Biscuit's Bug Bounty Playbook
  • 👋Introduction to Biscuit's Bug Bounty Playbook
  • Mains
    • 🧾Resume For Cyber Security Freshie
    • 📗Browser extension For Bug Bounty
    • 📀POC Videos YT Channel
    • 📺55 YouTube Channels To Learn Hacking
    • 👀Hackers to Follow on Social Media
      • Twitter
      • Medium
      • YouTube
      • GitHub
      • Discord Server
      • Security GitBooks
    • 🏅Learn The Basics
      • 🎖️Type Of Cyber Security
      • 🥈Common Job Roles
      • 🥉Get Started With InfoSec
      • ⚕️Best Bug Bounty Platform
      • 🗞️Best InfoSec Writeups Website
      • 🍪Hacking Books
      • 🥂CLI Commands
      • 💿Learn WSL
    • 🧑‍💻Fun Programming Codes
    • 🔮Build your own Bug Bounty Methodology
    • 🎴Bug Bounty Checklist
  • Bug Bounty Reports & Articles
    • 0️⃣Index
    • 1️⃣Takeover's (Accounts, Sub-domains, etc)
      • 🚡Sub Domain Takeover
      • 🚠Account Takeover
      • 🚟dependency confusion vulnerability
    • 2️⃣IDOR (Indirect Object Reference)
    • 3️⃣Leaks & Disclosure (PII, API Key, etc)
    • 4️⃣Open Redirects
    • 5️⃣Request Forgery (CSRF & SSRF)
      • 🟢CSRF
      • 🔴SSRF
    • 6️⃣Injections (HTML, XSS, etc)
      • 🟡XSS
      • 🟠HTML Injection
      • ⚫SQL Injection
      • 🟣CR/LF Injection
      • 🟢SSTI
      • 🔴Host Header Injection
      • 🔵CSV Injection
    • 7️⃣Broken Access Control & Broken Authentication
      • ⚙️File Upload Functionality
      • ⚙️Password Reset Functionality
      • ⚙️2FA Functionality
      • ⚙️Oauth Functionality
      • ⚙️Bypassing
      • ⚙️Misconfiguration
      • ⚙️Captcha Bypass
    • 8️⃣Web Socket
    • 9️⃣Miscellaneous Reports
    • 🧻Role Management Issue
    • 0️Cloud
      • 🌩️AWS S3
    • 1️Low Hanging Fruits
    • 2️Cache Vulnerabilities
    • 3️DOS/DDOS
  • 4️Forced Browsing
  • Bug Bounty Platforms
    • 🐛BugCrowd
    • 🐞HackerOne
    • 🪲Intigriti
    • 🐜Open Bug Bounty
  • Exploiting Technologies
    • 0️⃣Introduction
    • 1️⃣Wordpress
    • 2️⃣GraphQL API
    • 3️⃣IDOR Vulnerability
    • Learn Android Hacking
Powered by GitBook
On this page
  • Here is the Comprehensive Bug Type List:
  • Here are some excellent websites which publish InfoSec articles
  1. Bug Bounty Reports & Articles

Index

Here I Document all the Bug Bounty Reports & Articles I read and my daily Source of Articles. This list includes various type of Bugs, Each Bug category have many Reports to read and learn.

Here is the Comprehensive Bug Type List:

  1. Takeover's (Accounts, Sub-domains, etc)

  2. IDOR (Indirect Object Reference)

  3. Leaks & Disclosure (PII, API Key, etc)

  4. Open Redirects

  5. Request Forgery (CSRF & SSRF)

  6. Injections (HTML, XSS)

  7. Broken Access Control & Broken Authentication

  8. Web Socket

  9. Miscellaneous Reports

Here are some excellent websites which publish InfoSec articles

Website Name
URL

Weekly Infosec Writeups

Evan Connelly's Blog

Embrace The Red Blog

Bug Bounty Hunter Disclosed

Chybeta's Blog

Infosec Writeups

Writeups.io

Pentester Land Writeups

Bug Bounty Hunting

PreviousBug Bounty ChecklistNextTakeover's (Accounts, Sub-domains, etc)

Last updated 10 months ago

0️⃣
1️⃣Takeover's (Accounts, Sub-domains, etc)
2️⃣IDOR (Indirect Object Reference)
3️⃣Leaks & Disclosure (PII, API Key, etc)
4️⃣Open Redirects
5️⃣Request Forgery (CSRF & SSRF)
6️⃣Injections (HTML, XSS, etc)
7️⃣Broken Access Control & Broken Authentication
8️⃣Web Socket
9️⃣Miscellaneous Reports
https://weekly.infosecwriteups.com/
https://evanconnelly.github.io/
https://embracethered.com/blog/index.html
https://www.bugbountyhunter.com/disclosed/
https://chybeta.github.io/
https://infosecwriteups.com/
https://writeups.io/
https://pentester.land/writeups/
https://www.bugbountyhunting.com/