Day 1 |
SSRF,RedTeam |
Day 2 |
SSRF,RedTeam,THM Room |
Day 3 |
SSRF,RedTeam,THM Room |
Day 4 |
Broken Link Hijacking, THM Room |
Day 5 |
Blind XSS,THM Room |
Day 6 |
log4j, THM Room |
Day 7 |
Password Reset link not expire, THM Room |
Day 8 |
DMARC, THM Room |
Day 9 |
CSRF, Linux PrivEsc |
Day 10 |
Clickjacking, Linux PrivEsc |
Day 11 |
Live Bug Hunting, Linux PrivEsc |
Day 12 |
Bug Bounty Wordlist, Linux PrivEsc |
Day 13 |
OWASP Web Application Security Testing, THM Room |
Day 14 |
4.1.2 OWASP Fingerprint Web Server, THM Room |
Day 15 |
4.1.3 OWASP Review Webserver Metafiles for Information Leakage, THM Room |
Day 16 |
4.1.4 Enumerate Applications on Webserver |
Day 17 |
4.1.5 Review Webpage Content for Information Leakage, THM Room |
Day 18 |
4.1.6 Identify Application Entry Points |
Day 19 |
4.1.7 Map Execution Paths Through Application, Github Recon |
Day 20 |
4.1.8 Fingerprint Web Application Framework, Recon Techniques |
Day 21 |
4.1.9,10 Map Application Architecture, THM Room |
Day 22 |
4.2 Configuration and Deployment Management Testing, THM Room |
Day 23 |
4.2.2 Test Application Platform Configuration, THM Room |
Day 24 |
4.2.3 Test File Extensions Handling for Sensitive Information, THM Room |
Day 25 |
4.2.4 Review Old Backup and Unreferenced Files for Sensitive Information, THM Room |
Day 26 |
4.2.5 Enumerate Infrastructure and Application Admin Interfaces, THM Room |
Day 27 |
4.2.6 Test HTTP Methods (with Video), THM Room |
Day 28 |
4.2.7 Test HTTP Strict Transport Security (HSTS), THM Room |
Day 29 |
4.2.8 Test RIA Cross Domain Policy, THM Room |
Day 30 |
4.2.9 Test File Permission, THM Room |
Day 31 |
4.2.10 Test for Subdomain Takeover, THM Room |
Day 32 |
4.2.11 Test Cloud Storage, THM Room, eJPT |
Day 33 |
4.2.12 Test for Content Security Policy, THM Room, eJPT |
Day 34 |
4.3.1 Test Role Definitions, THM Room, eJPT |
Day 35 |
4.3.2 Test User Registration Process |
Day 36 |
4.3.3 Test Account Provisioning Process |
Day 37 |
4.3.4 Testing for Account Enumeration and Guessable User Account |
Day 38 |
4.3.5 Testing for Weak or Unenforced Username Policy, THM Room |
Day 39 |
4.4.1 Testing for Credentials Transported over an Encrypted Channel |
Day 40 |
4.4.2 Testing for Default Credentials |
Day 41 |
CSRF |
Day 42 |
Open Redirect |
Day 43 |
log4j |
Day 44 |
JWT attacks |
Day 45 |
Content Discovery |
Day 46 |
Idor |
Day 47 |
Account takeover |
Day 48 |
RCE on a Java Web Application |
Day 49 |
Dependency Confusion |
Day 50 |
Automate Blind XSS |
Day 51 |
Finding And Exploiting S3 Amazon Buckets For Bug Bounties |
Day 52 |
Web Cache Poisioning attack |
Day 53 |
Unique Case for Price Manipulation |
Day 54 |
Account takeover via the Password Reset Functionality |
Day 55 |
API Token Hijacking Through Clickjacking, THM Room |
Day 56 |
API Exploitation --→ Business Logic Bug |
Day 57 |
Attended Infosec Community Conference on : Android Static Analysis |
Day 58 |
Finding bugs on NFT website for fun & Profit by zseano |
Day 59 |
EXIF Geolocation Data Not Stripped From Uploaded Images |
Day 60 |
Thick Client Pentesting |
Day 61 |
Conduct a Penetration Test Like a Pro in 6 Phases |
Day 62 |
Firewall Penetration Testing |
Day 63 |
Host Discovery & Vulnerability Scanning With Nessus |
Day 64 |
AWS Web Application Firewall (WAF), 5 Exercise Pentesterlabs |
Day 65 |
Introduction To Pentesting - Enumeration, 6 Pentesterlab Exercise |
Day 66 |
Bypassing CSRF Protection, 5 Pentesterlab Exercise |
Day 67 |
HTML Injection |
Day 68 |
Exploiting SQL Injection, Completed Pentesterlab Unix Badge |
Day 69 |
A Weird Price Tampering Vulnerability, Security Operations Center (SOC) |
Day 70 |
A Summary of OAuth 2.0 Attack Methods |
Day 71 |
6 Methods to bypass CSRF protection on a web application |
Day 72 |
Two-factor authentication security testing and possible bypasses |
Day 73 |
10 Types of Web Vulnerabilities that are Often Missed, Understanding BOLA |
Day 74 |
My First Bug Bounty: SQL Injection, SQL INJECTION VULNERABILITY |
Day 75 |
Dank Writeup On Broken Access Control, Bug bounty tips for broken access control on BurpSuite Part 1 |
Day 76 |
SSRF in PDF Renderer using SVG, Bypassing 2FA using OpenID Misconfiguration |
Day 77 |
Easy IDOR hunting with Autorize?, HOW I hacked thousand of subdomains |
Day 78 |
A business logic error bug worth 600$, 5 Methods to bypass Authentication (OTP) |
Day 79 |
How did I earn €€€€ by breaking the back-end logic of the server, How to find IDOR Privilege escalation |
Day 80 |
Account Takeover via Web Cache Poisoning based Reflected XSS, A Pentester's Guide to Server Side Template Injection |
Day 81 |
Account Takeover: From zero to System Admin using basic skills, Apache Example Servlet leads to $$$$ |
Day 82 |
The easiest $2500 I got it from bug bounty program, A Pentester’s Guide to File Inclusion |
Day 83 |
How I bypassed disable_functions in php to get a remote shell, JWTs - Patterns & Anti-patterns |
Day 84 |
Finding Your Next Bug: GraphQL, No Rate Limit - 2K$ Bounty |
Day 85 |
Facebook email disclosure and account takeover, How to learn anything in Computer Science or Cybersecurity |
Day 86 |
Hacking banks with race conditions, Exploiting a Race Condition Vulnerability |
Day 87 |
A Comprehensive Guide to Broken Access Control, Never leave this tip while you hunting Broken Access Control, POC |
Day 88 |
A Journey from IDOR to Account Takeover, Exploiting open redirect - Whitelist bypass using Salesforce environment |
Day 89 |
Union Based SQL Injection — Bug Hunting, Bypass confirmation to add payment method |
Day 90 |
Exploiting cross-site scripting in Referer header, XSS via X-Forwarded-Host header |
Day 91 |
How I bypassed 403 forbidden domain using a simple trick, Deleting account via support ticket |
Day 92 |
Bypassing SSRF Protection to Exfiltrate AWS Metadata from LarkSuite, WordPress < 5.8.3 - Object Injection Vulnerability |
Day 93 |
0-day Cross Origin Request Forgery vulnerability in Grafana 8.x |
Day 94 |
GOT ACCESS TO DOTA 2 ADMIN PANEL BY EXPLOITING IN-GAME FEATURE |
Day 95 |
How I escalated RFI into LFI |
Day 96 |
Stumbling upon a new way to exploit authorization bypass in Jira |
Day 97 |
Clickjacking on Google MyAccount Worth 7,500$ |
Day 98 |
Info Disclosure and SQLi Writeup |
Day 99 |
CSRF to HTML INJECTION which results in USER CREDENTIALS Stealing |
Day 100 |
RCE with Flask Jinja Template Injection |
Day 101 |
How I could have hacked your Uber account |
Day 102 |
Bug Bounty Live Recon - Linked / JS Discovery! |
Day 103 |
HTTP Request Smuggling on business.apple.com and Others |
Day 104 |
SVG SSRFs and saga of bypasses, A Detailed Guide on Cewl |
Day 105 |
How a YouTube Video lead to pwning a web application via SQL Injection worth $4324 bounty |
Day 106 |
XSS , HTML Injection and File Upload Bypass in HUAWEI Subdomain |
Day 107 |
How Token Misconfiguration can lead to takeover account |
Day 108 |
How to hack any Payment Gateway? |
Day 109 |
Race Condition bypassing team limit |
Day 110 |
Bypass Apple Corp SSO on Apple Admin Panel |
Day 111 |
The Unusual Case of Status code- 301 Redirection to AWS Security Credentials Compromise |
Day 112 |
Find security bugs while you sleep! Using nuclei templates, and more.. |
Day 113 |
Getting access to disabled/hidden features with the help of Burpsuite Match and Replace settings |
Day 114 |
Finding bugs to trigger Unauthenticated Command Injection in a NETGEAR router (PSV-2022–0044) |
Day 115 |
How I chained two vulnerabilities to steal credit card details? |
Day 116 |
How I Made The BBC Hall Of Fame 3 Times |
Day 117 |
Improper cookie not expiring after logged out! |
Day 118 |
Open-Redirects, What you doing wrong when you fail at bug bounties? |
Day 119 |
Bypassing WAF for $2222 |
Day 120 |
Subdomain Takeover using Mobile?? |
Day 121 |
Fuzzing and credentials leakage..awesome bug hunting writeup |
Day 122 |
OTP bypass with response manipulation. |
Day 123 |
There is no task Today Enjoy Eid Festival 🥳😊😃 |
Day 124 |
An Bug Bounty Hunter’s Guide to IDOR Vulnerabilities |
Day 125 |
How I got a lousyT-Shirt from the Dutch Government. |
Day 126 |
Hack the HAckers |
Day 127 |
The $16,000 Dev Mistake |
Day 128 |
Denial of Service through … |
Day 129 |
How i found a vulnerability that leads to access any users’ sensitive data and got $500 |
Day 130 |
ToolTime - Cloud Recon 1 |
Day 131 |
A Fun SSRF through a Headless Browser |
Day 132 |
2FA Bypass in PickMyCareer.in |
Day 133 |
Exploiting Google Maps API keys for profit |
Day 134 |
Creator Studio’s api endpoint is vulnerable to IDOR, exposes “p40_earnings_usd”:$$$ |
Day 135 |
I have 1% chance to hack this company |
Day 136 |
HTTP Request Smuggling: Part-1 (Concepts) |
Day 137 |
Create Your Ultimate Bug Bounty Automation Without Nerdy Bash Skills (Part 1) |
Day 138 |
Can analyzing javascript files lead to remote code execution? |
Day 139 |
My New Discovery In Oracle E-Business Login Panel That Allowed To Access For All Employees Information's & In Some cases Passwords At More Than 1000 Companies |
Day 140 |
Origin IP found, WAF Cloudflare Bypass |
Day 141 |
MFA (Multi-Factor Authentication) |
Day 142 |
Vulnerability In PayPal worth 200000$ bounty, Attacker can Steal Your Balance by One-Click |
Day 143 |
Does ms15–034 still exist today ? |
Day 144 |
How I managed to take over any account visits my profile with Stored XSS |
Day 145 |
The Bucket’s Got a Hole in it |