Biscuit's Bug Bounty Playbook

CtrlK

👋Introduction to Biscuit's Bug Bounty Playbook
Mains
🟧Learn to Use Burp Suite
Learn Android Bug Bounty
- 🎥Video Tutorials
❤️YouTube Channels
📰Bug Bounty Reports
📚Blogs & Writeups
🏹GitHub Repository
👨‍👨‍👧Conference Talks
🖨️Automated Scanners
⚙️Intentionally Vulnerable Apps
🎱Learn Drozer For Android Pentesting
🪀Learn Frida For Android Pentesting
🏈Bypassing Security Protections in APKs via Objection and Frida
🪁Security Tools For Android Pentesting
😼PIDCAT for Android Bug Bounty Logging
🎹CLI Commands & Shortcuts
My Android Bug Bounty Lab Setup
Learn Thick Client Pentesting
- 🟥Introduction Videos
📑Introduction Articles
✅Pentesting Checklist
📚Bug Bounty Writeups
🐞Thick Client Vulnerabilities
- DLL Hijacking Basics
🥼Intentionally vulnerable labs
🛠️Tools for Thick Client Pentesting
🏠Bug Bounty Programs with Thick Client Scope
💵Paid Udemy Course
Bug Bounty Reports & Articles
4️Forced Browsing
5️RCE
6️OSINT
Bug Bounty Platforms
Exploiting Technologies

Powered by GitBook

On this page

Bug Bounty Reports & Articles
1️⃣Takeover's (Accounts, Sub-domains, etc)

🚡Sub Domain Takeover

What I learnt from reading 217* Subdomain Takeover bug reports.Medium

Subdomain takeover via AWS s3 bucketMedium

Simple Subdomain TakeoverMedium

https://bepractical.tech/blogs/subdomain-takeover/bepractical.tech

Subdomain Takeover in Azure: making a PoCGoDiego

Subdomain Takeover: Starbucks points to AzurePatrik Hudak

Subdomain Takeover: Yet another Starbucks casePatrik Hudak

Subdomain Hijacking Of Any Qwilr’s Customer - 0xPrialPrial Islam - Ethical Hacker | Cyber Security Researcher

Unclaimed Medium Publication takeover in WeTransfer - 0xPrialPrial Islam - Ethical Hacker | Cyber Security Researcher

Subdomain takeover due to misconfigured project settings - 0xPrialPrial Islam - Ethical Hacker | Cyber Security Researcher

UBER Wildcard Subdomain Takeover | BugBounty POCSecurity Breached Blog

Subdomain Takeover worth 200Medium

Subdomain Takeover Through Expired Cloudfront Distribution | live.lamborghini.com - Security Breached BlogSecurity Breached Blog

Subdomain Takeover leading to Full Account TakeoverHacktus

Dangling DNS: AWS EC2Medium

Fastly Subdomain Takeover $2000Medium

How i buy a subdomain of Tokopedia’s website (yeah you read it right)Medium

The unexpected bounty: a story of Zendesk takeover on REDACTED.comMedium

Unauthorized Sign-up on Subdomain of Subdomain leading to Organization takeover worth $2000Medium

Again? Subdomain takeover via ideanote.ioMedium

Subdomain takeover via nolt.ioMedium

How I Took Over 2 Subdomains with Azure CDN Profilesm0chan Blog - Info Sec, CTF & Hacking

Weird "Subdomain Take Over" pattern of Amazon S3 | by secureITmania | in entersoftsecurity - Freediumfreedium.cfd

Passive Recon with Spyse (Part-II)remonsec

How i hijacked 12 Subdomains in one ProgramMedium

PreviousTakeover's (Accounts, Sub-domains, etc)NextAccount Takeover

Last updated 5 months ago