BrownBearSec – Medium

Home

Following

Library

Reading history

Stories

Stats

BrownBearSec

Pinned

What I learnt from reading 220* IDOR bug reports.

IDOR — Insecure Direct Object Reference, abuse of the lack of authentication at every stage.

Jan 25, 2022

Jan 25, 2022

Pinned

What I learnt from reading 126* Information Disclosure Writeups.

Let’s tackle the most valuable and mysterious bug type…

Jun 6, 2022

Jun 6, 2022

@pdiscoveryio’s Katana for Bug Bounty.

Katana is an incredibly built go-lang based web crawler which is a great stand alone reconnaissance tool, and also works perfectly in…

Nov 27, 2023

@pdiscoveryio’s Katana for Bug Bounty.

Nov 27, 2023

Bug Bounty: Wordlists — Please do them properly.

You are only so good as your weakest link. And in bug bounty, most people’s weakest link, and most ignored is always their wordlists…

Jun 19, 2023

Bug Bounty: Wordlists — Please do them properly.

Jun 19, 2023

Shodan for Bug Bounty — and Why You Shouldn’t Use these 53 Dorks.

Shodan is a much-loved and widely adopted attack surface management tool. But what actually is it? How do we use it beyond basic usage? and…

Mar 20, 2023

Shodan for Bug Bounty — and Why You Shouldn’t Use these 53 Dorks.

Mar 20, 2023

Automated and Continuous Recon/Attack Surface Management — Amass Track and DB

Not using Continuous Attack Surface Management is the reason you keep getting dupes, let’s talk about it…

Jan 2, 2023

Automated and Continuous Recon/Attack Surface Management — Amass Track and DB

Jan 2, 2023

What I learnt from reading 217* Subdomain Takeover bug reports.

A comprehensive analysis of Subdomain Takeovers (SDTO), DNS Hijacking, Dangling DNS, CNAME misconfigurations…

Oct 31, 2022

What I learnt from reading 217* Subdomain Takeover bug reports.

Oct 31, 2022

How I DIDN’T get an RCE in a $200 Billion company — Bug Bounty

I was hunting for CVE-2021–36356 on my subdomain list of over 1,000,000+ subdomains, and finally got a hit…

Sep 12, 2022

Banner: How I DIDN’T get an RCE in a $200 Billion Dollar Company

Sep 12, 2022

How to actually use Amass more effectively — Bug Bounty

99% of bug hunters only use 1% of Amass’ potential…

Aug 15, 2022

How to actually use Amass more effectivley banner

Aug 15, 2022

Comprehensive Url Enumeration for Bug Bounty — The potential of GAU.

Url Enumeration — Subset of Content Discovery: finding existing endpoints.

Feb 22, 2022

banner for article with the words “The most underrated tool in bug bounty. (and the filthiest one liner possible)”

Feb 22, 2022

Bug Bounty Recon: Content Discovery (Efficiency pays $)

Content Discovery — The process of finding vulnerable endpoints; URLs, Parameters and Resources.

Jan 18, 2022

Bug Bounty Recon: Content Discovery (Efficiency pays $)

Jan 18, 2022

Bug Bounty Recon: Fingerprinting

Fingerprinting — Finding and Indexing Services and Technologies used by your target.

Jan 10, 2022

Fingerprinting Banner

Jan 10, 2022

Bug Bounty Recon: Vertical Correlation (and the secret to succeeding).

Vertical Correlation — The process of finding subdomains from a root domain.

Jan 2, 2022

Vertical Correlation banner

Jan 2, 2022

Bug Bounty Recon: Horizontal Correlation.

Horizontal Correlation — The process of finding different domains owned by the same organisation.

Dec 12, 2021

A banner with the words “Horizontal Correlation” in front of a blurred terminal with text on it.

Dec 12, 2021

BrownBearSec

BrownBearSec

CTI analyst | Head of Security @revoltchat | Bug Bounty Hunter. https://twitter.com/BrownBearSec. Alana Witten (she/her)

Following

Help
Status
About
Careers
Press
Blog
Privacy
Rules
Terms
Text to speech