All About Bug Bounty – A Detailed Resource On Vulnerabilities, Bypass Techniques, And Security Research

Diving into the world of bug bounty, this article serves as an essential toolkit for aspiring and seasoned security researchers alike.

It compiles a vast array of vulnerabilities, bypass techniques, and strategic insights gathered from diverse sources.

Whether you’re looking to enhance your hacking skills, contribute to cybersecurity, or simply explore the depths of bug bounty hunting, this guide offers a wealth of knowledge to navigate the intricate landscape of cybersecurity challenges.

These are my bug bounty notes that I have gathered from various sources, you can contribute to this repository too!

List Vulnerability

• Arbitrary File Upload
• CRLF Injection
• Cross Site Request Forgery (CSRF)
• Cross Site Scripting (XSS)
• Denial of Service (DoS)
• Exposed Source Code
• Host Header Injection
• Insecure Direct Object References (IDOR)
• Local File Inclusion (LFI)
• Mass Assignment
• NoSQL Injection (NoSQLi)
• OAuth Misconfiguration
• Open Redirect
• Reflected File Download (RFD)
• Remote File Inclusion (RFI)
• Server Side Include Injection (SSI Injection)
• Server Side Request Forgery
• SQL Injection (SQLi)
• Web Cache Deception
• Web Cache Poisoning

List Bypass

• Bypass 2FA
• Bypass 403
• Bypass 429
• Bypass Captcha

Checklist

• Forgot Password Functionality
• Register Functionality SOON!

CVEs

• CVEs 2021
• CVEs 2022 (SOON)
• CVEs 2023 (SOON)

Miscellaneous

• Account Takeover
• Broken Link Hijacking
• Business Logic Errors
• Default Credentials
• Email Spoofing
• JWT Vulnerabilities
• Tabnabbing

Technologies

• Apache (HTTP Server)
• Confluence
• Grafana
• HAProxy
• Jenkins
• Jira
• Joomla
• Laravel
• Moodle
• Nginx
• WordPress
• Zend

Reconnaissance

• Scope Based Recon
• Github Dorks
• Google Dorks
• Shodan Dorks

To-Do-List

• Tidy up the reconnaisance folder
• Added more lesser known web attacks
• Added CVEs folder
• Writes multiple payload bypasses for each vulnerability
  • Payload XSS for each WAF (Cloudflare, Cloudfront, AWS, etc)
  • Payload SQL injection for each WAF (Cloudflare, Cloudfront)