Biscuit's Bug Bounty Playbook
  • ๐Ÿ‘‹Introduction to Biscuit's Bug Bounty Playbook
  • Mains
    • ๐ŸงพResume For Cyber Security Freshie
    • ๐Ÿ“—Browser extension For Bug Bounty
    • ๐Ÿ“€POC Videos YT Channel
    • ๐Ÿ“บ55 YouTube Channels To Learn Hacking
    • ๐Ÿ‘€Hackers to Follow on Social Media
      • Twitter
      • Medium
      • YouTube
      • GitHub
      • Discord Server
      • Security GitBooks
    • ๐Ÿ…Learn The Basics
      • ๐ŸŽ–๏ธType Of Cyber Security
      • ๐ŸฅˆCommon Job Roles
      • ๐Ÿฅ‰Get Started With InfoSec
      • โš•๏ธBest Bug Bounty Platform
      • ๐Ÿ—ž๏ธBest InfoSec Writeups Website
      • ๐ŸชHacking Books
      • ๐Ÿฅ‚CLI Commands
      • ๐Ÿ’ฟLearn WSL
    • ๐Ÿ‘ฉโ€๐Ÿ’ปFun Programming Codes
    • ๐Ÿ”ฎBuild your own Bug Bounty Methodology
    • ๐ŸŽดBug Bounty Checklist
  • Learn Android Bug Bounty
    • ๐ŸŽฅVideo Tutorials
  • โค๏ธYouTube Channels
  • ๐Ÿ“ฐBug Bounty Reports
  • ๐Ÿ“šBlogs & Writeups
  • ๐ŸนGitHub Repository
  • ๐Ÿ‘จโ€๐Ÿ‘จโ€๐Ÿ‘งConference Talks
  • ๐Ÿ–จ๏ธAutomated Scanners
  • โš™๏ธIntentionally Vulnerable Apps
  • ๐ŸŽฑLearn Drozer For Android Pentesting
  • ๐Ÿช€Learn Frida For Android Pentesting
  • ๐ŸˆBypassing Security Protections in APKs via Objection and Frida
  • ๐ŸชSecurity Tools For Android Pentesting
  • ๐ŸŽนCLI Commands & Shortcuts
  • Bug Bounty Reports & Articles
    • 0๏ธโƒฃIndex
    • 1๏ธโƒฃTakeover's (Accounts, Sub-domains, etc)
      • ๐ŸšกSub Domain Takeover
      • ๐Ÿš Account Takeover
      • ๐ŸšŸdependency confusion vulnerability
    • 2๏ธโƒฃIDOR (Indirect Object Reference)
    • 3๏ธโƒฃLeaks & Disclosure (PII, API Key, etc)
    • 4๏ธโƒฃOpen Redirects
    • 5๏ธโƒฃRequest Forgery (CSRF & SSRF)
      • ๐ŸŸขCSRF
      • ๐Ÿ”ดSSRF
    • 6๏ธโƒฃInjections (HTML, XSS, etc)
      • ๐ŸŸกXSS
      • ๐ŸŸ HTML Injection
      • โšซSQL Injection
      • ๐ŸŸฃCR/LF Injection
      • ๐ŸŸขSSTI
      • ๐Ÿ”ดHost Header Injection
      • ๐Ÿ”ตCSV Injection
    • 7๏ธโƒฃBroken Access Control & Broken Authentication
      • โš™๏ธFile Upload Functionality
      • โš™๏ธPassword Reset Functionality
      • โš™๏ธ2FA Functionality
      • โš™๏ธOauth Functionality
      • โš™๏ธBypassing
      • โš™๏ธMisconfiguration
      • โš™๏ธCaptcha Bypass
    • 8๏ธโƒฃWeb Socket
    • 9๏ธโƒฃMiscellaneous Reports
    • ๐ŸงปRole Management Issue
    • 0๏ธCloud
      • ๐ŸŒฉ๏ธAWS S3
    • 1๏ธLow Hanging Fruits
    • 2๏ธCache Vulnerabilities
    • 3๏ธDOS/DDOS
  • 4๏ธForced Browsing
  • Bug Bounty Platforms
    • ๐Ÿ›BugCrowd
    • ๐ŸžHackerOne
    • ๐ŸIntigriti
    • ๐ŸœOpen Bug Bounty
  • Exploiting Technologies
    • 0๏ธโƒฃIntroduction
    • 1๏ธโƒฃWordpress
    • 2๏ธโƒฃGraphQL API
    • 3๏ธโƒฃIDOR Vulnerability
Powered by GitBook
On this page
  1. Bug Bounty Reports & Articles

Request Forgery (CSRF & SSRF)

Request forgery vulnerabilities pose serious risks by leveraging the trust and capabilities of web applications to perform unauthorized actions. Implementing robust security measures to prevent these

PreviousOpen RedirectsNextCSRF

Last updated 11 months ago

Request forgery vulnerabilities pose serious risks by leveraging the trust and capabilities of web applications to perform unauthorized actions. Implementing robust security measures to prevent these vulnerabilities is crucial for maintaining the integrity and security of web applications.

5๏ธโƒฃ
๐Ÿ”ดSSRF
๐ŸŸขCSRF