Merge pull request #1 from KathanP19/master

Added to Fork

Author: theinfosecguy

.all-contributorsrc

@@ -0,0 +1,123 @@
+{
+  "files": [
+    "README.md"
+  ],
+  "imageSize": 100,
+  "commit": false,
+  "contributors": [
+    {
+      "login": "remonsec",
+      "name": "Mehedi Hasan Remon",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/54717234?v=4",
+      "profile": "https://github.com/remonsec",
+      "contributions": [
+        "tutorial"
+      ]
+    },
+    {
+      "login": "theinfosecguy",
+      "name": "Keshav Malik",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/33570148?v=4",
+      "profile": "https://www.theinfosecguy.me",
+      "contributions": [
+        "tutorial"
+      ]
+    },
+    {
+      "login": "0xd3vil",
+      "name": "Vivek Kumar Yadav",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/32324065?v=4",
+      "profile": "https://0xd3vil.github.io/",
+      "contributions": [
+        "tutorial"
+      ]
+    },
+    {
+      "login": "SMHTahsin33",
+      "name": "smhtahsin33",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/60981314?v=4",
+      "profile": "https://smhtahsin33.me",
+      "contributions": [
+        "tutorial"
+      ]
+    },
+    {
+      "login": "Virdoexhunter",
+      "name": "Deepak Dhiman",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/68891432?v=4",
+      "profile": "https://github.com/Virdoexhunter",
+      "contributions": [
+        "tutorial"
+      ]
+    },
+    {
+      "login": "maverickNerd",
+      "name": "maverickNerd",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/49231687?v=4",
+      "profile": "https://github.com/maverickNerd",
+      "contributions": [
+        "tutorial"
+      ]
+    },
+    {
+      "login": "Harsha-Ambati",
+      "name": "Harsha Vardhan",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/47480010?v=4",
+      "profile": "http://harsha.ambati05@gmail.com",
+      "contributions": [
+        "tutorial"
+      ]
+    },
+    {
+      "login": "bishal0x01",
+      "name": "Bishal Shrestha",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/26160488?v=4",
+      "profile": "https://github.com/bishal0x01",
+      "contributions": [
+        "tutorial"
+      ]
+    },
+    {
+      "login": "Cyber-Pirate",
+      "name": "Cyber-Pirate",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/69442715?v=4",
+      "profile": "https://github.com/Cyber-Pirate",
+      "contributions": [
+        "tutorial"
+      ]
+    },
+    {
+      "login": "h4ckboy19",
+      "name": "Naman Shah",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/61796314?v=4",
+      "profile": "https://github.com/h4ckboy19",
+      "contributions": [
+        "tutorial"
+      ]
+    },
+    {
+      "login": "Anugrahsr",
+      "name": "ANUGRAH S R",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/44763564?v=4",
+      "profile": "https://anugrahsr.netlify.com/",
+      "contributions": [
+        "tutorial"
+      ]
+    },
+    {
+      "login": "SocioDroid",
+      "name": "Aishwarya Kendle",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/47445489?v=4",
+      "profile": "https://github.com/SocioDroid",
+      "contributions": [
+        "tutorial"
+      ]
+    }
+  ],
+  "contributorsPerLine": 7,
+  "projectName": "HowToHunt",
+  "projectOwner": "KathanP19",
+  "repoType": "github",
+  "repoHost": "https://github.com",
+  "skipCi": true
+}

Account_Takeovers_Methodologies/Chaining_low_impact_bugs_with_xss.md

@@ -0,0 +1,11 @@
+# Chaining Session Hijacking with XSS
+```
+1.I have add a session hijacking method in broken auth and session managment.
+2.If you find that on target.
+3.Try anyway to steal cookies on that target.
+4.Here I am saying look for xss .
+5.If you find xss you can stole the cookies of victim and using session hijacking you can takeover the account of victim.
+```
+
+### Author
+* [@Virdoex_hunter](https://twitter.com/Virdoex_hunter)

Account_Takeovers_Methodologies/No_rate_limit_on_login_with_weak_password_policy.md

@@ -0,0 +1,7 @@
+```
+So if you find that target have weak password policy try to go for no rate limit attacks in poc shows by creating very weak password of your account.
+
+(May or may not be accepted)
+```
+### Author
+* [@Virdoex_hunter](https://twitter.com/Virdoex_hunter)

Account_Takeovers_Methodologies/Password_reset_poisoning_leads_to_token_theft.md

@@ -0,0 +1,12 @@
+# PASSWORD RESET POISIONING LEADS TO TOKEN THEFT
+```
+1.Go to password reset funtion.
+2.Enter email and intercept the request.
+3.Change host header to some other host i.e,
+    Host:target.com
+    Host:attacker.com
+4.Forward this if you found that in next request attacker.com means you successfully theft the token.:)
+```
+
+### Author
+* [@Virdoex_hunter](https://twitter.com/Virdoex_hunter)

Account_Takeovers_Methodologies/Using_Auth_Bypass.md

@@ -0,0 +1,6 @@
+```
+Go to my Auth Bypass folder and there is a file otp bypass response manipulation that leads to account takeovers.
+```
+
+### Author
+* [@Virdoex_hunter](https://twitter.com/Virdoex_hunter)

Account_Takeovers_Methodologies/Using_CSRF.md

@@ -0,0 +1,8 @@
+# Always try to get csrf on:
+```
+1.Change Password function.
+2.Email change
+3.Change Security Question
+```
+### Author
+* [@Virdoex_hunter](https://twitter.com/Virdoex_hunter)

Account_Takeovers_Methodologies/Using_sensitive_data_exposure.md

@@ -0,0 +1,9 @@
+```
+This is depends on your luck.
+
+Sometimes using git recon and google recon you may found files that contains critical information like user tokens, usernames and their password.
+```
+
+### Author
+* [@Virdoex_hunter](https://twitter.com/Virdoex_hunter)
+

Account_Takeovers_Methodologies/token_leaks_in_response.md

@@ -0,0 +1,36 @@
+* So there are multiple ways to do it but all are same.
+
+* So I will sharing my method that I have learnt here .
+
+* Endpoints:(Register,Forget Password)
+
+* Steps(For Registration):
+```
+  1.for registeration intercept the signup request that contains data you have entered.
+  2.Click on action -> do -> intercept response to this request.
+  3.Click forward.
+  4.Check response it that contains any link,any token or otp.
+ ```
+ ------------------------
+ * Steps(For password reset):
+ ``` 
+  1.Intercept the forget password option.
+  2.Click on action -> do -> intercept response to this request.
+  3.Click forward.
+  4.Check response it that contains any link,any token or otp.
+ ```
+  
+  ### Author
+* [@Virdoex_hunter](https://twitter.com/Virdoex_hunter)
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  Resources:Google,Twitter,Medium
+  Please follow me on twitter @Virdoex_hunter.

Authentication_Bypass/OTP_Bypass_through_Response_Manipulation.md

@@ -0,0 +1,33 @@
+# OTP Bypass response manipulation( Register or login or password reset )
+
+### Steps:
+ 
+  ```
+    1.Register 2 accounts with any 2 mobile number(first enter right otp)
+    2.Intercept your request
+    3.click on action -> Do intercept -> intercept response to this request.
+    4.check what the message will display like status:1
+    5.Follow the same procedure with other account but this time enter wrong otp
+    6.Intercept respone to the request
+    7.See the message like you get status:0
+    8.Change status to 1 i.e, status:1 and forward the request if you logged in means you just done authentication bypass.
+  ```
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    Happy Hacking.:)
+    Resource Google,Youtube,Twitter
+    
+    Impact:auth bypass,account takeover etc.
+    

BrokenLinkHijacking.md renamed to BrokenLinkHijacking/BrokenLinkHijacking.md

@@ -8,9 +8,19 @@
    Ouput will be like Something. 
 
    `─BROKEN─ https://www.linkedin.com/company/ACME-inc-/ (HTTP_999)`
+   
+ 3. Now you need to check if company has the page or not , if no then register as the company or try to get that username or url. 
+ 
+ ## Alternate Step
+ 1. Go to [Online Broken Link Checker](https://ahrefs.com/broken-link-checker) Or [Alternative Online Broken Link Checker](https://brokenlinkcheck.com/)
+ 2. Input the domain name
 
 # Reference
 
 [https://edoverflow.com/2017/broken-link-hijacking/](https://edoverflow.com/2017/broken-link-hijacking/)
 
 [https://medium.com/@bathinivijaysimhareddy/how-i-takeover-the-companys-linkedin-page-790c9ed2b04d](https://medium.com/@bathinivijaysimhareddy/how-i-takeover-the-companys-linkedin-page-790c9ed2b04d)
+
+### Author:
+* [@KathanP19](https://twitter.com/KathanP19)
+* [@cyph3r_asr](https://twitter.com/cyph3r_asr)