Learn365

This repository contains all the information shared during my Learn 365 Challenge. Learn 365 is a challenge to keep the learning spirit going on and challenge myself to learn something daily for the whole year, it can be anything from infosec to general life. Follow me on Twitter for Regular Updates: Yash Devkate. Huge thanks to Harsh Bothra & Anubhav Singh., from whoam I got motivated to start this Learn365 challenge.

---

Day	Topic
1	Learn Javascript GraphQL Pentesting for Dummies Learn Bash THM Lab
2	Learn Javascript Understanding Broken Access Control issues Broken Access Control (IDOR) exploitation
3	Learn Javascript Cross-Site Scripting (XSS) - Writeup Cross-Site Scripting (XSS) Payloads - Writeup Cross-Site Scripting (XSS) Exploitation - Writeup
4	Learn Javascript SSRF in Facebook - Writeup
5	Learn Javascript
6	Solved DOM based XSS Labs on Portswigger
7	Solved DOM based XSS Labs on Portswigger Blind XSS in Email Field - Writeup
8	A Cool Account Takeover Vulnerability due to lack of Client Side Validation - WriteUp
9	Turn off all type of message requests using deeplink (Instagram) - WriteUp
10	Unauth Web-Cache Poisoning - WriteUp How I was able to change victim’s password using IDN Homograph Attack - WriteUp
11	THM Lab JavaScript for Hackers - Video HACKING postMessage() - Video An amazing way to turn a xss into an ATO - Writeup
12	Subdomain Hijacking Of Any Qwilr’s Customer - Writeup CVE-2022–29464 RCE - Writeup
13	RCE on admin panel of web3 website - Writeup Introduction to GraphQL - GraphQL Exploitation Part1 - Video
14	Finding The Origin IP Behind CDNs - Writeup CVE-2022-42710: A journey through XXE to Stored-XSS - Writeup
15	How I was able to steal users credentials via Swagger UI DOM-XSS - Writeup CVE-2021-40662 Chamilo LMS 1.11.14 RCEn - Writeup
16	120 Days of High Frequency Hunting - WriteUp Simple CORS misconfig leads to disclose the sensitive token - Writeup
17	Advanced Broken Access Control (IDOR) exploitation- WriteUp Outdated PHP Version leads to RCE - Writeup
18	Full Team Takeover - WriteUp 3 Vulnerabilities Worth $$$ - Writeup
19	Server-Side Request Forgery (SSRF) Vulnerabilities in Four Different Azure Services - WriteUp Account Take Over Due To AWS Cognito Misconfiguration - Writeup
20	Automated monitoring of subdomains for fun and profit - WriteUp Understanding the full potential of sqlmap during bug bounty hunting - Writeup
21	Full Team Takeover - WriteUp 3 Vulnerabilities Worth $$$ - Writeup
22	Full Team Takeover - WriteUp 3 Vulnerabilities Worth $$$ - Writeup
23	Full Team Takeover - WriteUp 3 Vulnerabilities Worth $$$ - Writeup
24	Full Team Takeover - WriteUp 3 Vulnerabilities Worth $$$ - Writeup
25	Full Team Takeover - WriteUp 3 Vulnerabilities Worth $$$ - Writeup
26	Full Team Takeover - WriteUp 3 Vulnerabilities Worth $$$ - Writeup