Published inInfoSec Write-upsAXIOM vs ShadowCloneCompare AXIOM and ShadowClone — two of the most robust recon orchestration tools.Jul 22, 2024Jul 22, 2024
Published inInfoSec Write-upsCommon 403 Bypasses Part 2Back for more 403 bypasses? In this article, we will check various tools to help with the whole process. Get ready to level up your bypass…Jul 15, 2024Jul 15, 2024
Published inInfoSec Write-upsAdvanced SQLMap CustomizationDo you know that you can add custom payloads to the SQLMap? This tool is powerful out of the box, but with advanced customization, you can…Jul 8, 20241Jul 8, 20241
Published inInfoSec Write-upsCommon 403 Bypasses Part 1Are you tired of seeing those 403 Forbidden errors that block you while testing? Don’t worry, some effective techniques could help to avoid…Jul 1, 2024Jul 1, 2024
Published inInfoSec Write-upsSQLi WAF Bypass Techniques Part 2In our last session, we learned primary Time-Based SQL injection WAF bypasses. This time, we will move one step further and try to beat WAF…Jun 24, 2024Jun 24, 2024
Published inInfoSec Write-upsSQLi WAF Bypass Techniques Part 1 — Time-Based AttacksWeb Application Firewall is a good but not perfect solution for protecting websites. It’s the defense framework made by request filtering…Jun 17, 2024Jun 17, 2024
Published inInfoSec Write-upsContent Discovery With FFUFDiscover the hidden treasures of truly sensitive files using ffuf tool! It’s time to explore the topic of content discovery.Jun 10, 2024Jun 10, 2024
Published inInfoSec Write-upsYour Own Search Engines For Bug BountyCustomize search engines to show you the bug bounty targets. Let’s explore the way how you can set up custom search engines.Jun 3, 20246Jun 3, 20246
Published inInfoSec Write-upsBuilding Own Nuclei TemplatesIt’s time to break the atoms! We will take a look at how it’s possible to create unique nuclei templates! Don’t miss out, since I will show…May 27, 20241May 27, 20241
Published inInfoSec Write-upsUsing Nuclei At Mass ScaleNuclei is an extremely powerful tool in Bug Bounty. Discover top things that you should know to do better than the majority using this…May 20, 20242May 20, 20242
Published inInfoSec Write-upsXSS Web Application Firewall Bypass TechniquesWe all hate web application firewall! Most likely you have encountered those while testing for cross-site-scripting. If you manage to get…May 13, 20246May 13, 20246
Published inInfoSec Write-upsBypass Firewall by Finding Origin IPBypass WAF by finding origin IP address as a method. We will explore multiple ways how you can do it.May 6, 202411May 6, 202411
Published inInfoSec Write-upsRecon on Steroids — Discover EVEN MORE SubdomainsFind websites that nobody else has found. Explore unique methods to discover more core subdomains to increase your bug bounty targets.Apr 29, 2024Apr 29, 2024
Published inInfoSec Write-upsPort Scanning for Bug BountiesAre you using the same port scanning techniques as everybody else and not getting desirable results? It’s time to change your approach!Apr 22, 20245Apr 22, 20245
Published inInfoSec Write-upsMastering Shodan Search EngineShodan Dorking lets you find many things — servers, webcams, washing machines, etc. It could be a true gold mine in your Bug Bounty…Apr 19, 20242Apr 19, 20242
Published inInfoSec Write-upsActive DNS Recon using AXIOMAre you interested in getting a lot of subdomains of big targets? You will learn how you can do active DNS bruteforce using puredns.Apr 15, 20241Apr 15, 20241
Published inInfoSec Write-upsTurning Wayback Machine Into GOLD MINING MACHINELearn how to turn Wayback machine, into a gold mining machine! Explore how to analyze historical data, to get some interesting leads!Apr 12, 20242Apr 12, 20242
Published inInfoSec Write-upsSkyrocket Your Bug Bounty Success Using These CrawlersDiscover the best crawlers of top-tier bug bounty hunters used in the industry. These powerful crawlers that can skyrocket your success.Mar 27, 20241Mar 27, 20241
Published inInfoSec Write-upsMass Blind Server-Side Testing Setup For Bug BountyDiscover how to hunt for Out-Of-Bound issues. Set up the OOB Server to detect critical severity findings which could lead to large…Feb 1, 20241Feb 1, 20241
