Bug Bounty & Agile Pentesting Platform

EyeWitness – Hacker Tools: Hacking through screenshots πŸ‘©β€πŸ’»

EyeWitness is an incredibly tool that allows you to quickly get a feel for what assets to target first. We all know hundreds of content discovery tools that give us vast amounts of data, but do we ever focus on efficiently parsing all that data? How do you go through hundreds of endpoints? If you’re doing it manually, then be sure to read this article as EyeWitness may be of great help to you!

Continue reading Continue reading

How Artificial Intelligence is being used to match researchers with bug bounty programs

Every security researcher has their specialty, their range of bugs that they focus on or that they have spent the past years researching and perfecting. The greatest power of bug bounty comes into play when considering that all of these bright individuals with diverse skillsets can become a single superbrain when put together. At Intigriti, […]

Continue reading Continue reading

CRLFuzz – Hacker Tools: Injecting CRLF for bounties πŸ‘©β€πŸ’»

A CRLF injection is the injection of newlines in places where the server doesn’t expect newlines. This can cause a plethora of vulnerabilities including XSS, session fixation, cookie injection, open redirect, and much more! What are we waiting for? Let’s check out CRLFuzz, the tool that can help you! πŸ™‹β€β™‚οΈ What is CRLFuzz? CRLFuzz is […]

Continue reading Continue reading

Waybackurls – Hacker Tools: Time-traveling for bounties πŸ‘©β€πŸ’»

The past can tell stories, show things that should’ve never been uncovered and today we will be looking at that past. We can go hunt for subdomains, secret endpoints, tokens, and secrets, all with the help of Waybackurls. πŸ™‹β€β™‚οΈ What is Waybackurls? Waybackurls by @TomNomNom is a small utility written in Go that will fetch […]

Continue reading Continue reading

Dalfox – Hacker Tools: XSS Scanning Made Easy πŸ‘©β€πŸ’»

Finding XSS can sometimes be a repetitive and laborious task. Many attempts at automating the process have been made, yet very little actually come close to getting it right. Today, we’re covering Dalfox, a tool that did get it right. Let’s find some cross-site scripting vulnerabilities! πŸ™‹β€β™‚οΈ What is Dalfox? DalFox is a fast, powerful […]

Continue reading Continue reading