Cheatsheets

https://book.hacktricks.xyz/generic-methodologies-and-resources/external-recon-methodology

https://book.hacktricks.xyz/generic-methodologies-and-resources/brute-force

https://book.hacktricks.xyz/pentesting-web/web-vulnerabilities-methodology

https://www.infosecmatter.com/bug-bounty-tips/

https://github.com/CyberSecurityUP/eWPT-Preparation

https://raw.githubusercontent.com/cyprosecurity/API-SecurityEmpire/main/assets/API%20Pentesting%20Mindmap.png

https://portswigger.net/web-security/all-materials

https://infosecwriteups.com/bug-bounty-hunting-methodology-toolkit-tips-tricks-blogs-ef6542301c65

https://infosecsanyam.medium.com/bug-bounty-methodology-ttp-tactics-techniques-and-procedures-v-2-0-2ccd9d7eb2e2

https://drive.google.com/file/d/13dK9gQ_rfPxlSmqei-rFtQO7i5JH7bta/view eWPT notes

https://drive.google.com/file/d/19avvHUNnPlNebu_7tAZ42QHS50r8kXdS/view eWPTX notes

https://github.com/Neelakandan-A/BugBounty_CheatSheet

https://github.com/wpscanteam/wpscan/wiki/WordPress-Plugin-Security-Testing-Cheat-Sheet

https://github.com/imran-parray/Web-Sec-CheatSheet

https://github.com/ksanchezcld/Hacking_Cheat_Sheet

https://github.com/Bo0oM/WAF-bypass-Cheat-Sheet

https://github.com/Prodject/Offensive-Security-Cheatsheets

https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets

https://github.com/riramar/Web-Attack-Cheat-Sheet

https://github.com/coreb1t/awesome-pentest-cheat-sheets

https://github.com/NoorQureshi/kali-linux-cheatsheet

https://github.com/security-cheatsheet/reverse-shell-cheatsheet

https://blog.intigriti.com/hackademy/

https://owasp.org/www-community/vulnerabilities/

https://www.veracode.com/security

https://uppusaikiran.github.io/hacking/Capture-the-Flag-CheatSheet/

https://owasp.org/www-project-web-security-testing-guide/

https://github.com/KingOfBugbounty/KingOfBugBountyTips

https://reconshell.com/king-of-bug-bounty/

https://github.com/CyberSecurityUP/HunterX

https://book.hacktricks.xyz/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass

https://gowthams.gitbook.io/bughunter-handbook/

https://github.com/dwisiswant0/awesome-oneliner-bugbounty

https://l33t-en0ugh.gitbook.io/infosec/bug-bounty

https://l33t-en0ugh.gitbook.io/infosec/bug-bounty/automation-and-tools-usage

https://l33t-en0ugh.gitbook.io/infosec/api-hunting-methodology

https://l33t-en0ugh.gitbook.io/infosec/web-exploitation/attacking-json-web-token

https://github.com/Ignitetechnologies/Web-Application-Cheatsheet

https://github.com/aufzayed/bugbounty

https://github.com/hAPI-hacker/Hacking-APIs

https://www.webhackingtips.com/

https://github.com/OWASP/CheatSheetSeries

https://github.com/vitalysim/Awesome-Hacking-Resources

https://github.com/The-Art-of-Hacking/h4cker

https://portswigger.net/web-security/websockets#intercepting-and-modifying-websocket-messages

https://book.hacktricks.xyz/pentesting-web/cross-site-websocket-hijacking-cswsh

https://brightsec.com/blog/websocket-security-top-vulnerabilities/

https://infosecwriteups.com/websocket-hijacking-to-steal-session-id-of-victim-users-bca84243830

https://github.com/KathanP19/HowToHunt

PreviousRemediationNextAPI Testing

Last updated