Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/hackerscrolls/SecurityTips


https://github.com/hackerscrolls/SecurityTips

Last synced: 21 days ago
JSON representation

Awesome Lists containing this project

README 

        
# SecurityTips 



This repo contains full collection of HackerScrolls tips.



Socials: 












- **[Burp Suite](https://github.com/hackerscrolls/SecurityTips/tree/master/BurpSuite)**

  - [Bruteforce Basic Auth](https://github.com/hackerscrolls/SecurityTips/blob/master/BurpSuite/Basic_Auth_BruteForce.png)

  - [Effective Search](https://github.com/hackerscrolls/SecurityTips/blob/master/BurpSuite/Effective_Search_In_Burp.png)

  - [Intruder Server Response time](https://github.com/hackerscrolls/SecurityTips/blob/master/BurpSuite/Intruder_Server_Response_Time.png)

  - [Match Replace: Hidden Elements](https://github.com/hackerscrolls/SecurityTips/blob/master/BurpSuite/Proxy_Show_Hidden_Match_Replace_1.png)

  - [Match Replace: Hidden Interface](https://github.com/hackerscrolls/SecurityTips/blob/master/BurpSuite/Proxy_Show_Hidden_Match_Replace_2.png)

  - [Match Replace: IDORs](https://github.com/hackerscrolls/SecurityTips/blob/master/BurpSuite/Proxy_Show_Hidden_Match_Replace_3.png)

  - [Show All HTML Comments](https://github.com/hackerscrolls/SecurityTips/blob/master/BurpSuite/Target_Show_All_HTML_Comments.png)

- **[Mindmaps](https://github.com/hackerscrolls/SecurityTips/tree/master/MindMaps)**

  - [Testing 2FA](https://github.com/hackerscrolls/SecurityTips/blob/master/MindMaps/2FA_bugs.png)

  - [Testing OAuth](https://github.com/hackerscrolls/SecurityTips/blob/master/MindMaps/OAuth_bugs.png)

  - [Testing SSRF](https://github.com/hackerscrolls/SecurityTips/blob/master/MindMaps/SSRF.png)

  - [Testing file upload](https://github.com/hackerscrolls/SecurityTips/blob/master/MindMaps/File_upload_bugs.png)

  - [iOS Security](https://github.com/hackerscrolls/SecurityTips/blob/master/MindMaps/iOS_Security.jpg)

  - [iOS for Bug Bounty](https://github.com/hackerscrolls/SecurityTips/blob/master/MindMaps/iOS_for_BugBounty.jpg)

- **[Misc](https://github.com/hackerscrolls/SecurityTips/tree/master/Misc)**

  - [Multiple Firefox Accounts for Testing Roles](https://github.com/hackerscrolls/SecurityTips/tree/master/Misc/Multiple_Firefox_Accounts.jpg)

  - [6 One Line Simple Servers](https://github.com/hackerscrolls/SecurityTips/tree/master/Misc/One_Line_Simple_Servers.jpg)

  - [Remove Noisy Firefox Telemetry](https://github.com/hackerscrolls/SecurityTips/tree/master/Misc/Remove_Firefox_Telemetry.jpg)

- **[Mobile](https://github.com/hackerscrolls/SecurityTips/tree/master/Mobile)**

  - [4 Ways to MiTM Android App](https://github.com/hackerscrolls/SecurityTips/tree/master/Mobile/Mitm/MiTM_Android_App_4_Ways.png)

  - [MiTM Android via DNS](https://github.com/hackerscrolls/SecurityTips/tree/master/Mobile/Mitm/MiTM_Android_App_DNS.png)

  - [MiTM Android via IPTABLES](https://github.com/hackerscrolls/SecurityTips/tree/master/Mobile/Mitm/MiTM_Android_App_IPTABLES.png)

  - [SSL Unpinning Trick](https://github.com/hackerscrolls/SecurityTips/tree/master/Mobile/Mitm/SSL_Unpinning_Case.png)

  - [Suitable Android Versions](https://github.com/hackerscrolls/SecurityTips/tree/master/Mobile/Android_Versions.png)

  - [4 Ways to Extract APK](https://github.com/hackerscrolls/SecurityTips/tree/master/Mobile/How_To_Extract_APK.png)

  - [Exported Activities Tricks](https://github.com/hackerscrolls/SecurityTips/tree/master/Mobile/Сheck_Exported_Activities.jpg)

- **[Passwords](https://github.com/hackerscrolls/SecurityTips/tree/master/Passwords)**

  - [Password Spraying](https://github.com/hackerscrolls/SecurityTips/tree/master/Passwords/Password_Spraying.jpg)

  - [Password Dictionaries - Weakpass](https://github.com/hackerscrolls/SecurityTips/tree/master/Passwords/Passwords_Weakpass.jpg)

- **[Red Team and Penetration Testing](https://github.com/hackerscrolls/SecurityTips/tree/master/Pentest.Redteam)**

  - [Cisco Smart Install](https://github.com/hackerscrolls/SecurityTips/tree/master/Pentest.Redteam/Cisco_Smart_Install.jpg)

  - [Gateway Finder](https://github.com/hackerscrolls/SecurityTips/tree/master/Pentest.Redteam/Gateway_Finder.jpg)

  - [Sniffing SSH Passwords with 3Snake](https://github.com/hackerscrolls/SecurityTips/tree/master/Pentest.Redteam/Sniffing_SSH_Passwords_3Snake.jpg)

  - [Tunneling TCP Over DNS](https://github.com/hackerscrolls/SecurityTips/tree/master/Pentest.Redteam/Tunneling_Over_DNS.jpg)

  - [SOCKS to the internal server - frp proxy](https://github.com/hackerscrolls/SecurityTips/tree/master/Pentest.Redteam/Socks_to_internal_network_Frp_Proxy.png)

- **[Recon](https://github.com/hackerscrolls/SecurityTips/tree/master/Recon)**

  - [Dirsearch by Temp Extensions](https://github.com/hackerscrolls/SecurityTips/tree/master/Recon/Dirsearch_Like_A_Pro.jpg)

  - [Find IP Behind Cloud Firewall 1](https://github.com/hackerscrolls/SecurityTips/tree/master/Recon/Find_IP_behind_cloud_Firewall_1.png)

  - [Find IP Behind Cloud Firewall 2](https://github.com/hackerscrolls/SecurityTips/tree/master/Recon/Find_IP_behind_cloud_Firewall_2.png)

  - [Expanding Scope with bgp.he.net](https://github.com/hackerscrolls/SecurityTips/tree/master/Recon/Recon_BGP.HE.NET.jpg)

  - [Waybackurls](https://github.com/hackerscrolls/SecurityTips/tree/master/Recon/WayBackURLs.jpg)

- **[Web](https://github.com/hackerscrolls/SecurityTips/tree/master/Web)**

  - [CORS](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/CORS)

    - [Bypassing Allowed Domains List](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/CORS/Breaking_CORS_Bypass_Allow_List.jpg)

    - [Chrome Cache Trick](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/CORS/Breaking_CORS_Chrome_Cache.png)

    - [null Origin](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/CORS/Breaking_CORS_null_Origin.jpg)

  - [Common CSRF bypasses](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/CSRF/Common_CSRF_Bypasses.jpg)

  - [Monitor Changes in JS](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/JavaScript/Monitor_Changes_In_JS_1.jpg)

  - [Monitor Changes in JS](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/JavaScript/Monitor_Changes_In_JS_2.jpg)

  - [SameSite](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/Samesite)

    - [Samesite Bypass - Chrome 120 secs Trick](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/Samesite/Bypassing_Samesite_120_secs.jpg)

    - [SameSite Common Info](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/Samesite/Samesite_Common_Info.jpg)

    - [Different SameSite Cookies Behavior in Browsers](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/Samesite/Samesite_Different_Cookies_Behavior.jpg)

  - [Testing SQL Syntax in SQLFiddle](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/JavaScript/Samesite)

  - [WebSocket Hijacking](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/WebSockets/Websocket_Hijacking.jpg)

  - [XSS](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/XSS)

    - [Encoding JS in HTML Tags](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/XSS/Encodings_JS_XSS.jpg)

    - [Mutation points in HTML Tags](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/XSS/Mutation_Points_HTML_XSS.jpg)

    - [Upgrading Self XSS](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/XSS/Upgrading_Self_XSS.jpg)

  - [Bypassing 403 Restriction](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/Bypass_403_Top_4.jpg)

  - [Insecure Deserialization](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/Insecure_Deserialization.jpg)

  - [SSRF via PDF/Image Rendering](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/Rendrer_PDF_Generators_SSRF.jpg)

  - [Mass Assignment and Autobinding](https://github.com/hackerscrolls/SecurityTips/tree/master/Web/Mass_Assignment.png)