Burpsuite Learning-resources
Cybersecurity TrainingPlatforms,
Resources
Bug Bounty Checklist for Web App
This checklist may help you to have a good methodology for bug bounty hunting
When you have done a action, don't forget to check ;)
Happy hunting !
Table of Contents
- Recon on wildcard domain
- Single domain
- Information Gathering
- Configuration Management
- Secure Transmission
- Authentication
- Session Management
- Authorization
- Data Validation
- Denial of Service
Recon on wildcard domain
Single Domain
Scanning
Manual Checking
Information Gathering
Configuration Management
Secure Transmission
Authentication
Session Management
Authorization
Data Validation
- Expression Language Injection
- Command Injection
- Overflow (Stack, Heap and Integer)
- Format String
- Incubated vulnerabilities
- HTTP Splitting/Smuggling
- HTTP Verb Tampering
- Open Redirection
- Local File Inclusion
- Remote File Inclusion
- Compare client-side and server-side validation rules
- NoSQL injection
- HTTP parameter pollution
- Auto-binding
- Mass Assignment
Denial of Service
- Anti-automation
- Account lockout
- HTTP protocol DoS
- SQL wildcard DoS
-
Date:
2.8.2022 -
Author:
SUJAY ADKESAR -
Category:
Resources
