On any website we visit, we’re stuck in a net of security measures keeping us from doing whatever we want. Bug bounty programs give us a unique opportunity to attempt to slip through the tiny holes in that net. However, whilst being focused on fine-grained hunting, we can often lose sight of the bigger picture.
This week, we’re going to discover how Aquatone can help us with that! Are you ready to take a deep dive into this amazing tool?
As a bug bounty hunter, your laptop is your kitchen, your tools are your utensils and you are the chef cooking up some beautiful bugs, but every great cook needs a sous-chef and CyberChef was made to do just that. This week we will be taking a deep dive into CyberChef and everything it has […]
Summer is at our doorstep, the weather is getting better and the Intigriti team is ready to help you once again. This week, we will go over Gobuster, a well-known tool amongst researchers for mainly brute-forcing directories. But that’s not all the tool can do. It has multiple options what makes it a perfect all-in-one […]
Welcome to our wonderful “Hacker tools” series. If you have mastered all our previous articles, you must have submitted a valid report by now. If not, check out this week’s tool. XSStrike is a Cross-Site Scripting detection framework written by s0md3v. Yes, you are correct, the same developer of Arjun. XSStrike is written in Python3 […]
Nice weather, lots of new programs on Intigriti, and another tool to discover. This week we will look at a tool created by one of Intigriti’s top researchers. Like Honoki, you probably faced the overwhelming information coming in when doing recon. BBRF will help to organize your findings in a centralized way. BBRF or Bug […]
It’s a new week and we have a new tool. This week we will review Nmap, the port scanner of choice for every security researcher. In this article, we will discuss some of the less known features of Nmap. Read on to know more. Nmap is an open-source network mapper that uses various techniques to […]
Welcome to our hacker tools series. In the past weeks, we discussed some useful tools to help you with your bug bounty career. This week we will discuss Amass, the well-known subdomain discovery tool. Amass is a tool that uses passive and active information gathering techniques to compile a nice list of an organization’s externally […]
Welcome back to our hacker tools series. This week we will discuss SQLMap, a python based open-source tool to detect and exploit SQL injection flaws. It can automate your SQLi tests in a fast and easy way, but you still need to know what you are doing to make full use of the tool, so […]
Time is money, and certainly when it comes to bug bounty! Good tools can help you find bugs before others do – but only if you know how to properly use them.Today, we are reviewing a parameter discovery tool called Arjun. Arjun is a command-line tool specifically designed to look for hidden HTTP parameters. Today’s […]
Time is money, and certainly when it comes to bug bounty! Good tools can help you find bugs before others do – but only if you know how to properly use them.We will be reviewing some of our favourite open-source tools and providing you with some tips and tricks on how to use them. Today […]