Biscuit's Bug Bounty Playbook

CtrlK

👋Introduction to Biscuit's Bug Bounty Playbook
Mains
🟧Learn to Use Burp Suite
Learn Android Bug Bounty
- 🎥Video Tutorials
❤️YouTube Channels
📰Bug Bounty Reports
📚Blogs & Writeups
🏹GitHub Repository
👨‍👨‍👧Conference Talks
🖨️Automated Scanners
⚙️Intentionally Vulnerable Apps
🎱Learn Drozer For Android Pentesting
🪀Learn Frida For Android Pentesting
🏈Bypassing Security Protections in APKs via Objection and Frida
🪁Security Tools For Android Pentesting
😼PIDCAT for Android Bug Bounty Logging
🎹CLI Commands & Shortcuts
My Android Bug Bounty Lab Setup
Learn Thick Client Pentesting
- 🟥Introduction Videos
📑Introduction Articles
✅Pentesting Checklist
📚Bug Bounty Writeups
🐞Thick Client Vulnerabilities
- DLL Hijacking Basics
🥼Intentionally vulnerable labs
🛠️Tools for Thick Client Pentesting
🏠Bug Bounty Programs with Thick Client Scope
💵Paid Udemy Course
Bug Bounty Reports & Articles
4️Forced Browsing
5️RCE
6️OSINT
Bug Bounty Platforms
Exploiting Technologies

Powered by GitBook

On this page

Bug Bounty Reports & Articles
6️⃣Injections (HTML, XSS, etc)

🔴Host Header Injection

Account Takeover [Via Host Header Injection]Medium

Unveiling Vulnerabilities: Host-header injection in OAuth FunctionalityMedium

What is HHI (Host Header Injection) & How to Simply Test the VulnerabilityMedium

Finding Host header injectionMedium

Host Header Injection On Password Reset Functionality An Easy #P2Medium

Host Header injection to RCEMedium

Simple ATO in private program.Medium

HubSpot Full Account Takeover in Bug BountyMedium

PreviousSSTI NextCSV Injection

Last updated 9 days ago