├── .images ├── telegram.png └── twitter.png ├── BurpSuite ├── Basic_Auth_BruteForce.png ├── Effective_Search_In_Burp.png ├── Intruder_Server_Response_Time.png ├── Proxy_Show_Hidden_Match_Replace_1.png ├── Proxy_Show_Hidden_Match_Replace_2.png ├── Proxy_Show_Hidden_Match_Replace_3.png └── Target_Show_All_HTML_Comments.png ├── MindMaps ├── 2FA_bugs.png ├── 2FA_bugs.xmind ├── File_upload_bugs.png ├── File_upload_bugs.xmind ├── OAuth_bugs.png ├── OAuth_bugs.xmind ├── README.md ├── SSRF.png ├── SSRF.xmind ├── iOS_Security.jpg ├── iOS_Security.xmind ├── iOS_for_BugBounty.jpg └── iOS_for_BugBounty.xmind ├── Misc ├── Multiple_Firefox_Accounts.jpg ├── One_Line_Simple_Servers.jpg └── Remove_Firefox_Telemetry.jpg ├── Mobile ├── Android_Versions.png ├── Check_Exported_Activities.jpg ├── How_To_Extract_APK.png └── Mitm │ ├── MiTM_Android_App_4_Ways.png │ ├── MiTM_Android_App_DNS.png │ ├── MiTM_Android_App_IPTABLES.png │ └── SSL_Unpinning_Case.png ├── Passwords ├── Password_Spraying.jpg └── Passwords_Weakpass.jpg ├── Pentest.Redteam ├── Cisco_Smart_Install.jpg ├── Gateway_Finder.jpg ├── Sniffing_SSH_Passwords_3Snake.jpg ├── Socks_to_internal_network_Frp_Proxy.png └── Tunneling_Over_DNS.jpg ├── README.md ├── Recon ├── Dirsearch_Like_A_Pro.jpg ├── Find_IP_behind_cloud_Firewall_1.png ├── Find_IP_behind_cloud_Firewall_2.png ├── Recon_BGP.HE.NET.jpg └── WayBackURLs.jpg └── Web ├── Bypass_403_Top_4.jpg ├── CORS ├── Breaking_CORS_Bypass_Allow_List.jpg ├── Breaking_CORS_Chrome_Cache.png └── Breaking_CORS_null_Origin.jpg ├── CSRF └── Common_CSRF_Bypasses.jpg ├── Insecure_Deserialization.jpg ├── JavaScript ├── Monitor_Changes_In_JS_1.jpg └── Monitor_Changes_In_JS_2.jpg ├── Mass_Assignment.png ├── Rendrer_PDF_Generators_SSRF.jpg ├── SQL Injection └── Test_SQL_Injection_Fiddle.jpg ├── Samesite ├── Bypassing_Samesite_120_secs.jpg ├── Samesite_Common_Info.jpg └── Samesite_Different_Cookies_Behavior.jpg ├── WebSockets └── Websocket_Hijacking.jpg └── XSS ├── Encodings_JS_XSS.jpg ├── Mutation_Points_HTML_XSS.jpg └── Upgrading_Self_XSS.jpg /.images/telegram.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/.images/telegram.png -------------------------------------------------------------------------------- /.images/twitter.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/.images/twitter.png -------------------------------------------------------------------------------- /BurpSuite/Basic_Auth_BruteForce.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/BurpSuite/Basic_Auth_BruteForce.png -------------------------------------------------------------------------------- /BurpSuite/Effective_Search_In_Burp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/BurpSuite/Effective_Search_In_Burp.png -------------------------------------------------------------------------------- /BurpSuite/Intruder_Server_Response_Time.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/BurpSuite/Intruder_Server_Response_Time.png -------------------------------------------------------------------------------- /BurpSuite/Proxy_Show_Hidden_Match_Replace_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/BurpSuite/Proxy_Show_Hidden_Match_Replace_1.png -------------------------------------------------------------------------------- /BurpSuite/Proxy_Show_Hidden_Match_Replace_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/BurpSuite/Proxy_Show_Hidden_Match_Replace_2.png -------------------------------------------------------------------------------- /BurpSuite/Proxy_Show_Hidden_Match_Replace_3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/BurpSuite/Proxy_Show_Hidden_Match_Replace_3.png -------------------------------------------------------------------------------- /BurpSuite/Target_Show_All_HTML_Comments.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/BurpSuite/Target_Show_All_HTML_Comments.png -------------------------------------------------------------------------------- /MindMaps/2FA_bugs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/MindMaps/2FA_bugs.png -------------------------------------------------------------------------------- /MindMaps/2FA_bugs.xmind: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/MindMaps/2FA_bugs.xmind -------------------------------------------------------------------------------- /MindMaps/File_upload_bugs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/MindMaps/File_upload_bugs.png -------------------------------------------------------------------------------- /MindMaps/File_upload_bugs.xmind: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/MindMaps/File_upload_bugs.xmind -------------------------------------------------------------------------------- /MindMaps/OAuth_bugs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/MindMaps/OAuth_bugs.png -------------------------------------------------------------------------------- /MindMaps/OAuth_bugs.xmind: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/MindMaps/OAuth_bugs.xmind -------------------------------------------------------------------------------- /MindMaps/README.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | ![](OAuth_bugs.png) 4 | 5 | ![](2FA_bugs.png) 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | -------------------------------------------------------------------------------- /MindMaps/SSRF.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/MindMaps/SSRF.png -------------------------------------------------------------------------------- /MindMaps/SSRF.xmind: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/MindMaps/SSRF.xmind -------------------------------------------------------------------------------- /MindMaps/iOS_Security.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/MindMaps/iOS_Security.jpg -------------------------------------------------------------------------------- /MindMaps/iOS_Security.xmind: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/MindMaps/iOS_Security.xmind -------------------------------------------------------------------------------- /MindMaps/iOS_for_BugBounty.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/MindMaps/iOS_for_BugBounty.jpg -------------------------------------------------------------------------------- /MindMaps/iOS_for_BugBounty.xmind: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/MindMaps/iOS_for_BugBounty.xmind -------------------------------------------------------------------------------- /Misc/Multiple_Firefox_Accounts.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Misc/Multiple_Firefox_Accounts.jpg -------------------------------------------------------------------------------- /Misc/One_Line_Simple_Servers.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Misc/One_Line_Simple_Servers.jpg -------------------------------------------------------------------------------- /Misc/Remove_Firefox_Telemetry.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Misc/Remove_Firefox_Telemetry.jpg -------------------------------------------------------------------------------- /Mobile/Android_Versions.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Mobile/Android_Versions.png -------------------------------------------------------------------------------- /Mobile/Check_Exported_Activities.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Mobile/Check_Exported_Activities.jpg -------------------------------------------------------------------------------- /Mobile/How_To_Extract_APK.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Mobile/How_To_Extract_APK.png -------------------------------------------------------------------------------- /Mobile/Mitm/MiTM_Android_App_4_Ways.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Mobile/Mitm/MiTM_Android_App_4_Ways.png -------------------------------------------------------------------------------- /Mobile/Mitm/MiTM_Android_App_DNS.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Mobile/Mitm/MiTM_Android_App_DNS.png -------------------------------------------------------------------------------- /Mobile/Mitm/MiTM_Android_App_IPTABLES.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Mobile/Mitm/MiTM_Android_App_IPTABLES.png -------------------------------------------------------------------------------- /Mobile/Mitm/SSL_Unpinning_Case.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Mobile/Mitm/SSL_Unpinning_Case.png -------------------------------------------------------------------------------- /Passwords/Password_Spraying.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Passwords/Password_Spraying.jpg -------------------------------------------------------------------------------- /Passwords/Passwords_Weakpass.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Passwords/Passwords_Weakpass.jpg -------------------------------------------------------------------------------- /Pentest.Redteam/Cisco_Smart_Install.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Pentest.Redteam/Cisco_Smart_Install.jpg -------------------------------------------------------------------------------- /Pentest.Redteam/Gateway_Finder.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Pentest.Redteam/Gateway_Finder.jpg -------------------------------------------------------------------------------- /Pentest.Redteam/Sniffing_SSH_Passwords_3Snake.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Pentest.Redteam/Sniffing_SSH_Passwords_3Snake.jpg -------------------------------------------------------------------------------- /Pentest.Redteam/Socks_to_internal_network_Frp_Proxy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Pentest.Redteam/Socks_to_internal_network_Frp_Proxy.png -------------------------------------------------------------------------------- /Pentest.Redteam/Tunneling_Over_DNS.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Pentest.Redteam/Tunneling_Over_DNS.jpg -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # SecurityTips 2 | 3 | This repo contains full collection of HackerScrolls tips. 4 | 5 | Socials: 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | - **[Burp Suite](https://github.com/hackerscrolls/SecurityTips/tree/master/BurpSuite)** 14 | - [Bruteforce Basic Auth](https://github.com/hackerscrolls/SecurityTips/blob/master/BurpSuite/Basic_Auth_BruteForce.png) 15 | - [Effective Search](https://github.com/hackerscrolls/SecurityTips/blob/master/BurpSuite/Effective_Search_In_Burp.png) 16 | - [Intruder Server Response time](https://github.com/hackerscrolls/SecurityTips/blob/master/BurpSuite/Intruder_Server_Response_Time.png) 17 | - [Match Replace: Hidden Elements](https://github.com/hackerscrolls/SecurityTips/blob/master/BurpSuite/Proxy_Show_Hidden_Match_Replace_1.png) 18 | - [Match Replace: Hidden Interface](https://github.com/hackerscrolls/SecurityTips/blob/master/BurpSuite/Proxy_Show_Hidden_Match_Replace_2.png) 19 | - [Match Replace: IDORs](https://github.com/hackerscrolls/SecurityTips/blob/master/BurpSuite/Proxy_Show_Hidden_Match_Replace_3.png) 20 | - [Show All HTML Comments](https://github.com/hackerscrolls/SecurityTips/blob/master/BurpSuite/Target_Show_All_HTML_Comments.png) 21 | - **[Mindmaps](https://github.com/hackerscrolls/SecurityTips/tree/master/MindMaps)** 22 | - [Testing 2FA](https://github.com/hackerscrolls/SecurityTips/blob/master/MindMaps/2FA_bugs.png) 23 | - [Testing OAuth](https://github.com/hackerscrolls/SecurityTips/blob/master/MindMaps/OAuth_bugs.png) 24 | - [Testing SSRF](https://github.com/hackerscrolls/SecurityTips/blob/master/MindMaps/SSRF.png) 25 | - [Testing file upload](https://github.com/hackerscrolls/SecurityTips/blob/master/MindMaps/File_upload_bugs.png) 26 | - [iOS Security](https://github.com/hackerscrolls/SecurityTips/blob/master/MindMaps/iOS_Security.jpg) 27 | - [iOS for Bug Bounty](https://github.com/hackerscrolls/SecurityTips/blob/master/MindMaps/iOS_for_BugBounty.jpg) 28 | - **[Misc](https://github.com/hackerscrolls/SecurityTips/tree/master/Misc)** 29 | - [Multiple Firefox Accounts for Testing Roles](https://github.com/hackerscrolls/SecurityTips/tree/master/Misc/Multiple_Firefox_Accounts.jpg) 30 | - [6 One Line Simple Servers](https://github.com/hackerscrolls/SecurityTips/tree/master/Misc/One_Line_Simple_Servers.jpg) 31 | - [Remove Noisy Firefox Telemetry](https://github.com/hackerscrolls/SecurityTips/tree/master/Misc/Remove_Firefox_Telemetry.jpg) 32 | - **[Mobile](https://github.com/hackerscrolls/SecurityTips/tree/master/Mobile)** 33 | - [4 Ways to MiTM Android App](https://github.com/hackerscrolls/SecurityTips/tree/master/Mobile/Mitm/MiTM_Android_App_4_Ways.png) 34 | - [MiTM Android via DNS](https://github.com/hackerscrolls/SecurityTips/tree/master/Mobile/Mitm/MiTM_Android_App_DNS.png) 35 | - [MiTM Android via IPTABLES](https://github.com/hackerscrolls/SecurityTips/tree/master/Mobile/Mitm/MiTM_Android_App_IPTABLES.png) 36 | - [SSL Unpinning Trick](https://github.com/hackerscrolls/SecurityTips/tree/master/Mobile/Mitm/SSL_Unpinning_Case.png) 37 | - [Suitable Android Versions](https://github.com/hackerscrolls/SecurityTips/tree/master/Mobile/Android_Versions.png) 38 | - [4 Ways to Extract APK](https://github.com/hackerscrolls/SecurityTips/tree/master/Mobile/How_To_Extract_APK.png) 39 | - [Exported Activities Tricks](https://github.com/hackerscrolls/SecurityTips/tree/master/Mobile/Сheck_Exported_Activities.jpg) 40 | - **[Passwords](https://github.com/hackerscrolls/SecurityTips/tree/master/Passwords)** 41 | - [Password Spraying](https://github.com/hackerscrolls/SecurityTips/tree/master/Passwords/Password_Spraying.jpg) 42 | - [Password Dictionaries - Weakpass](https://github.com/hackerscrolls/SecurityTips/tree/master/Passwords/Passwords_Weakpass.jpg) 43 | - **[Red Team and Penetration Testing](https://github.com/hackerscrolls/SecurityTips/tree/master/Pentest.Redteam)** 44 | - [Cisco Smart Install](https://github.com/hackerscrolls/SecurityTips/tree/master/Pentest.Redteam/Cisco_Smart_Install.jpg) 45 | - [Gateway Finder](https://github.com/hackerscrolls/SecurityTips/tree/master/Pentest.Redteam/Gateway_Finder.jpg) 46 | - [Sniffing SSH Passwords with 3Snake](https://github.com/hackerscrolls/SecurityTips/tree/master/Pentest.Redteam/Sniffing_SSH_Passwords_3Snake.jpg) 47 | - [Tunneling TCP Over DNS](https://github.com/hackerscrolls/SecurityTips/tree/master/Pentest.Redteam/Tunneling_Over_DNS.jpg) 48 | - [SOCKS to the internal server - frp proxy](https://github.com/hackerscrolls/SecurityTips/tree/master/Pentest.Redteam/Socks_to_internal_network_Frp_Proxy.png) 49 | - **[Recon](https://github.com/hackerscrolls/SecurityTips/tree/master/Recon)** 50 | - [Dirsearch by Temp Extensions](https://github.com/hackerscrolls/SecurityTips/tree/master/Recon/Dirsearch_Like_A_Pro.jpg) 51 | - [Find IP Behind Cloud Firewall 1](https://github.com/hackerscrolls/SecurityTips/tree/master/Recon/Find_IP_behind_cloud_Firewall_1.png) 52 | - [Find IP Behind Cloud Firewall 2](https://github.com/hackerscrolls/SecurityTips/tree/master/Recon/Find_IP_behind_cloud_Firewall_2.png) 53 | - [Expanding Scope with bgp.he.net](https://github.com/hackerscrolls/SecurityTips/tree/master/Recon/Recon_BGP.HE.NET.jpg) 54 | - [Waybackurls](https://github.com/hackerscrolls/SecurityTips/tree/master/Recon/WayBackURLs.jpg) 55 | - **[Web](https://github.com/hackerscrolls/SecurityTips/tree/master/Web)** 56 | - [CORS](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/CORS) 57 | - [Bypassing Allowed Domains List](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/CORS/Breaking_CORS_Bypass_Allow_List.jpg) 58 | - [Chrome Cache Trick](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/CORS/Breaking_CORS_Chrome_Cache.png) 59 | - [null Origin](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/CORS/Breaking_CORS_null_Origin.jpg) 60 | - [Common CSRF bypasses](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/CSRF/Common_CSRF_Bypasses.jpg) 61 | - [Monitor Changes in JS](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/JavaScript/Monitor_Changes_In_JS_1.jpg) 62 | - [Monitor Changes in JS](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/JavaScript/Monitor_Changes_In_JS_2.jpg) 63 | - [SameSite](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/Samesite) 64 | - [Samesite Bypass - Chrome 120 secs Trick](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/Samesite/Bypassing_Samesite_120_secs.jpg) 65 | - [SameSite Common Info](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/Samesite/Samesite_Common_Info.jpg) 66 | - [Different SameSite Cookies Behavior in Browsers](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/Samesite/Samesite_Different_Cookies_Behavior.jpg) 67 | - [Testing SQL Syntax in SQLFiddle](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/JavaScript/Samesite) 68 | - [WebSocket Hijacking](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/WebSockets/Websocket_Hijacking.jpg) 69 | - [XSS](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/XSS) 70 | - [Encoding JS in HTML Tags](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/XSS/Encodings_JS_XSS.jpg) 71 | - [Mutation points in HTML Tags](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/XSS/Mutation_Points_HTML_XSS.jpg) 72 | - [Upgrading Self XSS](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/XSS/Upgrading_Self_XSS.jpg) 73 | - [Bypassing 403 Restriction](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/Bypass_403_Top_4.jpg) 74 | - [Insecure Deserialization](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/Insecure_Deserialization.jpg) 75 | - [SSRF via PDF/Image Rendering](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/Rendrer_PDF_Generators_SSRF.jpg) 76 | - [Mass Assignment and Autobinding](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/Mass_Assignment.png) 77 | -------------------------------------------------------------------------------- /Recon/Dirsearch_Like_A_Pro.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Recon/Dirsearch_Like_A_Pro.jpg -------------------------------------------------------------------------------- /Recon/Find_IP_behind_cloud_Firewall_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Recon/Find_IP_behind_cloud_Firewall_1.png -------------------------------------------------------------------------------- /Recon/Find_IP_behind_cloud_Firewall_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Recon/Find_IP_behind_cloud_Firewall_2.png -------------------------------------------------------------------------------- /Recon/Recon_BGP.HE.NET.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Recon/Recon_BGP.HE.NET.jpg -------------------------------------------------------------------------------- /Recon/WayBackURLs.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Recon/WayBackURLs.jpg -------------------------------------------------------------------------------- /Web/Bypass_403_Top_4.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/Bypass_403_Top_4.jpg -------------------------------------------------------------------------------- /Web/CORS/Breaking_CORS_Bypass_Allow_List.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/CORS/Breaking_CORS_Bypass_Allow_List.jpg -------------------------------------------------------------------------------- /Web/CORS/Breaking_CORS_Chrome_Cache.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/CORS/Breaking_CORS_Chrome_Cache.png -------------------------------------------------------------------------------- /Web/CORS/Breaking_CORS_null_Origin.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/CORS/Breaking_CORS_null_Origin.jpg -------------------------------------------------------------------------------- /Web/CSRF/Common_CSRF_Bypasses.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/CSRF/Common_CSRF_Bypasses.jpg -------------------------------------------------------------------------------- /Web/Insecure_Deserialization.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/Insecure_Deserialization.jpg -------------------------------------------------------------------------------- /Web/JavaScript/Monitor_Changes_In_JS_1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/JavaScript/Monitor_Changes_In_JS_1.jpg -------------------------------------------------------------------------------- /Web/JavaScript/Monitor_Changes_In_JS_2.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/JavaScript/Monitor_Changes_In_JS_2.jpg -------------------------------------------------------------------------------- /Web/Mass_Assignment.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/Mass_Assignment.png -------------------------------------------------------------------------------- /Web/Rendrer_PDF_Generators_SSRF.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/Rendrer_PDF_Generators_SSRF.jpg -------------------------------------------------------------------------------- /Web/SQL Injection/Test_SQL_Injection_Fiddle.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/SQL Injection/Test_SQL_Injection_Fiddle.jpg -------------------------------------------------------------------------------- /Web/Samesite/Bypassing_Samesite_120_secs.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/Samesite/Bypassing_Samesite_120_secs.jpg -------------------------------------------------------------------------------- /Web/Samesite/Samesite_Common_Info.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/Samesite/Samesite_Common_Info.jpg -------------------------------------------------------------------------------- /Web/Samesite/Samesite_Different_Cookies_Behavior.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/Samesite/Samesite_Different_Cookies_Behavior.jpg -------------------------------------------------------------------------------- /Web/WebSockets/Websocket_Hijacking.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/WebSockets/Websocket_Hijacking.jpg -------------------------------------------------------------------------------- /Web/XSS/Encodings_JS_XSS.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/XSS/Encodings_JS_XSS.jpg -------------------------------------------------------------------------------- /Web/XSS/Mutation_Points_HTML_XSS.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/XSS/Mutation_Points_HTML_XSS.jpg -------------------------------------------------------------------------------- /Web/XSS/Upgrading_Self_XSS.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hackerscrolls/SecurityTips/92bd49aeaa32024b1e269f5c2c74f65018082fa8/Web/XSS/Upgrading_Self_XSS.jpg --------------------------------------------------------------------------------