├── CNAME
├── _config.yml
├── .DS_Store
├── assets
└── promo.mp4
└── index.md
/CNAME:
--------------------------------------------------------------------------------
1 | resources.harshbothra.tech
--------------------------------------------------------------------------------
/_config.yml:
--------------------------------------------------------------------------------
1 | theme: jekyll-theme-hacker
--------------------------------------------------------------------------------
/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/harsh-bothra/resources/gh-pages/.DS_Store
--------------------------------------------------------------------------------
/assets/promo.mp4:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/harsh-bothra/resources/gh-pages/assets/promo.mp4
--------------------------------------------------------------------------------
/index.md:
--------------------------------------------------------------------------------
1 | ## About
2 |
3 | This page contains all the resources related to application security and penetration testing shared by [Harsh Bothra](https://www.twitter.com/harshbothra_). There are some additional resources and references added that one can follow to expand their knoweldge & learning curve.
4 |
5 | **Note:** All the information listed here is for educational purpose and any sort of misuse is not endorsed by the author. Additional resources are sourced from different authors and original rights remain to them and kudos to everyone for sharing valuable knowledge.
6 |
7 |
8 |
9 |
10 | ## DO YOU WANT TO GET YOU APPLICATIONS PENTESTED OR NEED SOME AMAZING CONTENT FOR YOUR BLOG?
11 | ## - Reach out at **hbothra22@gmail.com**
12 |
13 | 
14 |
15 |
16 |
17 | # Resources
18 |
19 |
20 |
21 | ## SecurityStories Series
22 |
23 | - SecurityStories - 52 Weeks, 52 Stories is a new initiative to share stories of cyber security professionals who are spread across the globe to tell the world about how they started, what were the blockers in their journey, where they were vs where they are now and likewise, interesting stuff. This is to inspire the world and share the less-known stories of cyber security professionals.
24 |
25 |
26 | * Repository Link: https://github.com/harsh-bothra/SecurityStories
27 |
28 |
29 | ## SecurityExplained Series
30 |
31 | - SecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.
32 |
33 | * Repository Link: https://github.com/harsh-bothra/SecurityExplained
34 |
35 | ## MindMaps
36 |
37 | S.NO | Mindmaps | Category
38 | ---- | --------- | ---------
39 | **1** | [2FA Bypass Techniques](https://t.co/HPi5ZP2SKG?amp=1) | Bypass Techniques
40 | **2** | [Scope Based Recon](https://www.xmind.net/m/hKKexj/) | Methodology & Workflow
41 | **3** | [Cookie Based Authentication Vulnerabilities](http://www.xmind.net/m/2FwJ7D) | Attacks Checklist
42 | **4** | [Unauthenticated JIRA CVEs](https://raw.githubusercontent.com/harsh-bothra/learn365/main/MindMaps/JIRA_CVEs.png) | CVEs List
43 | **5** | [Android Application Penetration Testing Checklist](https://www.xmind.net/m/GkgaYH/) | Attacks Checklist
44 | **6** | [XML Attacks](https://t.co/pW2hXk8gyT?amp=1) | Attacks Checklist
45 | **7** | [Common Vulnerabilities on Forget Password](https://t.co/y8baFzYkEK?amp=1) | Attacks Checklist
46 | **8** | [Vulnerability Checklist for SAML](https://t.co/xhTNeT9P5D?amp=1) | Attacks Checklist
47 | **9** | [Account Takeover Methodologies](https://www.xmind.net/m/M3WEqG) | Attacks Checklist
48 |
49 |
50 |
51 | ## Blog Written for Organizations:
52 |
53 | S.NO | Blog | Category | Organization
54 | ---- | ----- | --------- | ------------
55 | **1** | [Bypassing the Protections — MFA Bypass Techniques for the Win](https://www.cobalt.io/blog/bypassing-the-protections-mfa-bypass-techniques-for-the-win) | 2FA Bypass | Cobalt
56 | **2** | [Scope Based Recon Methodology: Exploring Tactics for Smart Recon](https://www.cobalt.io/blog/scope-based-recon-smart-recon-tactics) | Recon | Cobalt
57 | **3** | [Got Cookies? Exploring Cookie Based Authentication Vulnerabilities in the Wild](https://www.cobalt.io/blog/got-cookies-cookie-based-authentication-vulnerabilities-in-wild) | Attacks in Cookies | Cobalt
58 | **4** | [Graph Query Language Explained](https://www.cobalt.io/blog/graph-query-language-explained) | GraphQL | Cobalt
59 | **5** | [Secure Software Best Practices: Protect Against Server-Side Request Forgery](https://www.cobalt.io/blog/protect-against-server-side-request-forgery) | SSRF | Cobalt
60 | **6** | [Pentester’s Guide to XPATH Injection](https://www.cobalt.io/blog/pentesters-guide-to-xpath-injection) | XPATH Injection | Cobalt
61 | **7** | [Introduction to LDAP Injection Attack](https://www.cobalt.io/blog/introduction-to-ldap-injection-attack) | LDAP Injection | Cobalt
62 | **8** | [Hacking Web Cache - Deep Dive in Web Cache Poisoning Attacks](https://www.cobalt.io/blog/hacking-web-cache-deep-dive-in-web-cache-poisoning-attacks) | Web Cache Poisoning | Cobalt
63 | **9** | [Introduction to Command Injection Vulnerability](https://www.cobalt.io/blog/introduction-to-command-injection-vulnerability) | Command Injection | Cobalt
64 | **10** | [A Pentester’s Guide to Prototype Pollution Attacks](https://www.cobalt.io/blog/a-pentesters-guide-to-prototype-pollution-attacks) | Prototype Pollution | Cobalt
65 | **11** | [A Dive into Client-Side Desync Attacks](https://www.cobalt.io/blog/a-dive-into-client-side-desync-attacks) | Client Side Desync | Cobalt
66 | **12** | [Hunting for Broken Link Hijacking (BLH)](https://www.cobalt.io/blog/hunting-for-broken-link-hijacking-blh) | Broken Link Hijacking | Cobalt
67 | **13** | [Introduction to Serverless Vulnerabilities](https://www.cobalt.io/blog/introduction-to-serverless-vulnerabilities) | Serverless Vulnerabilities | Cobalt
68 | **14** | [Web Socket Vulnerabilites](https://www.cobalt.io/blog/web-socket-vulnerabilites) | Web Socket | Cobalt
69 | **15** | [Implementing Nuclei into your GitHub CI/CD pipelines](https://blog.projectdiscovery.io/implementing-nuclei-into-your-github-ci-cd-for-scanning-live-web-applications/) | Nuclei GitHub Integration Guide | ProjectDiscovery
70 |
71 |
72 |
73 |
74 | ## Security Talks
75 |
76 | S.NO | Talks | Category
77 | ---- | ----- | ---------
78 | **1** | [An Interview with Harsh Bothra - hosted by Omar Santos at the Bug Bounty Summit during GrayHat](https://www.youtube.com/watch?v=xE90Op64oI8&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=14) | Interview
79 | **2** | [Application Testing Methodology and Scope-based Recon by Harsh Bothra](https://www.youtube.com/watch?v=2BPr8dUbRc8&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=15&t=315s) | Application Testing Methodology
80 | **3** | [Bug Bounty Tactics & Wins for 2021](https://www.youtube.com/watch?v=1eERRnro6Rk&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=18&t=158s) | Application Security
81 | **4** | [Pentester Diaries Ep2: 2FA Bypass Techniques](https://www.youtube.com/watch?v=ZGwAj4DxH0A&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=19&t=390s) | Technical Discussion
82 | **5** | [Application Testing Methodology and Scope-based Recon](https://www.youtube.com/watch?v=PaE47rkUhZU&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=21&t=4s) | Methodology & Recon
83 | **6** | [Exploiting Misconfigured JIRA Instances for $$ with Harsh Bothra](https://www.youtube.com/watch?v=tyGWRjA0JoE&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=22&t=738s) | Exploiting Known Vulnerabilities
84 | **7** | [Got Cookies? Exploiting Vulnerabilities in Cookie Based Authentication](https://www.youtube.com/watch?v=CE4w8uUi0Mw&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=23&t=108s) | Cookie Based Attacks
85 | **8** | [Enlightening Talk Series Ep - 2](https://www.youtube.com/watch?v=S3b7HV1yeWw&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=24&t=659s) | General Discussion
86 | **9** | [Weaponizing Recon - Smashing Applications for Security Vulnerabilities & Profit by Harsh Bothra](https://www.youtube.com/watch?v=ZnugWiOULmw&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=3) | Recon
87 | **10** | [Bug Bounty insights with Harsh Bothra](https://www.youtube.com/watch?v=RivRjrMyc58&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=20&t=15s) | Methodology
88 | **11** | [Methodologies and approach to start in application security by Harsh Bothra](https://www.youtube.com/watch?v=acvM9ynDXVg&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=4) | Methodology, Informal Discussions
89 | **12** | [APPSEC AND BUGBOUNTY](https://www.youtube.com/watch?v=mXAB30D56tg&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=5&t=372s) | General Discussion
90 | **13** | [Offensive Recon - Bug Hunter's Playbook](https://www.youtube.com/watch?v=UrdvDCb4Gz8&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=6) | Recon Methodology
91 | **14** | [BUG BOUNTY - IDOR CSRF AND ACCOUNT TAKEOVERS with HARSH BOTHRA - ZERO DAY EP 02](https://www.youtube.com/watch?v=kwePER0er84&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=7&t=1172s) | General Discussions
92 | **15** | [Busting Your Bug Bounty Doubts With Pratik Dabhi & Harsh Bothra](https://www.youtube.com/watch?v=0v9hibkNuSE&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=8&t=1137s) | General Discussions
93 | **16** | [Recon VPS Setup](https://www.youtube.com/watch?v=FgaqwttrO20&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=9) | Tutorial
94 | **17** | [Broken Cryptography & Account Takeover - c0c0n 2020 virtual conference](https://www.youtube.com/watch?v=cpz-Tzb9Jzg&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=12&t=775s) | Broken Cryptography, Account Takeovers
95 | **18** | [Red Team Village c0c0n 2020 - Harsh Bothra - Offensive & Scope Based Recon](https://www.youtube.com/watch?v=XYrjexqahjY&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=13&t=1262s) | Recon Tool & Methodology
96 | **19** | [Misconfigured S3 Bucket Permissions Abuse](https://www.youtube.com/watch?v=ZebiOeDIDdE&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=16) | Tutorial, Abusing S3 Buckets
97 | **20** | [Bug Hunting Tactics](https://www.youtube.com/watch?v=95vCvFJk0Rw&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=17&t=99s) | General Talk
98 | **21** | [Bug Bounty Show at BSides Ahmedabad 2022 feat. Harsh Bothra](https://www.youtube.com/watch?v=nz6jMzaxl1c&list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0&index=25&t=591s) | Conference Talk - Account Takeovers
99 |
100 | **All Security Talks Playlist:** https://www.youtube.com/playlist?list=PLYn5_MxRvV-fxPL90I-uebXQzQBXfIaY0
101 |
102 |
103 |
104 | ## Security Blogs
105 |
106 | S.NO | Blog | Category
107 | ---- | ----- | ---------
108 | **1** | [Attacking Social Logins: Pre-Authentication Account Takeover](https://hbothra22.medium.com/attacking-social-logins-pre-authentication-account-takeover-790248cfdc3) | Account Takeover
109 | **2** | [How do I get Started in Cyber Security? — My Perspective & Learning Path!](https://hbothra22.medium.com/how-do-i-get-started-in-cyber-security-my-perspective-learning-path-b53065189ba5) | Beginner, Getting Started
110 | **3** | [Got Cookies? Exploring Cookie Based Authentication Vulnerabilities in the Wild](https://blog.cobalt.io/got-cookies-cookie-based-authentication-vulnerabilities-in-wild-55fa7c374be0) | Application Security, Cookie Based Attacks
111 | **4** | [10 Most Common Security Issues Found in Login Functionalities](https://redhuntlabs.com/blog/10-most-common-security-issues-found-in-login-functionalities.html) | Application Security, Login Functionality
112 | **5** | [Bypassing the Protections — MFA Bypass Techniques for the Win](https://blog.cobalt.io/bypassing-the-protections-mfa-bypass-techniques-for-the-win-8ef6215de6ab) | Bypass Techniques
113 | **6** | [Scope Based Recon Methodology: Exploring Tactics for Smart Recon](https://blog.cobalt.io/scope-based-recon-smart-recon-tactics-7e72d590eae5) | Recon Methodology
114 | **7** | [Weak Cryptography in Password Reset to Full Account Takeover](https://infosecwriteups.com/weak-cryptography-in-password-reset-to-full-account-takeover-fc61c75b36b9) | Account Takeover, Weak Cryptography
115 | **8** | [Effective Vulnerability Report Writing — Quick Triages to Bonus $$$ (Always a Win)](https://infosecwriteups.com/effective-vulnerability-report-writing-quick-triages-to-bonus-always-a-win-41b37188c63f) | Report Writing
116 | **9** | [eWPTXv2 Exam Review](https://infosecwriteups.com/ewptxv2-exam-review-2646dd145940) | Exam Review
117 | **10** | [Evading Filters to perform the Arbitrary URL Redirection Attack](https://infosecwriteups.com/evading-filters-to-perform-the-arbitrary-url-redirection-attack-cce628b9b6a0) | Bypass, Open Redirection
118 | **11** | [eLearnSecurity eCPPTv2 Exam Review](https://infosecwriteups.com/ecpptv2-exam-review-f7c4efb6f9aa) | Exam Review
119 | **12** | [Misconfigured S3 Bucket Access Controls to Critical Vulnerability](https://infosecwriteups.com/s3-bucket-misconfigured-access-controls-to-critical-vulnerability-6b535e3df9a5) | Security Misconfiguration, S3 Bucket
120 | **13** | [Let’s Bypass CSRF Protection & Password Confirmation to Takeover Victim Accounts :D](https://infosecwriteups.com/lets-bypass-csrf-protection-password-confirmation-to-takeover-victim-accounts-d-4a21297847ff) | CSRF Bypasses
121 | **14** | [XSS to Database Credential Leakage & Database Access — Story of total luck!](https://infosecwriteups.com/xss-to-database-credential-leakage-database-access-story-of-total-luck-77c990be8ab2) | Cross-Site Scripting
122 | **15** | [Found Stored Cross-Site Scripting — What’s Next? — Privilege Escalation like a Boss :D](https://infosecwriteups.com/found-stored-cross-site-scripting-whats-next-privilege-escalation-like-a-boss-d-8fb9e606ce60) | Cross-Site Scripting, Privilege Escalation
123 | **16** | [Weird Story of Captcha to Rate Limit Bypass](https://infosecwriteups.com/weird-story-of-captcha-to-rate-limit-bypass-c62690db39a) | Captcha Bypass
124 | **17** | [Recon to Sensitive Information Disclosure in Minutes](https://hbothra22.medium.com/recon-to-sensitive-information-disclosure-in-minutes-503fc7ccdf0b) | Recon, Information Disclosure
125 | **18** | [From Recon to P1 (Critical) — An Easy Win](https://hbothra22.medium.com/from-recon-to-p1-critical-an-easy-win-6ca93d5b6e6d) | Recon
126 | **19** | [Accidental Observation to Critical IDOR](https://infosecwriteups.com/accidental-observation-to-critical-idor-d4d910a855bf) | IDOR
127 |
128 |
129 |
130 | ## Learn365
131 |
132 | - Learn365 repository contains all the information shared during Harsh's Learn 365 Challenge. Learn 365 is a challenge to keep the learning spirit going on and challenge myself to learn something daily for the whole year, it can be anything from infosec to general life.
133 |
134 | * Repository Link: https://github.com/harsh-bothra/learn365
135 |
136 |
137 |
138 | ## Talk Slides
139 |
140 | S.NO | Slides | Category
141 | ---- | --------- | ---------
142 | **1** | [Got Cookies? Cookie Based Authentication Vulnerabilities](https://speakerdeck.com/harshbothra/got-cookies-cookie-based-authentication-vulnerabilities) | Cookie Based Attacks
143 | **2** | [Bug Hunting Tactics](https://speakerdeck.com/harshbothra/bug-hunting-tactics) | Methodology & Workflow
144 | **3** | [Application Testing Methodology & Scope Based Recon](https://speakerdeck.com/harshbothra/application-testing-methodology-and-scope-based-recon) | Methodology & Workflow
145 | **4** | [Pathway to AppSec - DC9140](https://speakerdeck.com/harshbothra/pathway-to-appsec-dc9140) | Pathway to AppSec
146 | **5** | [Broken Cryptography & Account Takeovers](https://speakerdeck.com/harshbothra/broken-cryptography-and-account-takeovers) | Broken Cryptgraphy, Account Takeover
147 | **6** | [Having Fun with RegEx](https://speakerdeck.com/harshbothra/having-fun-with-regex) | Regular Expressions
148 | **7** | [Scope Based Recon for Mundane {Bug Bounty Hunters}](https://speakerdeck.com/harshbothra/scope-based-recon-for-mundane-bug-bounty-hunters) | Recon
149 | **8** | [Offensive Recon for Bug Bounty Hunters](https://speakerdeck.com/harshbothra/offensive-recon-for-bug-bounty-hunters) | Recon
150 | **9** | [Offensive Recon - Bug Hunter's Playbook](https://speakerdeck.com/harshbothra/offensive-recon-bug-hunters-playbook) | Recon
151 | **10** | [Weaponizing Recon - Smashing Applications for Security Vulnerabilities & Profit](https://speakerdeck.com/harshbothra/weaponizing-recon-smashing-applications-for-security-vulnerabilities-and-profit) | Recon
152 | **11** | [Bug Hunting Tactics & Wins for 2021](https://speakerdeck.com/harshbothra/bug-hunting-tactics-and-wins-for-2021) | Methodology & Workflow
153 | **12** | [Exploiting Misconfigured Jira Instances for $$$](https://speakerdeck.com/harshbothra/exploiting-misconfigured-jira-instances-for) | Exploiting Known Vulnerabilities
154 | **13** | [Trending Vulnerabilities with Insights to OWASP TOP 10](https://speakerdeck.com/harshbothra/trending-vulnerabilities-with-insights-to-owasp-top-10) | Vulnerability Trends, OWASP TOP 10, Application Security
155 |
156 |
157 |
158 | ## Tools
159 |
160 | - Project Bheem: A Simple Recon Wrapper around different tools written in Bash
161 | - Project Link: https://github.com/harsh-bothra/Bheem
162 |
163 |
164 |
165 | ## Other Resources
166 |
167 | > Below are my go to resources that I follow when doing Bug Bounty & Penetration Testing:
168 |
169 | S.NO | Resources| Category
170 | ---- | --------- | ---------
171 | **1** | [PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings) | Payloads
172 | **2** | [HackTricks](https://book.hacktricks.xyz/) | Learning Guide
173 | **3** | [Cobalt Vulnerability Wiki](https://cobalt.io/vulnerability-wiki) | Vulnerability Wiki
174 | **4** | [Portswigger Research](https://portswigger.net/research) | Portswigger Research
175 | **5** | [Intigriti BugBytes](https://blog.intigriti.com/category/bugbytes/) | Weekly Collection of Trending Topics
176 | **6** | [OWASP Testing Guide](https://owasp.org/www-project-web-security-testing-guide/) | Testing Guide
177 | **7** | [Mobile Security Guide](https://mobile-security.gitbook.io/mobile-security-testing-guide/) | Mobile Security Testing Guide
178 | **8** | [Infosec Writeups](https://infosecwriteups.com/) | Writeups
179 | **9** | [Awesome Repository](https://github.com/sindresorhus/awesome#security) | Huge Collection of Resources
180 |
181 | > There are tons of resources to be added and I'll keep on updating this.
182 |
183 |
184 |
185 | ## Contact
186 |
187 | Keep in touch:
188 |
189 | * [Twitter](https://twitter.com/harshbothra_)
190 | * [LinkedIn](https://www.linkedin.com/in/harshbothra)
191 | * [Instagram](https://www.instagram.com/harshbothra_)
192 |
193 |
194 |
195 |
196 |
197 |
198 |
199 | ## Side Notes
200 |
201 | Thank you for taking out time to visit and follow above-mentioned resources. If they helped you, do share on Twitter, LinkedIn and on other platforms.
--------------------------------------------------------------------------------