Biscuit's Bug Bounty Playbook
  • 👋Introduction to Biscuit's Bug Bounty Playbook
  • Mains
    • 🧾Resume For Cyber Security Freshie
    • 📗Browser extension
    • 📀POC Videos YT Channel
    • 📺55 YouTube Channels To Learn Hacking
    • 👀Hackers to Follow on Social Media
      • Twitter
      • Medium
      • YouTube
      • GitHub
      • Discord Server
      • Security GitBooks
    • 🏅Learn The Basics
      • 🎖️Type Of Cyber Security
      • 🥈Common Job Roles
      • 🥉Get Started With InfoSec
      • ⚕️Best Bug Bounty Platform
      • 🗞️Best InfoSec Writeups Website
      • 🍪Hacking Books
      • 🥂CLI Commands
      • 💿Learn WSL
    • 🧑‍💻Fun Programming Codes
    • 🔮Build your own Bug Bounty Methodology
    • 🎴Bug Bounty Checklist
  • Bug Bounty Reports & Articles
    • 0️⃣Index
    • 1️⃣Takeover's (Accounts, Sub-domains, etc)
      • 🚡Sub Domain Takeover
      • 🚠Account Takeover
      • 🚟dependency confusion vulnerability
    • 2️⃣IDOR (Indirect Object Reference)
    • 3️⃣Leaks & Disclosure (PII, API Key, etc)
    • 4️⃣Open Redirects
    • 5️⃣Request Forgery (CSRF & SSRF)
      • 🟢CSRF
      • 🔴SSRF
    • 6️⃣Injections (HTML, XSS, etc)
      • 🟡XSS
      • 🟠HTML Injection
      • 🟣CR/LF Injection
      • 🟢SSTI
    • 7️⃣Broken Access Control & Broken Authentication
      • ⚙️File Upload Functionality
      • ⚙️Password Reset Functionality
      • ⚙️2FA Functionality
      • ⚙️Oauth Functionality
      • ⚙️Bypassing
      • ⚙️Misconfiguration
    • 8️⃣Web Socket
    • 9️⃣Miscellaneous Reports
    • 0️Cloud
      • 🌩️AWS S3
    • 1️Low Hanging Fruits
    • 2️Cache Poising
    • 3️DOS/DDOS
  • Bug Bounty Platforms
    • 🐛BugCrowd
    • 🐞HackerOne
    • 🪲Intigriti
    • 🐜Open Bug Bounty
  • Exploiting Technologies
    • 0️⃣Introduction
    • 1️⃣Wordpress
    • 2️⃣GraphQL API
    • 3️⃣IDOR Vulnerability
    • Learn Android Hacking
Powered by GitBook
On this page
  1. Bug Bounty Reports & Articles

Low Hanging Fruits

PreviousAWS S3NextCache Poising

Last updated 1 month ago

1️
LogoWeblate disclosed on HackerOne: Old password can be new passwordHackerOne
LogoWeblate disclosed on HackerOne: Weak password policyHackerOne
LogoFinding a easy p3 bugMedium
LogoHow to find a easy bug it worth $100Medium
LogoFinding a easy p3 bug | by loyalonlytoday - Freedium
LogoGitLab disclosed on HackerOne: EXIF metadata not stripped from JPG...HackerOne
LogoP4 bug’s and their POC steps | Part 1Medium
LogoP4 bug’s and their POC steps | Part 2Medium
LogoP4 bug’s and their POC steps | Part 3Medium
LogoP4 bug’s and their POC steps | Part 4Medium
LogoP4 bug’s and their POC steps | Part 5OSINT Team
LogoP4 bug’s and their POC steps | Part 6OSINT Team
LogoP4 bug’s and their POC steps | Part 7 | $Easy Money$T3CH