p/windows-privilege-escalation-for-beginners)
227 | 262 | [- Escalation Path Executable Files - WindowsPriv
- Escalation Path Startup Applications - WindowsPriv
- Escalation Path DLL Hijacking - WindowsPriv
](https://academy.tcm-sec.com/p/windows-privilege-escalation-for-beginners)
228 | 263 | [- Escalation Path Service Permissions (Paths) - WindowsPriv
](https://academy.tcm-sec.com/p/windows-privilege-escalation-for-beginners)
229 | 264 | [- Escalation Path CVE-2019-1388 - WindowsPriv
](https://academy.tcm-sec.com/p/windows-privilege-escalation-for-beginners)
230 | 265-267 | [- Capstone Challenge - WindowsPriv
](https://academy.tcm-sec.com/p/windows-privilege-escalation-for-beginners)
231 | 268-270 | [](https://tryhackme.com/room/wreath)
232 | 271 | [- Network Pivoting using Metasploit and Proxychains - Writeup
](https://blog.pentesteracademy.com/network-pivoting-using-metasploit-and-proxychains-c04472f8eed0)
233 | 272 | [- Metasploit: Pivoting - Writeup
](https://medium.com/swlh/metasploit-pivoting-281636b23279)
234 | 273 - 274| [- Explore Hidden Networks With Double Pivoting - Writeup
](https://pentest.blog/explore-hidden-networks-with-double-pivoting/)
235 | 275 | [- Pivoting Entire Network with Chisel - Video
](https://www.youtube.com/watch?v=srUUUkcYEwg)
236 | 276 | [- Deep dive in double network Pivoting with Metasploit and ProxyChains - Video
](https://www.youtube.com/watch?v=J-F_3PMbNGo)
237 | 277 | [- lazyadmin - Tryhackme Room
](https://tryhackme.com/room/lazyadmin)
238 | 278 | [](https://tryhackme.com/room/empline)
239 | 279 | [- Vulnnetinternal - Tryhackme Room
](https://tryhackme.com/room/vulnnetinternal)
240 | 280 | [](https://tryhackme.com/room/gatekeeper)
241 | 281 | [- Buffer Overflow for #OSCP and #eCPPT in 20 minutes - Video
](https://www.youtube.com/watch?v=fSnlhHXRthc)
242 | 282 | [- Pivoting in Metasploit to Hack Deeper into a Network - Writeup
](https://www.hackingloops.com/pivoting-in-metasploit/)
243 | 283 - 285 | [- Reading Github Repos on ECPPT - Repo
](https://github.com/RosePwns/eCPPT_Course_Notes)
244 | 286 | [- Upgrade Normal Shell To Meterpreter Shell - Writeup
](https://infosecwriteups.com/metasploit-upgrade-normal-shell-to-meterpreter-shell-2f09be895646)
245 | 287 | [- Home Lab: ProxyChains, eCPPT prep - Video
](https://www.youtube.com/watch?v=QNoIX1au_CM)
246 | 288 | [- Pivoting: Metasploit(meterpreter)+Proxychains - Writeup
](https://pswalia2u.medium.com/pivoting-metasploit-proxychains-85d18ce5bf2d)
247 | 289 | [- Metasploit: Portproxy(tunneling meterpreter session inside another meterpreter session)+socat+chisel - Writeup
](https://pswalia2u.medium.com/metasploit-portproxy-tunneling-meterpreter-session-inside-another-meterpreter-session-9a99bcf959ac)
248 | 290 | [- How to Implement Pivoting and Relaying Techniques Using Meterpreter - gitbooks
](https://medium.com/axon-technologies/how-to-implement-pivoting-and-relaying-techniques-using-meterpreter-b6f5ec666795)
249 | 291 - 292 | [](https://sushant747.gitbooks.io/total-oscp-guide/content/linux.html)
250 | 293 - 302 | [- Going through INE PDF Material
]()
251 | 303 - 310 | []()
252 | 311 | [- AWS SSRF to Root on production instance - Writeup
](https://logicbomb.medium.com/a-bug-worth-1-75lacs-aws-ssrf-to-rce-8d43d5fda899)
253 | 312 | [- Weird Vulnerabilities Happening on Load Balancers, Shallow Copies and Caches - Writeup
](https://medium.com/dataseries/weird-vulnerabilities-happening-on-load-balancers-shallow-copies-and-caches-9194d4f72322)
254 | 313 | [- Chaining Path Traversal with SSRF to disclose internal git repo data in a Bank Asset - Writeup
](https://blog.niksthehacker.com/chaining-path-traversal-with-ssrf-to-disclose-internal-git-repo-data-in-a-bank-asset-8af4de6f12e)
255 | 314 | [- Making API Bug Bounties A Breeze! - Writeup
](https://medium.com/@harish_nataraj/making-api-bug-bounties-a-breeze-bf6443db5b37)
256 | 315 | [- Chaining Cache Poisoning To Stored XSS - Writeup
](https://nahoragg.medium.com/chaining-cache-poisoning-to-stored-xss-b910076bda4f)
257 | 316 | [- $6000 with Microsoft Hall of Fame, Microsoft Firewall Bypass, CRLF to XSS, Microsoft Bug Bounty - Writeup
](https://infosecwriteups.com/6000-with-microsoft-hall-of-fame-microsoft-firewall-bypass-crlf-to-xss-microsoft-bug-bounty-8f6615c47922)
258 | 317 | [- The Zaheck of Android Deep Links! - Writeup
](https://infosecwriteups.com/the-zaheck-of-android-deep-links-a5f57dc4ae4c)
259 | 318 | [- How I Got $10,000 From GitHub For Bypassing Filtration oF HTML tags - Writeup
](https://infosecwriteups.com/how-i-got-10-000-from-github-for-bypassing-filtration-of-html-tags-db31173c8b37)
260 | 319 | [- All about: CORS Misconfiguration - Writeup
](https://systemweakness.com/all-about-cors-misconfiguration-b8f1831e9f18)
261 | 320 | [- Winning QR with DOM-Based XSS - Writeup
](https://medium.com/@haroonhameed_76621/winning-qr-with-dom-based-xss-bug-bounty-poc-4b4048cf285d)
262 | 321 | [- JSON Deserialitzation Attack - Writeup
](https://medium.com/@s12deff/json-deserialitzation-attack-78255d16187e)
263 | 322 | [- $250 for Email account enumeration using NameToMail tool - Writeup
](https://medium.com/@snoopy101/250-for-email-account-enumeration-using-nametomail-tool-cce02a17ade8)
264 | 323 | [- How i found 8 vulnerabilities in 24h - Writeup
](https://0xm5awy.medium.com/how-i-found-8-vulnerabilities-in-24h-aad3bd5fd487)
265 | 324 | [- Account Takeovers Believe the Unbelievable - Writeup
](https://www.synack.com/blog/account-takeovers-believe-the-unbelievable/)
266 | 324 | [- Account Takeovers Believe the Unbelievable - Writeup
](https://www.synack.com/blog/account-takeovers-believe-the-unbelievable/)
267 | 325 | [](https://koumudi-garikipati.medium.com/json-based-xss-84089141c136)
268 | 326 | [- Domain hacks with unusual Unicode characters - Writeup
](https://shkspr.mobi/blog/2018/11/domain-hacks-with-unusual-unicode-characters/)
269 | 327 | [- Deep Link Exploitation: Introduction & Open/unvalidated Redirection - Writeup
](https://medium.com/mobis3c/deep-link-exploitation-introduction-open-unvalidated-redirection-b8344f00b17b)
270 | 328 | [- Exploiting Android WebView Vulnerabilities - Writeup
](https://medium.com/mobis3c/exploiting-android-webview-vulnerabilities-e2bcff780892#6537)
271 | 329 | [- SSRF via DNS Rebinding CVE-2022–4096 - Writeup
](https://infosecwriteups.com/ssrf-via-dns-rebinding-cve-2022-4096-b7bf75928bb2)
272 | 330 | [- Unique Rate limit bypass worth 1800$ - Writeup
](https://infosecwriteups.com/unique-rate-limit-bypass-worth-1800-6e2947c7d972)
273 | 331 | [- Getting started with Code Review - Security Boat Meetup
]()
274 | 332 | [- Firebase Exploit bug bounty - Writeup
](https://medium.com/@damaidec/firebase-exploit-bug-bounty-be63f4dc1e4a)
275 | 333 | [- A Guide to DNS Takeovers: The Misunderstood Cousin of Subdomain Takeovers - Writeup
](https://blog.projectdiscovery.io/guide-to-dns-takeovers/)
276 | 334 | [- Calculating CVSS - Writeup
](https://gupta-bless.medium.com/calculating-cvss-d30b9ef5e941)
277 | 335 | [- Multiple Vulnerabilities found in Airtel Android Application - Writeup
](https://offsec.space/posts/airtel-vulnerabilities/)
278 | 336 | [- Remote Command Execution in a Bank Server - Writeup
](https://medium.com/@win3zz/remote-command-execution-in-a-bank-server-b213f9f42afe)
279 | 337 | [- How I made $31500 by submitting a bug to Facebook - Writeup
](https://medium.com/@win3zz/how-i-made-31500-by-submitting-a-bug-to-facebook-d31bb046e204)
280 | 338 | [- Manipulating AES Traffic using a Chain of Proxies and Hardcoded Keys - Writeup
](https://blog.dixitaditya.com/manipulating-aes-traffic-using-a-chain-of-proxies-and-hardcoded-keys)
281 | 339 | [- Understanding IMAP/SMTP injection - Writeup
](https://gupta-bless.medium.com/understanding-smtp-injection-8de282334bf)
282 | 340 | [- Bug Writeup: RCE via SSTI on Spring Boot Error Page with Akamai WAF Bypass - Writeup
](https://h1pmnh.github.io/post/writeup_spring_el_waf_bypass/)
283 | 341 | [- Nuclei v2.8.0 - Fuzz all the way! - Writeup
](https://blog.projectdiscovery.io/nuclei-fuzz-all-the-way/)
284 | 342 | [- Race Condition vulnerability in Azure Video Indexer allowed trial account users use Advance / Premium feature - Writeup
](https://blog.agilehunt.com/blogs/security/race-condition-vulnerability-in-azure-video-indexer-allowed-trial-account-users-use-advance-premium-feature)
285 | 343 | [- Exploiting Missing HSTS - Writeup
]( https://medium.com/@ibm_ptc_security/exploiting-missing-hsts-54f8e23ed80b)
286 | 344 | [- Kony Mobile Frameworks Reverse Engineering Write Up Wreck IT 2022 CTF Quals - Writeup
](https://maulvialf.medium.com/write-up-wreckit-3-0-quals-rev-suusamyr-527f3e7a8c4)
287 | 345-346 | [- JavaScript prototype pollution: practice of finding and exploitation - Writeup
](https://infosecwriteups.com/javascript-prototype-pollution-practice-of-finding-and-exploitation-f97284333b2)
288 | 347-348 | [- How to Hack WebSockets and Socket.io - Writeup
](https://www.blackhillsinfosec.com/how-to-hack-websockets-and-socket-io/)
289 | 349 | [- Doing it the researcher’s way: How I Managed to Get SSTI which lead to arbitrary file reading on One of the Leading Payment Systems in Asia - Writeup
](https://medium.com/@jazdprince/doing-it-the-researchers-way-how-i-managed-to-get-ssti-server-side-template-injection-which-66b239ca0104)
290 | 350 | [- Unusual Cache Poisoning between Akamai and S3 buckets - Writeup
](https://spyclub.tech/2022/12/14/unusual-cache-poisoning-akamai-s3/)
291 | 351 - 352 | [- Infoseccomm event - Event
]()
292 | 353 | [- Param Hunting to Injections - Writeup
](https://infosecwriteups.com/param-hunting-to-injections-4365da5447cf)
293 | 354 | [- How I was able to steal users credentials via Swagger UI DOM-XSS - Writeup
](https://medium.com/@M0X0101/how-i-was-able-to-steal-users-credentials-via-swagger-ui-dom-xss-e84255eb8c96)
294 | 355 | [- Understanding Memcache Injection - Writeup
](https://infosecwriteups.com/understanding-memcache-injection-d4d8f57595f0)
295 | 356 | [- GraphQL Pentesting for Dummies! Part-1 - Writeup
](https://anugrahsr.in/graphql-pentesting-for-dummies_part1/)
296 | 357 - 359| [- Gaining Access to Protected Components In Android - Writeup
- Penetrate the Protected Component in Android Part -1 - Writeup
- Penetrate the Protected Component in Android Part -2 - Writeup
- Android Hacking-Exploiting Content Providers
](https://www.youtube.com/watch?v=11cscd_okgw&t=2618s&ab_channel=Payatu)
297 | 360 | [- Hack crypto secrets from heap memory to exploit Android application - Writeup
](https://infosecwriteups.com/hack-crypto-secrets-from-heap-memory-to-exploit-android-application-728097fcda3)
298 | 361 | [- $350 XSS in 15 minutes - Writeup
](https://infosecwriteups.com/350-xss-in-15-minutes-dcb74ad93d5f)
299 | 362 | [- Command-Line Data-Wrangling by Tomnomnom - Video
]( https://www.youtube.com/watch?v=QSq-aYYQpro&ab_channel=NahamSec)
300 | 363 | [- Unauthorized Sign-up on Subdomain of Subdomain leading to Organization takeover worth $2000 - Writeup
](https://infosecwriteups.com/unauthorized-sign-up-on-subdomain-of-subdomain-leading-to-organization-takeover-worth-2000-a7199952d80b)
301 | 364 | [- Exploring the World of ESI Injection - Writeup
](https://sudhanshur705.medium.com/exploring-the-world-of-esi-injection-b86234e66f91)
302 | 365 | [- SSRF vulnerabilities caused by SNI proxy misconfigurations - Writeup
](https://www.invicti.com/blog/web-security/ssrf-vulnerabilities-caused-by-sni-proxy-misconfigurations/)
303 |
--------------------------------------------------------------------------------