EyeWitness is an incredibly tool that allows you to quickly get a feel for what assets to target first. We all know hundreds of content discovery tools that give us vast amounts of data, but do we ever focus on efficiently parsing all that data? How do you go through hundreds of endpoints? If you’re doing it manually, then be sure to read this article as EyeWitness may be of great help to you!
As a bug bounty hunter, you need to get a good view of all the pages and endpoints your targets host. Manually enumerating these can become labour intensive, boring and on top of that, is prone to errors. Today we’re going to look at GoSpider, a tool that can do all this for us! 🙋♂️ […]
Every security researcher has their specialty, their range of bugs that they focus on or that they have spent the past years researching and perfecting. The greatest power of bug bounty comes into play when considering that all of these bright individuals with diverse skillsets can become a single superbrain when put together. At Intigriti, […]
A CRLF injection is the injection of newlines in places where the server doesn’t expect newlines. This can cause a plethora of vulnerabilities including XSS, session fixation, cookie injection, open redirect, and much more! What are we waiting for? Let’s check out CRLFuzz, the tool that can help you! 🙋♂️ What is CRLFuzz? CRLFuzz is […]
The past can tell stories, show things that should’ve never been uncovered and today we will be looking at that past. We can go hunt for subdomains, secret endpoints, tokens, and secrets, all with the help of Waybackurls. 🙋♂️ What is Waybackurls? Waybackurls by @TomNomNom is a small utility written in Go that will fetch […]
Finding XSS can sometimes be a repetitive and laborious task. Many attempts at automating the process have been made, yet very little actually come close to getting it right. Today, we’re covering Dalfox, a tool that did get it right. Let’s find some cross-site scripting vulnerabilities! 🙋♂️ What is Dalfox? DalFox is a fast, powerful […]
OWASP top 10; Over the last 4 years, the cybersecurity field has continued to see incredible leaps forward at an unimaginable pace. As attacks that used to be prevalent 15 years ago are slowly dying out, new attack vectors are being discovered day in and day out. Security researchers and bug bounty hunters alike often […]
When facing API endpoints, older tools for directory busting tend to be very ineffective. The days where a webserver is just a directory tree are over. The more modern ‘routes’ have taken over and just wildly bruteforcing filenames isn’t effective anymore. We need to be smarter and scan based on popular API layouts. Let’s look at how KiteRunner can help with that!
WordPress is huge! Some even estimate 30% of public websites run it in some way or another. In fact, you’re reading this on a WordPress page. Are all of these sites secure? No! Not at all. While the latest up to date version of WordPress is very likely to be secure (until someone finds a […]
Every bug bounty journey starts in the same way: Reconnaissance. We need to scope out our target. Find out what they are hosting, what services are running, what ports are open and so on. This can be extremely time-consuming when done manually, not to think of the nightmare to organise all these insights. Luckily ReNgine […]