{"id":18402297,"url":"https://github.com/az0x7/recon-resource","last_synced_at":"2026-01-23T03:57:35.751Z","repository":{"id":154687674,"uuid":"632423494","full_name":"Az0x7/recon-resource","owner":"Az0x7","description":null,"archived":false,"fork":false,"pushed_at":"2023-04-25T12:59:17.000Z","size":14,"stargazers_count":101,"open_issues_count":0,"forks_count":17,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-04-12T18:43:25.506Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Az0x7.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-04-25T11:31:13.000Z","updated_at":"2025-04-02T09:45:00.000Z","dependencies_parsed_at":null,"dependency_job_id":"78bfd8df-6bfc-4df7-92f9-0b7f9d88636f","html_url":"https://github.com/Az0x7/recon-resource","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Az0x7/recon-resource","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Az0x7%2Frecon-resource","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Az0x7%2Frecon-resource/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Az0x7%2Frecon-resource/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Az0x7%2Frecon-resource/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Az0x7","download_url":"https://codeload.github.com/Az0x7/recon-resource/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Az0x7%2Frecon-resource/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28679486,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-23T03:51:37.438Z","status":"ssl_error","status_checked_at":"2026-01-23T03:51:13.517Z","response_time":59,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-06T02:42:06.544Z","updated_at":"2026-01-23T03:57:35.724Z","avatar_url":"https://github.com/Az0x7.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# recon-resource\nThis is all articles talk about how to do recon enjoy reading:\n- https://blog.projectdiscovery.io/reconnaissance-series-5-additional-active-reconnaissance/\n- https://twitter.com/ReconOne_bk/status/1642431028470874116?t=NSn9iile3U4Il4UiV9ai5Q\u0026s=08\n- https://www.offensity.com/en/blog/just-another-recon-guide-pentesters-and-bug-bounty-hunters/?ref=blog.projectdiscovery.io\n- https://bugbountyforum.com/tools/recon/\n- https://thecyberblogs.com/the-bug-hunters-methodology-v4-recon-tbhmv4/\n- https://eslam3kl.gitbook.io/blog/recon-automation-tips-and-tricks/simple-recon-methodology\n\n- https://shahjerry33.medium.com/github-recon-its-really-deep-6553d6dfbb1f\n- https://orwaatyat.medium.com/\n- https://web.archive.org/web/20221209143311/https://twitter.com/GodfatherOrwa\n- https://doepichack.com/category/tips/\n- https://blog.intigriti.com/2023/01/18/bug-bytes-190-bbtips-attacking-wide-scopes-aws-and-containers/?utm_source=newsletter\u0026utm_medium=email\u0026utm_campaign=bug_bytes_190_bbtips_attacking_wide_scopes_aws_and_containers\u0026utm_term=2023-01-18\n- https://portswigger.net/research/top-10-web-hacking-techniques-of-2022-nominations-open\n- https://m0chan.github.io/2019/12/17/Bug-Bounty-Cheetsheet.html\n- https://eforensicsmag.com/bug-bounty-methodology-ttp-tacticstechniques-and-procedures-v-2-0/\n- [How To Attack Admin Panels Successfully Part 2](https://medium.com/geekculture/how-to-attack-admin-panels-successfully-part-2-9316c3caad3a)\n-   [Open redirects : bug bounties](https://falkensmaze.medium.com/open-redirects-bug-bounties-28efffb635c?source=rss------bug_bounty-5)\n-   [Seven Common Ways To Bypass Login Page](https://medium.com/@uttamgupta_/seven-common-ways-to-bypass-login-page-a023d9dd073c?source=rss------bug_bounty-5)\n-   [Unlock the boundless possibilities of ChatGPT: Hunt down pesky bugs and enjoy seamless automation!](https://hunkyhack3r.medium.com/unlock-the-boundless-possibilities-of-chatgpt-hunt-down-pesky-bugs-and-enjoy-seamless-automation-21ecfdf472cd?source=rss------bug_bounty-5)\n-   [Broken Access Control: What I have learned](https://juliosergiofs.medium.com/broken-access-control-what-i-have-learned-1223874179cd?source=rss------bug_bounty-5)\n-   [Bug Hunting 101: Parameter Injection Vulnerabilities](https://grahamzemel.medium.com/bug-hunting-101-parameter-injection-vulnerabilities-bedab284b4d9?source=rss------bug_bounty-5)\n-   [JWT Security 101: How to defend against common attacks on JSON Web Tokens](https://medium.com/@mk2011sharma/jwt-security-101-how-to-defend-against-common-attacks-on-json-web-tokens-632fa09d8887?source=rss------bug_bounty-5)\n-  https://medium.com/@TheUnwearyPentester/brute-force-attacks-cheat-sheet-ftp-pop3-snmp-ssh-vnc-f8f37cfe4ec?source=rss------bug_bounty-5\n-   https://infosecwriteups.com/clear-communication-is-crucial-why-writing-effective-vulnerability-reports-matters-5f989ee2e401?source=rss----7b722bfd1b8d---4\n-   https://sl4x0.medium.com/all-about-business-logic-bugs-803fa0df9eb4?source=rss------bug_bounty-5\n-  https://adamjsturge.medium.com/easy-xsshunter-express-setup-script-d5a66039f7b6?source=rss------bug_bounty-5\n-   https://thegrayarea.tech/bug-hunting-101-directory-enumeration-authentication-bypass-1b92b3c87ef9?source=rss------bug_bounty-5\n-  https://infosecwriteups.com/kerberos-authentication-again-but-better-badb5dc88b2d?source=rss----7b722bfd1b8d---4\n-   https://infosecwriteups.com/bypass-mysql-real-escape-string-and-addslashes-from-injection-attacks-6e64508e011b?source=rss----7b722bfd1b8d---4\n-   https://infosecwriteups.com/domain-name-system-0x1-dns-101-cb0aba088abb?source=rss----7b722bfd1b8d---4\n-  https://infosecwriteups.com/the-toddlers-introduction-to-dynamic-memory-allocation-300f312cd2db?source=rss----7b722bfd1b8d---4\n-   https://web3datadegens.substack.com/p/2023-guide-to-web3-data-tools\n-   https://jakewnuk.com/posts/optimizing-wordlists-w-masks/\n-   https://infosecwriteups.com/how-i-found-aws-api-keys-using-trufflehog-and-validated-them-using-enumerate-iam-tool-cd6ba7c86d09?source=rss----7b722bfd1b8d---4\n- https://rashahacks.com/how-i-pwned-10-admin-panels-and-rewarded-8000/\n- https://pentester.land/blog/subdomains-enumeration-cheatsheet/\n- https://github.com/supr4s/VPS-web-hacking-tools\n- https://github.com/0xJin/awesome-bugbounty-builder\n- https://reconshell.com/bug-bounty-tips/\n- https://reconshell.com/bug-bounty-resources/\n- https://0xffsec.com/handbook/information-gathering/subdomain-enumeration/\n- https://lazyhacker.medium.com/subdomain-enumeration-tec-276da39d7e69\n- https://reconshell.com/web-attack-cheat-sheet/\n- https://techvomit.net/web-application-penetration-testing-notes/\n- https://edoverflow.com/2017/lightweight-reconnaissance-setup/\n- https://blog.securitybreached.org/2017/11/25/guide-to-basic-recon-for-bugbounty/\n- https://github.com/zapstiko/Bug-Bounty\n- https://highon.coffee/blog/password-reset-security-testing-cheat-sheet/\n- https://github.com/Mostafa-Elguerdawi/Automation_Bug_Hunting/tree/main/Automation\n- https://www.infosecmatter.com/bug-bounty-tips/\n- https://inonst.medium.com/31-tips-advanced-bug-bounty-pentesting-8ecec2aafffe\n- https://cheatsheet.haax.fr/web-pentest/bug_bounty_tips/\n- https://www.pinterest.com/thehackerish/bug-bounty/\n- https://www.offensity.com/en/blog/just-another-recon-guide-pentesters-and-bug-bounty-hunters/\n- https://github.com/topics/bugbountytips\n- https://mavericknerd.github.io/knowledgebase/BugBountyRecon/\n- https://shubs.io/so-you-want-to-get-into-bug-bounties/\n- https://rattibha.com/thread/1590657312280436738?lang=ar\n- https://www.offensity.com/en/blog/just-another-recon-guide-pentesters-and-bug-bounty-hunters/\n-   [A few dorks to find common bugs while testing](https://twitter.com/ADITYASHENDE17/status/1613423367448821762?s=20)\n-   [OWA tip](https://twitter.com/irsdl/status/1613702363587436547?s=20)\n-   [Top 10 web hacking techniques of 2022 voting](https://portswigger.net/polls/top-10-web-hacking-techniques-2022)\n-   [TodayIsNew Interview with his tips](https://twitter.com/Bugcrowd/status/1612874185465892865)\n-   [Recon management tips by Jason Haddix](https://twitter.com/Jhaddix/status/1615453280015982593?s=20)\n-   [PHP info page pays out $5k](https://twitter.com/SaraBadran18/status/1615347898392117249?s=20)\n-   [Custom wordlists tip](https://twitter.com/dsopas/status/1613886178524106756?s=20)\n-   [SQL injection payloads](https://twitter.com/nav1n0x/status/1613225462154596375?s=20)\n- https://reconshell.com/bug-bounty-tips/\n- https://blog.yeswehack.com/yeswerhackers/parameter-discovery-quick-guide-to-start/\n- https://yogosha.com/blog/bug-bounty-practical-guide-for-organizations/\n- https://www.cyberick.com/post/recon-automation-tips-bug-bounty\n- https://www.bugbountyclub.com/tips\n- https://infosecsanyam.medium.com/web-application-security-bug-bounty-methodology-reconnaissance-vulnerabilities-reporting-635073cddcf2\n- https://agent472458.medium.com/my-recon-tools-and-methodology-17abf8080f3c\n- https://infosecwriteups.com/recon-everything-48aafbb8987\n- https://infosecwriteups.com/bug-hunting-journey-of-2021-1fa60b28d949\n- https://apexvicky.medium.com/bug-bounty-methodology-horizontal-enumeration-89f7cd172e6e\n- https://medium.com/@ehsahil/recon-my-way-82b7e5f62e21\n- https://fyrmassociates.com/blog/2019/03/01/advanced-recon-part1/\n- https://www.bugbountyhunter.com/articles/?on=Advanced_Recon\n- https://m0chan.github.io/2019/12/17/Bug-Bounty-Cheetsheet.html\n- https://community.turgensec.com/shodan-pentesting-guide/\n- https://seqred.pl/en/shodan-improved/\n- https://docs.servicenow.com/pt-BR/bundle/sandiego-security-management/page/product/secops-integration-vr/shodan/concept/shodan-exploit-vuln-integration.html\n- https://pentester.land/blog/levelup-2018-the-bug-hunters-methodology-v3/\n- https://0x00sec.org/t/using-search-engines-for-fun-and-bounties/23832\n- https://null-byte.wonderhowto.com/how-to/hack-like-pro-find-vulnerable-targets-using-shodan-the-worlds-most-dangerous-search-engine-0154576/\n- https://securitytrails.com/blog/hacker-search-engines\n- https://null-byte.wonderhowto.com/how-to/hack-like-pro-reconnaissance-with-recon-ng-part-1-getting-started-0169854/\n- https://infosecwriteups.com/guide-to-basic-recon-bug-bounties-recon-728c5242a115\n- https://blog.usejournal.com/how-recon-helped-samsung-protect-their-production-repositories-of-samsungtv-ecommerce-estores-4c51d6ec4fdd\n- https://blog.zsec.uk/ltr101-method-to-madness/\n- https://github.com/bugcrowd/bugcrowd_university/blob/master/Recon%20and%20Discovery/Bugcrowd%20University%20-%20Recon%20%26%20Discovery.pdf\n- https://medium.com/@maverickNerd/recon-everything-48aafbb8987\n- https://mavericknerd.github.io/knowledgebase/\n- https://blog.detectify.com/2020/01/07/guest-blog-streaak-my-recon-techniques-from-2019/\n- https://medium.com/@europa_/recoinnassance-7840824b9ef2\n- https://medium.com/@ehsahil/recon-my-way-82b7e5f62e21\n- https://medium.com/bugbountywriteup/whats-tools-i-use-for-my-recon-during-bugbounty-ec25f7f12e6d\n- https://bugbountytuts.files.wordpress.com/2018/02/dirty-recon.pdf\n- https://blog.usejournal.com/web-application-security-bug-bounty-methodology-reconnaissance-vulnerabilities-reporting-635073cddcf2\n- http://imsoley.tk/mofb/\n- https://blog.detectify.com/2019/01/29/hacking-isnt-an-exact-science/\n- https://docs.google.com/presentation/d/1xgvEScGZ_ukNY0rmfKz1JN0sn-CgZY_rTp2B_SZvijk/edit#slide=id.g3fc0937313_1_68\n- https://sylarsec.com/2019/01/11/100-ways-to-discover-part-1/\n- https://captmeelo.com/bugbounty/2019/09/02/asset-enumeration.html\n- https://medium.com/@shahjerry33/recon-my-way-or-high-way-58a18dab5c95\n- https://medium.com/@smhtahsin33/recon-one-step-advanced-with-otx-8827119566fd\n- https://eslam3kl.medium.com/simple-recon-methodology-920f5c5936d4\n- https://systemweakness.com/ultimate-manual-bug-bounty-recon-guide-f30c900367c8\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faz0x7%2Frecon-resource","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faz0x7%2Frecon-resource","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faz0x7%2Frecon-resource/lists"}