├── .images ├── telegram.png └── twitter.png ├── BurpSuite ├── Basic_Auth_BruteForce.png ├── Effective_Search_In_Burp.png ├── Intruder_Server_Response_Time.png ├── Proxy_Show_Hidden_Match_Replace_1.png ├── Proxy_Show_Hidden_Match_Replace_2.png ├── Proxy_Show_Hidden_Match_Replace_3.png └── Target_Show_All_HTML_Comments.png ├── MindMaps ├── 2FA_bugs.png ├── 2FA_bugs.xmind ├── File_upload_bugs.png ├── File_upload_bugs.xmind ├── OAuth_bugs.png ├── OAuth_bugs.xmind ├── README.md ├── SSRF.png ├── SSRF.xmind ├── iOS_Security.jpg ├── iOS_Security.xmind ├── iOS_for_BugBounty.jpg └── iOS_for_BugBounty.xmind ├── Misc ├── Multiple_Firefox_Accounts.jpg ├── One_Line_Simple_Servers.jpg └── Remove_Firefox_Telemetry.jpg ├── Mobile ├── Android_Versions.png ├── Check_Exported_Activities.jpg ├── How_To_Extract_APK.png └── Mitm │ ├── MiTM_Android_App_4_Ways.png │ ├── MiTM_Android_App_DNS.png │ ├── MiTM_Android_App_IPTABLES.png │ └── SSL_Unpinning_Case.png ├── Passwords ├── Password_Spraying.jpg └── Passwords_Weakpass.jpg ├── Pentest.Redteam ├── Cisco_Smart_Install.jpg ├── Gateway_Finder.jpg ├── Sniffing_SSH_Passwords_3Snake.jpg ├── Socks_to_internal_network_Frp_Proxy.png └── Tunneling_Over_DNS.jpg ├── README.md ├── Recon ├── Dirsearch_Like_A_Pro.jpg ├── Find_IP_behind_cloud_Firewall_1.png ├── Find_IP_behind_cloud_Firewall_2.png ├── Recon_BGP.HE.NET.jpg └── WayBackURLs.jpg └── Web ├── Bypass_403_Top_4.jpg ├── CORS ├── Breaking_CORS_Bypass_Allow_List.jpg ├── Breaking_CORS_Chrome_Cache.png └── Breaking_CORS_null_Origin.jpg ├── CSRF └── Common_CSRF_Bypasses.jpg ├── Insecure_Deserialization.jpg ├── JavaScript ├── Monitor_Changes_In_JS_1.jpg └── Monitor_Changes_In_JS_2.jpg ├── Mass_Assignment.png ├── Rendrer_PDF_Generators_SSRF.jpg ├── SQL Injection └── Test_SQL_Injection_Fiddle.jpg ├── Samesite ├── Bypassing_Samesite_120_secs.jpg ├── Samesite_Common_Info.jpg └── Samesite_Different_Cookies_Behavior.jpg ├── WebSockets └── Websocket_Hijacking.jpg └── XSS ├── Encodings_JS_XSS.jpg ├── Mutation_Points_HTML_XSS.jpg └── Upgrading_Self_XSS.jpg /.images/telegram.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/.images/telegram.png -------------------------------------------------------------------------------- /.images/twitter.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/.images/twitter.png -------------------------------------------------------------------------------- /BurpSuite/Basic_Auth_BruteForce.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/BurpSuite/Basic_Auth_BruteForce.png -------------------------------------------------------------------------------- /BurpSuite/Effective_Search_In_Burp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/BurpSuite/Effective_Search_In_Burp.png -------------------------------------------------------------------------------- /BurpSuite/Intruder_Server_Response_Time.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/BurpSuite/Intruder_Server_Response_Time.png -------------------------------------------------------------------------------- /BurpSuite/Proxy_Show_Hidden_Match_Replace_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/BurpSuite/Proxy_Show_Hidden_Match_Replace_1.png -------------------------------------------------------------------------------- /BurpSuite/Proxy_Show_Hidden_Match_Replace_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/BurpSuite/Proxy_Show_Hidden_Match_Replace_2.png -------------------------------------------------------------------------------- /BurpSuite/Proxy_Show_Hidden_Match_Replace_3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/BurpSuite/Proxy_Show_Hidden_Match_Replace_3.png -------------------------------------------------------------------------------- /BurpSuite/Target_Show_All_HTML_Comments.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/BurpSuite/Target_Show_All_HTML_Comments.png -------------------------------------------------------------------------------- /MindMaps/2FA_bugs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/MindMaps/2FA_bugs.png -------------------------------------------------------------------------------- /MindMaps/2FA_bugs.xmind: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/MindMaps/2FA_bugs.xmind -------------------------------------------------------------------------------- /MindMaps/File_upload_bugs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/MindMaps/File_upload_bugs.png -------------------------------------------------------------------------------- /MindMaps/File_upload_bugs.xmind: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/MindMaps/File_upload_bugs.xmind -------------------------------------------------------------------------------- /MindMaps/OAuth_bugs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/MindMaps/OAuth_bugs.png -------------------------------------------------------------------------------- /MindMaps/OAuth_bugs.xmind: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/MindMaps/OAuth_bugs.xmind -------------------------------------------------------------------------------- /MindMaps/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/MindMaps/README.md -------------------------------------------------------------------------------- /MindMaps/SSRF.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/MindMaps/SSRF.png -------------------------------------------------------------------------------- /MindMaps/SSRF.xmind: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/MindMaps/SSRF.xmind -------------------------------------------------------------------------------- /MindMaps/iOS_Security.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/MindMaps/iOS_Security.jpg -------------------------------------------------------------------------------- /MindMaps/iOS_Security.xmind: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/MindMaps/iOS_Security.xmind -------------------------------------------------------------------------------- /MindMaps/iOS_for_BugBounty.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/MindMaps/iOS_for_BugBounty.jpg -------------------------------------------------------------------------------- /MindMaps/iOS_for_BugBounty.xmind: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/MindMaps/iOS_for_BugBounty.xmind -------------------------------------------------------------------------------- /Misc/Multiple_Firefox_Accounts.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Misc/Multiple_Firefox_Accounts.jpg -------------------------------------------------------------------------------- /Misc/One_Line_Simple_Servers.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Misc/One_Line_Simple_Servers.jpg -------------------------------------------------------------------------------- /Misc/Remove_Firefox_Telemetry.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Misc/Remove_Firefox_Telemetry.jpg -------------------------------------------------------------------------------- /Mobile/Android_Versions.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Mobile/Android_Versions.png -------------------------------------------------------------------------------- /Mobile/Check_Exported_Activities.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Mobile/Check_Exported_Activities.jpg -------------------------------------------------------------------------------- /Mobile/How_To_Extract_APK.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Mobile/How_To_Extract_APK.png -------------------------------------------------------------------------------- /Mobile/Mitm/MiTM_Android_App_4_Ways.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Mobile/Mitm/MiTM_Android_App_4_Ways.png -------------------------------------------------------------------------------- /Mobile/Mitm/MiTM_Android_App_DNS.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Mobile/Mitm/MiTM_Android_App_DNS.png -------------------------------------------------------------------------------- /Mobile/Mitm/MiTM_Android_App_IPTABLES.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Mobile/Mitm/MiTM_Android_App_IPTABLES.png -------------------------------------------------------------------------------- /Mobile/Mitm/SSL_Unpinning_Case.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Mobile/Mitm/SSL_Unpinning_Case.png -------------------------------------------------------------------------------- /Passwords/Password_Spraying.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Passwords/Password_Spraying.jpg -------------------------------------------------------------------------------- /Passwords/Passwords_Weakpass.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Passwords/Passwords_Weakpass.jpg -------------------------------------------------------------------------------- /Pentest.Redteam/Cisco_Smart_Install.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Pentest.Redteam/Cisco_Smart_Install.jpg -------------------------------------------------------------------------------- /Pentest.Redteam/Gateway_Finder.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Pentest.Redteam/Gateway_Finder.jpg -------------------------------------------------------------------------------- /Pentest.Redteam/Sniffing_SSH_Passwords_3Snake.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Pentest.Redteam/Sniffing_SSH_Passwords_3Snake.jpg -------------------------------------------------------------------------------- /Pentest.Redteam/Socks_to_internal_network_Frp_Proxy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Pentest.Redteam/Socks_to_internal_network_Frp_Proxy.png -------------------------------------------------------------------------------- /Pentest.Redteam/Tunneling_Over_DNS.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Pentest.Redteam/Tunneling_Over_DNS.jpg -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/README.md -------------------------------------------------------------------------------- /Recon/Dirsearch_Like_A_Pro.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Recon/Dirsearch_Like_A_Pro.jpg -------------------------------------------------------------------------------- /Recon/Find_IP_behind_cloud_Firewall_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Recon/Find_IP_behind_cloud_Firewall_1.png -------------------------------------------------------------------------------- /Recon/Find_IP_behind_cloud_Firewall_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Recon/Find_IP_behind_cloud_Firewall_2.png -------------------------------------------------------------------------------- /Recon/Recon_BGP.HE.NET.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Recon/Recon_BGP.HE.NET.jpg -------------------------------------------------------------------------------- /Recon/WayBackURLs.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Recon/WayBackURLs.jpg -------------------------------------------------------------------------------- /Web/Bypass_403_Top_4.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/Bypass_403_Top_4.jpg -------------------------------------------------------------------------------- /Web/CORS/Breaking_CORS_Bypass_Allow_List.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/CORS/Breaking_CORS_Bypass_Allow_List.jpg -------------------------------------------------------------------------------- /Web/CORS/Breaking_CORS_Chrome_Cache.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/CORS/Breaking_CORS_Chrome_Cache.png -------------------------------------------------------------------------------- /Web/CORS/Breaking_CORS_null_Origin.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/CORS/Breaking_CORS_null_Origin.jpg -------------------------------------------------------------------------------- /Web/CSRF/Common_CSRF_Bypasses.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/CSRF/Common_CSRF_Bypasses.jpg -------------------------------------------------------------------------------- /Web/Insecure_Deserialization.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/Insecure_Deserialization.jpg -------------------------------------------------------------------------------- /Web/JavaScript/Monitor_Changes_In_JS_1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/JavaScript/Monitor_Changes_In_JS_1.jpg -------------------------------------------------------------------------------- /Web/JavaScript/Monitor_Changes_In_JS_2.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/JavaScript/Monitor_Changes_In_JS_2.jpg -------------------------------------------------------------------------------- /Web/Mass_Assignment.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/Mass_Assignment.png -------------------------------------------------------------------------------- /Web/Rendrer_PDF_Generators_SSRF.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/Rendrer_PDF_Generators_SSRF.jpg -------------------------------------------------------------------------------- /Web/SQL Injection/Test_SQL_Injection_Fiddle.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/SQL Injection/Test_SQL_Injection_Fiddle.jpg -------------------------------------------------------------------------------- /Web/Samesite/Bypassing_Samesite_120_secs.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/Samesite/Bypassing_Samesite_120_secs.jpg -------------------------------------------------------------------------------- /Web/Samesite/Samesite_Common_Info.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/Samesite/Samesite_Common_Info.jpg -------------------------------------------------------------------------------- /Web/Samesite/Samesite_Different_Cookies_Behavior.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/Samesite/Samesite_Different_Cookies_Behavior.jpg -------------------------------------------------------------------------------- /Web/WebSockets/Websocket_Hijacking.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/WebSockets/Websocket_Hijacking.jpg -------------------------------------------------------------------------------- /Web/XSS/Encodings_JS_XSS.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/XSS/Encodings_JS_XSS.jpg -------------------------------------------------------------------------------- /Web/XSS/Mutation_Points_HTML_XSS.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/XSS/Mutation_Points_HTML_XSS.jpg -------------------------------------------------------------------------------- /Web/XSS/Upgrading_Self_XSS.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/HEAD/Web/XSS/Upgrading_Self_XSS.jpg --------------------------------------------------------------------------------