Infosec Resources

This is a try to create a comprehensive list of good write-ups and tools for specific vulnerablitiies.

Attack Guidance

OAuth

• https://research.nccgroup.com/2020/07/07/an-offensive-guide-to-the-authorization-code-grant/

CRLF Injection

• https://hackerone.com/reports/79552
• https://hackerone.com/reports/66386
• https://hackerone.com/reports/36105
• https://hackerone.com/reports/39181
• https://hackerone.com/reports/66257
• https://hackerone.com/reports/67386
• https://hackerone.com/reports/15492

Cross-Site-Scripting

• http://lcamtuf.coredump.cx/postxss/
• https://html5sec.org/
• https://aem1k.com/aurebesh.js/

CSP

• https://blog.innerht.ml/csp-2015/

Sensitive Information Disclosure

• https://github.com/cure53/HTTPLeaks

URL Redirection

• https://medium.com/bugbountywriteup/cvv-2-open-redirect-213555765607

Subdomain Takeover

• https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

SSTI (Server-Side Template Injection)

• https://portswigger.net/blog/server-side-template-injection
• https://speakerdeck.com/owaspmontreal/workshop-server-side-template-injection-ssti
• https://www.lanmaster53.com/2016/03/09/exploring-ssti-flask-jinja2/
• https://www.lanmaster53.com/2016/03/11/exploring-ssti-flask-jinja2-part-2/
• https://nvisium.com/blog/2016/03/09/exploring-ssti-in-flask-jinja2.html
• https://hackerone.com/reports/125980

SSRF (Server-Side Request Forgery)

• http://www.kernelpicnic.net/2017/05/29/Pivoting-from-blind-SSRF-to-RCE-with-Hashicorp-Consul.html
• https://sethsec.blogspot.com/2015/12/exploiting-server-side-request-forgery.html
• http://www.agarri.fr/docs/AppSecEU15-Server_side_browsing_considered_harmful.pdf
• https://www.hackerone.com/blog-How-To-Server-Side-Request-Forgery-SSRF
• http://buer.haus/2017/06/29/escalating-xss-in-phantomjs-image-rendering-to-ssrflocal-file-read/
• https://www.bishopfox.com/blog/2016/02/burp-collaborate-listen-pentester-reviews-latest-burp-suite-addition/
• https://docs.google.com/document/d/1v1TkWZtrhzRLy0bYXBcdLUedXGb9njTNIJXa3u9akHM/edit
• https://gist.github.com/BuffaloWill/fa96693af67e3a3dd3fb

SQL Injection

• https://www.nccgroup.com/us/about-us/newsroom-and-events/blog/2019/march/did-you-order-a-sql-injection/

CSRF (Cross-Site-Request Forgery)

• https://resources.infosecinstitute.com/bypassing-csrf-protections-fun-profit/#gref

CSS Injection

• https://www.netsparker.com/blog/web-security/private-data-stolen-exploiting-css-injection/
• https://portswigger.net/blog/detecting-and-exploiting-path-relative-stylesheet-import-prssi-vulnerabilities#badcss
• https://d0nut.medium.com/better-exfiltration-via-html-injection-31c72a2dae8b

HTTP Parameter Pollution

• https://www.acunetix.com/blog/whitepaper-http-parameter-pollution/

Deserialization

• https://github.com/frohoff/ysoserial
• https://book.hacktricks.xyz/pentesting-web/deserialization

RCE

• https://www.revshells.com/

Tech-Stack

Electron Apps

• https://spaceraccoon.dev/open-sesame-escalating-open-redirect-to-rce-with-electron-code-review

Cheat-Sheets

API Hacking

• https://dsopas.github.io/MindAPI/play/

Reconnaissance

Bug Bounty

• https://www.offensity.com/de/blog/just-another-recon-guide-pentesters-and-bug-bounty-hunters/

Tools

Reconnaissance

• https://github.com/1N3/Sn1per

Bug Bounty Framework

• https://github.com/pry0cc/axiom
• https://blog.yeswehack.com/yeswerhackers/the-pwning-machine/

Blogs

Web Application Security

• https://blog.innerht.ml/

Methodologies

Bug Finding

• https://docs.google.com/presentation/d/1p8QiqbGndcEx1gm4_d3ne2fqeTqCTurTC77Lxe82zLY/edit#slide=id.p

Youtube

Web Application Hacking

• https://www.youtube.com/watch?v=Casj9ly3XAk&feature=youtu.be
• https://www.youtube.com/watch?v=Qw1nNPiH_Go
• https://www.youtube.com/watch?v=C4ZHAdI8o1w
• https://www.youtube.com/watch?v=Y80drEt_TVQ

Random Videos

• https://www.youtube.com/watch?v=RBoI0sSBeDo

Technical Challenges

File Transfer

• https://file-downloads.com/

Further Lists

Write-Ups

• https://pentester.land/list-of-bug-bounty-writeups.html