버그바운티에 대한 이해
https://www.youtube.com/watch?v=ZFAvflICiSQ&feature=youtu.be
공격유형별 실제 공격 버그바운티 사례 보고서 리스트
https://github.com/ngalongc/bug-bounty-reference
ngalongc/bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature - ngalongc/bug-bounty-reference
github.com
https://pentester.land/list-of-bug-bounty-writeups.html
List of bug bounty writeups
pentester.land
모든 웹 공격에 대한 페이로드 모음
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF - swisskyrepo/PayloadsAllTheThings
github.com
버그바운티에 사용되는 툴 및 설명
https://medium.com/bugbountywriteup/whats-tools-i-use-for-my-recon-during-bugbounty-ec25f7f12e6d
What tools I use for my recon during #BugBounty
Hi guys! This is my first article about Bug Bounty and I hope you will like it! I’m a bug hunter on YesWeHack and I think it’s cool to…
medium.com
https://bugbountyforum.com/tools/recon/
Bug Bounty Forum - tools - Recon
bugbountyforum.com
https://github.com/enaqx/awesome-pentest
enaqx/awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things - enaqx/awesome-pentest
github.com
버그바운티 방법론에 대한 설명
https://medium.com/bugbountywriteup/guide-to-basic-recon-bug-bounties-recon-728c5242a115
How To Do Your Reconnaissance Properly Before Chasing A Bug Bounty
Today I am writing about the love story between bug bounties & reconnaissance, but before I do I should say that i’m not much of an expert…
medium.com
웹 취약점 진단 하는법 정리
https://medium.com/ehsahil/recon-my-way-82b7e5f62e21
Recon — my way.
A detailed blog post on my reconnaissance processes for web applications security testing. I always wanted to write about this subject…
medium.com
공격 할 사이트에 대한 정보수집 방법
https://geekflare.com/find-subdomains/
How to find Subdomains of a Domain in Minutes?
Discovering subdomains of a domain is an essential part of hacking reconnaissance and thanks to following online tools which make the life easier. Having unsecured subdomain can lead to serious risk to your business, and lately, there were some security in
geekflare.com
https://0xpatrik.com/asset-discovery/
Asset Discovery: Doing Reconnaissance the Hard Way
Organizations often have no clue about what they are exposing to the Internet. The post presents a simple framework for doing black box reconnaissance that will reveal the company's public-facing services.
0xpatrik.com
버그바운티 입문용 실무형 워게임사이트
https://www.hackerfactory.co.kr
https://www.hackthissite.org
https://www.hellboundhackers.org/
이거는 하나씩 해보고 후기남길게요
'Security > BugBounty Study' 카테고리의 다른 글
| 버그바운티(Bug Bounty) Write-up / Stored XSS ($750) (0) | 2019.04.01 |
|---|---|
| 버그바운티(Bug Bounty) Write-up / SQL Injection ($4,500) (0) | 2019.03.31 |
| 버그바운티(Bug Bounty) Write-up / Reflected Cross site Scripting ($375) (0) | 2019.03.30 |
| 버그바운티(Bug Bounty) Write-up / DOM XSS in redirect param ($750) (0) | 2019.03.29 |
| 버그바운티(Bug Bounty) Write-up / SQL Injection ($2,000) (0) | 2019.03.28 |