Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.
Awesome Lists | Featured Topics | Projects
https://github.com/harsh-bothra/learn365

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
https://github.com/harsh-bothra/learn365
application-security bugbounty bugbountytips community infosec learning pentesting pentesting-tools vulnerabilities
Last synced: 13 days ago
JSON representation
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
Host: GitHub
URL: https://github.com/harsh-bothra/learn365
Owner: harsh-bothra
Created: 2021-01-01T18:25:30.000Z (almost 4 years ago)
Default Branch: main
Last Pushed: 2022-06-20T05:51:00.000Z (over 2 years ago)
Last Synced: 2024-10-15T09:05:40.821Z (about 2 months ago)
Topics: application-security, bugbounty, bugbountytips, community, infosec, learning, pentesting, pentesting-tools, vulnerabilities
Homepage:
Size: 3.25 MB
Stars: 1,588
Watchers: 112
Forks: 392
Open Issues: 7
Metadata Files:
- Readme: README.md
Awesome Lists containing this project

awesome-hacking-lists - harsh-bothra/learn365 - This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection. (Others)
README

        # Learn365

This repository contains all the information shared during my Learn 365 Challenge. Learn 365 is a challenge to keep the learning spirit going on and challenge myself to learn something daily for the whole year, it can be anything from infosec to general life. Follow me on Twitter for Regular Updates: [Harsh Bothra](https://twitter.com/harshbothra_). Huge thanks to [Mehedi Hasan Remon](https://twitter.com/remonsec), who originally created and maintained this repository. 

___

S.NO | Mind Map

--- | ---

**1** |  [2FA Bypass Techniques](https://t.co/HPi5ZP2SKG?amp=1)

**2** |  [Scope Based Recon](https://www.xmind.net/m/hKKexj/)

**3** |  [Cookie Based Authentication Vulnerabilities](http://www.xmind.net/m/2FwJ7D)

**4** |  [Unauthenticated JIRA CVEs](https://raw.githubusercontent.com/harsh-bothra/learn365/main/MindMaps/JIRA_CVEs.png)

**5** |  [Android Application Penetration Testing Checklist](https://www.xmind.net/m/GkgaYH/)

___

Day | Topic

--- | ---

**1** |  [2FA Bypass Techniques](/days/day1.md)

**2** | [Regular Expression Denial Of Service](/days/day2.md)

**3** | [SAML Vulnerabilities](/days/day3.md)

**4** | [Unauthenticated & Exploitable JIRA Vulnerabilities ](/days/day4.md)

**5** | [Client-Side Template Injection(CSTI)](/days/day5.md)

**6** | [Cross-Site Leaks (XS-Leaks)](/days/day6.md)

**7** | [Cross-Site Script Includes (XSSI)](/days/day7.md)

**8** | [JSON Padding Attacks](/days/day8.md)

**9** | [JSON Attacks](/days/day9.md)

**10** | [Abusing Hop-by-Hop Headers](/days/day10.md)

**11** | [Cache Poisoned Denial of Service (CPDos)](/days/day11.md)

**12** | [Unicode Normalization](/days/day12.md)

**13** | [WebSocket Vulns (Part-1)](/days/day13.md)

**14** | [WebSocket Vulns (Part-2)](/days/day14.md)

**15** | [WebSocket Vulns (Part-3)](/days/day15.md)

**16** | [Web Cache Deception Attack](/days/day16.md)

**17** | [Session Puzzling Attack](/days/day17.md)

**18** | [Mass Assignment Attack](/days/day18.md)

**19** | [HTTP Parameter Pollution](/days/day19.md)

**20** | [GraphQL Series (Part-1)](/days/day20.md)

**21** | [GraphQL Vulnerabilities (Part-2)](/days/day21.md)

**22** | [GraphQL WrapUp (Part-3)](/days/day22.md)

**23** | [Password Reset Token Issues](/days/day23.md)

**24** | [My previous works](/days/day24.md)

**25** | [Salesforce Security Misconfiguration (Part-1)](/days/day25.md)

**26** | [Salesforce Security Misconfiguration (Part-2))](/days/day26.md)

**27** | [Salesforce Configuration Review (Wrap)](/days/day27.md)

**28** | [Common Business Logic Issues: Part-1](/days/day28.md)

**29** | [Common Business Logic Issues (Part-2)](/days/day29.md)

**30** | [Common Business Logic Issues (Wrap)](/days/day30.md)

**31** | [Captcha Bypass Techniques](/days/day31.md)

**32** | [Pentesting Kibana Service](/days/day32.md)

**33** | [Pentesting Docker Registry](/days/day33.md)

**34** | [HTML Scriptless Attacks / Dangling Markup Attacks (Part - 1)](/days/day34.md)

**35** | [HTML Scriptless Attacks / Dangling Markup Attacks (Wrap)](/days/day35.md)

**36** | [Pentesting Rsync Service](/days/day36.md)

**37** | [CRLF Injection](/days/day37.md)

**38** | [Pentesting FTP Service](/days/day38.md)

**39** | [OpenID Connect Implementation Issues](/days/day39.md)

**40** | [Cookie Based Authentication Vulnerabilities](/days/day40.md)

**41** | [Cobalt Vulnerability Wiki - Resource](/days/day41.md)

**42** | [Race Conditions](/days/day42.md)

**43** | [SMTP Open Relay Attack](/days/day43.md)

**44** | [Pentesting BACNet](/days/day44.md)

**45** | [API Security Tips](/days/day45.md)

**46** | [Pentesting SSH - Talk](/days/day46.md)

**47** | [CORS Misconfiguration](/days/day47.md)

**48** | [Incomplete Trailing Escape Pattern Issue](/days/day48.md)

**49** | [Pivoting & Exploitation in Docker Environments - Talk](/days/day49.md)

**50** | [Detect Complex Code Patterns using Semantic grep - Talk](/days/day50.md)

**51** | [Student Roadmap to Become a Pentester - Talk](/days/day51.md)

**52** | [Hacking How-To Series - Playlist](/days/day52.md)

**53** | [JS Prototype Pollution](/days/day53.md)

**54** | [JSON Deserialization Attacks](/days/day54.md)

**55** | [Android App Dynamic Analysis using House](/days/day55.md)

**56** | [Testing IIS Servers](/days/day56.md)

**57** | [Secure Code Review - Talk](/days/day57.md)

**58** | [JSON Interoperability Vulnerabilities - Research Blog](/days/day58.md)

**59** | [HTTP Desync Attacks - Talk](/days/day59.md)

**60** | [XSLT Injection](/days/day60.md)

**61** | [Bypassing AWS Policies - Talk](/days/day61.md)

**62** | [Source Code Review Guidelines - Resource](/days/day62.md)

**63** | [All of the Threats: Intelligence, Modelling and Hunting - Talk](/days/day63.md)

**64** | [Hidden Property Abuse (HPA) attack in Node.js - Talk](/days/day64.md)

**65** | [HTTP Request Smuggling in 2020 - Talk](/days/day65.md)

**66** | [Dependecy Confusion Attack - Blog](/days/day66.md)

**67** | [Format String Vulnerabilities - Webinar](/days/day67.md)

**68** | [Mobile Application Dynamic Analysis - Webinar](/days/day68.md)

**69** | [Insecure Deserialization - Talk](/days/day69.md)

**70** | [Web Cache Entanglement - Talk + Blog](/days/day70.md)

**71** | [OWASP AMASS - Bootcamp](/days/day71.md)

**72** | [Offensive Javascript Techniques for Red Teamers](/days/day72.md)

**73** | [Basic CMD for Pentesters - Cheatsheet](/days/day73.md)

**74** | [Investigating and Defending Office 365 - Talk](/days/day74.md)

**75** | [WinjaCTF 2021 Solutions - Blog](/days/day75.md)

**76** | [Kubernetes Security: Attacking and Defending K8s Clusters - Talk](/days/day76.md)

**77** | [AWS Cloud Security - Resources](/days/day77.md)

**78** | [WAF Evasion Techniques - Blog](/days/day78.md)

**79** | [File Inclusion - All-in-One](/days/day79.md)

**80** | [DockerENT Insights - Tool Demo Talk](/days/day80.md)

**81** | [ImageMagick - Shell injection via PDF password : Research Blog](/days/day81.md)

**82** | [Offensive GraphQL API Pentesting - Talk](/days/day82.md)

**83** | [Bug Bounties with Bash - Talk](/days/day83.md)

**84** | [Chrome Extensions Code Review - Talk](/days/day84.md)

**85** | [Server-Side Template Injection - Talk](/days/day85.md)

**86** | [Exploiting GraphQL - Blog](/days/day86.md)

**87** | [Exploiting Email Systems - Talk](/days/day87.md)

**88** | [Hacking with DevTools - Tutorial](/days/day88.md)

**89** | [Common Android Application Vulnerabilities - Talk](/days/day89.md)

**90** | [SAML XML Injection - Research Blog](/days/day90.md)

**91** | [Finding Access Control & Authorization Issues with Burp - Blogs](/days/day91.md)

**92** | [OAuth 2.0 Misimplementation, Vulnerabilities, and Best Practices - Talk](/days/day92.md)

**93** | [JWT Attacks - Talk](/days/day93.md)

**94-102** | [Random Readings](/days/day94_102.md)

**103** | [Attacking Ruby on Rails Applications - Whitepaper](/days/day103.md)

**104** | [Pentesting a Chrome Extension: Real Life Case Study - Blog](/days/day104.md)

**105** | [XXE Simplified - Blog](/days/day105.md)

**106** | [Web Hacking Pro Tips #9 with @zseano - Talk](/days/day106.md)

**107** | [JS Prototype Pollution - Blog](/days/day107.md)

**108** | [XSS via GraphQL Endpoint - Blog](/days/day108.md)

**109** | [WS-2016-7107: CSRF tokens in Spring and the BREACH attack - Blog](/days/day109.md)

**110** | [AWS SSRF Metadata Leakage - Blog](/days/day110.md)

**111** | [Burp Suite Extension Development - Blog](/days/day111.md)

**112-115** | [Random Readings](/days/day112_115.md)

**116** | [Hacking OAuth Apps Pt-1 - Tutorial](/days/day116.md)

**117** | [Portable Data exFiltration: XSS for PDFs - Blog](/days/day117.md)

**118** | [PoC code and a case study on Task Hijacking in Android explaining how and why it works. (aka StrandHogg) - Blog](/days/day118.md)

**119** | [OAuth - Flawed CSRF Protection - Tutorial](/days/day119.md)

**120** | [Hacking Electron Apps with Electronegativity - Talk](/days/day120.md)

**121** | [Awesome ElectronJS Hacking Resources](/days/day121.md)

**122** | [Pentesting Blockchain Solutions - Tutorial](/days/day122.md)

**123-124** | [Random Readings](/days/day123_124.md)

**125** | [Oversized XML Attack - Wiki](/days/day125.md)

**126** | [XML Complexity Attack in Soap Header - Wiki](/days/day126.md)

**127** | [Web Service Attacks [Remaining] - Wiki](/days/day127.md)

**128** | [Domain Hijacking Via Logic Error - Gandi And Route 53 Vulnerability - Blog](/days/day128.md)

**129** | [Automating Recon with Axiom - Talk](/days/day129.md)

**130** | [Testing Extensions in Chromium Browsers - Blog](/days/day130.md)

**131** | [iOS Pentesting Series Pt. - 1 - Tutorial](/days/day131.md)

**132** | [DNS Based Out of Band Blind SQL injection in Oracle — Dumping data - Blog](/days/day132.md)

**133** | [GitDorker Talk - Talk](/days/day133.md)

**134** | [Mobisec 2020 Slides - Slides & Videos](/days/day134.md)

**135** | [Web App Pentesting in Angular Context - Blog](/days/day135.md)

**136** | [RCE in Homebrew - Blog](/days/day136.md)

**137** | [WordPress Plugin Security Testing Cheat Sheet - Wiki](/days/day137.md)

**138** | [JavaScript prototype pollution: practice of finding and exploitation - Blog](/days/day138.md)

**139** | [HowTo: intercept mutually-authenticated TLS communications of a Java thick client - Blog](/days/day139.md)

**140** | [UBERNETES NAMESPACES ISOLATION - WHAT IT IS, WHAT IT ISN'T, LIFE, UNIVERSE AND EVERYTHING - Blog](/days/day140.md)

**141** | [Frag Attacks - Wiki](/days/day141.md)

**142** | [Free Automated Recon Using GH Actions - Talk](/days/day142.md)

**143** | [DAY[0] Episode 66 - BlackHat USA, Pre-Auth RCEs, and JSON Smuggling - Talk](/days/day143.md)

**144** | [Bug hunter adventures - Talk](/days/day144.md)

**145** | [Static Analysis of Client-Side JS Code - Blog](/days/day145.md)

**146** | [Method Confusion In Go SSTIs Lead To File Read And RCE - Blog](/days/day146.md)

**147** | [Finding and Exploiting Unintended Functionality in Main Web App APIs - Blog](/days/day147.md)

**148** | [SecuriTEA & Crumpets - Episode 6 - Gareth Heyes - Hackvertor - Talk](/days/day148.md)

**149** | [GraphQL CSRF - Blog](/days/day149.md)

**150** | [Deep dive into ART(Android Runtime) for dynamic binary analysis - Talk](/days/day150.md)

**151** | [13 Nagios Vulnerabilities - Blog](/days/day151.md)

**152** | [Frida Scripting Guide - Blog](/days/day152.md)

**153** | [Android Exported Activities and how to exploit them - Talk](/days/day153.md)

**154** | [XXE-scape through the front door: circumventing the firewall with HTTP request smuggling - Blog](/days/day154.md)

**155** | [Turning Blind RCE into Good RCE via DNS Exfiltration using Collabfiltrator - Blog](/days/day155.md)

**156** | [XSS in AWS Console - Blog](/days/day156.md)

**157** | [Adventures into HTTP2 and HTTP3 - Blog](/days/day157.md)

**158** | [AppCache's forgotten tales - Blog](/days/day158.md)

**159** | [CVE-2021-33564 Argument Injection in Ruby Dragonfly - Blog](/days/day159.md)

**160** | [DevSecOps 100 - Introductory Couse [Free] - Course](/days/day160.md)

**161** | [Unexpected Execution: Wild Ways Code Execution can Occur in Python - Talk](/days/day161.md)

**162** | [Retrieving AWS security credentials from the AWS console - Blog](/days/day162.md)

**163** | [Object Injection to SQL Injection & NoSql Injection Cheatsheet - Blog](/days/day163.md)

**164** | [HTTP Parameter Pollution - Blog](/days/day164.md)

**165** | [XXE Workshop - Labs](/days/day165.md)

**166** | [How to Analyze Code for Vulnerabilities - Talk](/days/day166.md)

**167** | [Testing 2FA - Blog](/days/day167.md)

**168** | [Your E-Mail Validation Logic is Wrong - Blog](/days/day168.md)

**169** | [Active Scanning Techniques - Blog](/days/day169.md)

**170** | [Bypassing 2FA using OpenId Misconfiguration - Blog](/days/day170.md)

**171** | [Security Shorts - Talk](/days/day171.md)

**172** | [The JavaScript Bridge in Modern Desktop Applications - Blog](/days/day172.md)

**173** | [Advanced Web Application Penetration Testing JWT Security Issues - Blog](/days/day173.md)

**174** | [Quick Analysis for the SSID Format String Bug - Blog](/days/day174.md)

**175** | [Live GitLab Ask a Hacker with Bug Bounty Hunter (vakzz) William Bowling (Public) - Talk](/days/day175.md)

**176** | [ iOS App Testing Through Burp on Corellium - blog](/days/day176.md)

**177** | [Blind XSS: setup your self-hosted XSS Hunter with the PwnMachine - Blog](/days/day177.md)

**178** | [Attacking GraphQL's Autocorrect - Blog](/days/day178.md)

**179** | [Apex Security Whitepaper - Paper + Labs](/days/day179.md)

**180** | [Django SSTI - Blog](/days/day180.md)

**181** | [Pen-Testing Salesforce SAAS Application - Blog](/days/day181.md)

**182** | [How to solve an XSS challenge from Intigriti in under 60 minutes - Blog](/days/day182.md)

**183** | [How to get the max out of an IDOR? - Blog](/days/day183.md)

**184** | [Pre-auth RCE in ForgeRock OpenAM (CVE-2021-35464) - Blog](/days/day184.md)

**185** | [Some ways to find more IDOR - Blog](/days/day185.md)

**186** | [A supply-chain breach: Taking over an Atlassian account - Blog](/days/day186.md)

**187** | [alert() is dead, long live print() - Blog](/days/day187.md)

**188** | [Hacker Heroes #3 - @TomNomNom (Interview) - Talk](/days/day188.md)

**189** | [SSRF in ColdFusion/CFML Tags and Functions - Blog](/days/day189.md)

**190** | [$25,000 Facebook postMessage account takeover vulnerability - Video](/days/day190.md)

**191** | [Pentester Diaries Ep6: The Importance of Report Writing - Talk](/days/day191.md)

**192** | [Introduction to Web Cache Poisoning - Blog](/days/day192.md)

**193** | [Intercepting Flutter iOS Application - Blog](/days/day193.md)

**194** | [Credential stuffing in Bug bounty hunting - Blog](/days/day194.md)

**195** | [What is a Browser Security Sandbox?! (Learn to Hack Firefox) - Video](/days/day195.md)

**196** | [WILSON Cloud Respwnder - Blog](/days/day196.md)

**197** | [$20,000 RCE in GitLab via 0day in exiftool metadata processing library CVE-2021-22204 - Video](/days/day197.md)

**198** | [Padding Oracle Attacks - Video](/days/day198.md)

**199** | [Demystifying the state of kubernetes cluster security - Video](/days/day199.md)

**200** | [Two One-liners for Quick ColdFusion Static Analysis Security Testing - Blog](/days/day200.md)

**201** | [So many different techniques to learn here! [CTF walkthrough] - Video](/days/day201.md)

**202** | [UDP Technology IP Camera vulnerabilities - Blog](/days/day202.md)

**203** | [Exploiting the Sudo Baron Samedit vulnerability (CVE-2021-3156) on VMWare vCenter Server 7.0 - Blog](/days/day203.md)

**204** | [Reflected XSS Through Insecure Dynamic Loading - Blog](/days/day204.md)

**205** | [Stored XSS via Mermaid Prototype Pollution vulnerability - Blog](/days/day205.md)

**206** | [Getting Partial AWS Account IDs for any Cloudfront Website - Blog](/days/day206.md)

**207** | [Remote code execution in cdnjs of Cloudflare - Blog](/days/day207.md)

**208** | [Docker Security Series - Series](/days/day208.md)

**209** | [REvil Vanishes! - Chrome Zero-Day Vulnerability, iOS WiFi SSID Bug, Patch Tuesday Review - Talk](/days/day209.md)

**210** | [How to Build a Phishing Engagement – Coding TTP’s - Webcast](/days/day210.md)

**211** | [Deep Link Exploitation: Introduction & Open/unvalidated Redirection - Blog](/days/day211.md)

**212** | [Exploiting Android WebView Vulnerabilities - Blog](/days/day212.md)

**213** | [WooCommerce Unauthenticated SQL Injection Vulnerability - Blog](/days/day213.md)

**214** | [Traversing My Way in the Internal Network - Talk](/days/day214.md)

**215** | [How I Found Multiple Bugs On FaceBook In 1 Month And a Part For My Methodology & Tools - Blog](/days/day215.md)

**216** | [Pre-Auth RCE in ManageEngine OPManager - Blog](/days/day216.md)

**217** | [Guest Blog Post - Attacking the DevTools - Blog](/days/day217.md)

**218** | [Kubernetes Hardening Guide - Blog](/days/day218.md)

**219** | [Introducing hallucinate: One-stop TLS traffic inspection and manipulation using dynamic instrumentation - Blog](/days/day219.md)

**220** | [Do Not use alert(1) in XSS - Blog](/days/day220.md)

**221** | [A Look Into zseano's Thoughts When Testing a Target - Video](/days/day221.md)

**222** | [Zimbra 8.8.15 - Webmail Compromise via Email - Blog](/days/day222.md)

**223** | [Security XML Implementation across the Web - Blog](/days/day223.md)

**224** | [Potential remote code execution in PyPi - Blog](/days/day224.md)

**225** | [XXE Case Studies - Blog](/days/day225.md)

**226** | [HackerTools - NoSQLMap - Blog](/days/day226.md)

**227** | [Learn with @sec_r0: Attacks and Defenses to Docker & Kubernetes - Talk](/days/day227.md)

**228** | [Source Zero Con Talks - Talks](/days/day228.md)

**229** | [DevOps for Hackers with Hands-On Labs w/ Ralph May - Talks](/days/day229.md)

**230** | [Advanced Recon Guide - Blog](/days/day230.md)

**231** | [Just Gopher It: Escalating a Blind SSRF to RCE for $15k - Blog](/days/day231.md)

**232** | [Stealing Bitcoin with Cross-Site Request Forgery (Ride the Lightning + Umbrel) - Blog](/days/day232.md)

**233** | [Modify in-flight data to payment provider Smart2Pay - Blog](/days/day233.md)

**234** | [Hacker Heroes #9 - RobinZekerNiet (Interview) - Talk](/days/day234.md)

**235** | [Learn with @HolyBugx: Demystifying Cookies and Tokens - Talk](/days/day235.md)

**236** | [Hacker Tools: ReNgine – Automatic recon - Blog](/days/day236.md)

**237** | [FROM PWN2OWN 2021: A NEW ATTACK SURFACE ON MICROSOFT EXCHANGE - Blog](/days/day237.md)

**238** | [How to Hack Apple ID - Blog](/days/day238.md)

**239** | [Insecure Features in PDFs - Blog](/days/day239.md)

**240** | [Burp Upload Scanner - Blog](/days/day240.md)

**241** | [Adobe Reader - PDF callback via XSLT stylesheet in XFA - Blog](/days/day241.md)

**242** | [A Curious Exploration of Malicious PDF Documents - Blog](/days/day242.md)

**243** | [Common mistakes when using permissions in Android - Blog](/days/day243.md)

**244** | [iOS Pentesting 101 - Blog](/days/day244.md)

**245** | [API Tokens: A Tedious Survey - Blog](/days/day245.md)

**246** | [Cross-Site Request Forgery (CSRF) Complete Guide - Video](/days/day246.md)

**247** | [HTTP Desync Attack Explained With Paper - Video](/days/day247.md)

**248** | [AWS ReadOnlyAccess: Not Even Once - Blog](/days/day248.md)

**249** | [Understanding Salesforce Flows and Common Security Risks - Blog](/days/day249.md)

**250** | [Python context free payloads in Mako templates - Blog](/days/day250.md)

**251** | [CVE-2021-26084 Remote Code Execution on Confluence Servers](/days/day251.md)

**252** | [Introduction to smart contract security and hacking in Ethereum](/days/day252.md)

**253** | [Automating Authorization Testing: AuthMatrix – Part 1](/days/day253.md)

**254** | [Go Fuzz Yourself – How to Find More Vulnerabilities in APIs Through Fuzzing](/days/day254.md)

**255** | [More secure Facebook Canvas : Tale of $126k worth of bugs that lead to Facebook Account Takeovers](/days/day255.md)

**256** | [Smart Contract Security Verification Standard](/days/day256.md)

**257** | [Remote File Inclusion Zines by @sec_r0](/days/day257.md)

**258** | [GitHub Actions check-spelling community workflow - GITHUB_TOKEN leakage via advice.txt symlink](/days/day258.md)

**259** | [Write-Up on Facebook Bug](/days/day259.md)

**260** | [Mass assignment and learning new things](/days/day260.md)

**261** | [A different way to attack certain reverse proxies](/days/day261.md)

**262** | [Introducing Process Hiving & RunPE](/days/day262.md)

**263** | [IAM Vulnerable - An AWS IAM Privilege Escalation Playground](/days/day263.md)

**264** | [Complete Jailbreak Chart](/days/day264.md)

**265** | [OWASP Top 10 2021](/days/day265.md)

**266** | [Powershell for Pentesters](/days/day266.md)

**267** | [How to search for XSS (with blacklisted HTML tags)](/days/day267.md)

**268** | [How to learn anything in Computer Science or Cybersecurity - Security Simplified](/days/day268.md)

**269** | [Reused VMWare exploits & Escaping Azure Container Instances [Bug Bounty Podcast]](/days/day269.md)

**270** | [Docker Hacking](/days/day270.md)

**271** | [Getting Started in Blockchain Security and Smart Contract Auditing - Beau Bullock](/days/day271.md)

**272** | [HacktivityCon](/days/day272.md)

**273** | [CrikeyCon 2021 - Shubham Shah - Hacking on Bug Bounties for Five Years](/days/day273.md)

**274** | [Beginners Guide to 0day/CVE AppSec Research](/days/day274.md)

**275** | [VULNERABILITY DIGGING WITH CODEQL](/days/day275.md)

**276** | [OMIGOD: Critical Vulnerabilities in OMI Affecting Countless Azure Customers](/days/day276.md)

**277** | [Post Exploitation - Transferring Files To Windows Targets](/days/day277.md)

**278** | [SecuriTEA & Crumpets - Episode 12 - Ksenia Peguero](/days/day278.md)

**279** | [Talk: Absolute AppSec Ep. #147 - James Kettle (@albinowax), Security Research](/days/day279.md)

**280** | [A Flickr CSRF, GitLab, & OMIGOD, Azure again? [Bug Bounty Podcast]](/days/day280.md)

**281** | [NETGEAR smart switches, SpookJS, & Parallels Desktop [Binary Exploitation Podcast]](/days/day281.md)

**282** | [Unusual Applications of OpenAI in Cybersecurity + How to get into CTFs](/days/day282.md)

**283** | [SiegeCast "COBALT STRIKE BASICS" with Tim Medin and Joe Vest](/days/day283.md)

**284** | [An Attacker's Approach to Pentesting IBM Cloud - fwd:cloudsec 2021](/days/day284.md)

**285** | [echo "Shell Injection"](/days/day285.md)

**286** | [Exploiting Jinja SSTI with limited payload size.](/days/day286.md)

**287** | [Fuzzing WebSocket messages on Burpsuite](/days/day287.md)

**288** | [Thinking About Simple SQL Injections](/days/day288.md)

**289** | [Training XSS Muscles](/days/day289.md)

**290** | ["A tale of making internet pollution free" - Exploiting Client-Side Prototype Pollution in the wild](/days/day290.md)

**291** | [Chasing a Dream:: Pre-authenticated Remote Code Execution in Dedecms](/days/day291.md)

**292** | [Multiple bugs allowed malicious Android Applications to takeover Facebook/Workplace accounts](/days/day292.md)

**293** | [Ping'ing XMLSec](/days/day293.md)

**294** | [10 Types of Web Vulnerabilities that are Often Missed](/days/day294.md)

**295** | [CVE-2021–35215, SolarWinds Orion Deserialization to RCE.](/days/day295.md)

**296** | [Bachelor's thesis on HTTP Request Smuggling](/days/day296.md)

**297** | [Stored XSS in markdown via the DesignReferenceFilter](/days/day297.md)

**298** | [Building a POC for CVE-2021-40438](/days/day298.md)

**299** | [Turbo Intruder: Embracing the billion-request attack](/days/day299.md)

**300** | [How to conduct a basic security code review - Security Simplified](/days/day300.md)

**301** | [How to Analyze Code for Vulnerabilities using Joern](/days/day301.md)

**302** | [Azure Privilege Escalation via Service Principal Abuse](/days/day302.md)

**303** | [CREATING A MALICIOUS AZURE AD OAUTH2 APPLICATION](/days/day303.md)

**304** | [0-Day Hunting (Chaining Bugs/Methodology)](/days/day304.md)

**305** | [Discourse SNS webhook RCE](/days/day305.md)

**306** | [Android Exploits 101 Workshop](/days/day306.md)

**307** | [SHELLS AND SOAP: WEBSPHERE DESERIALIZATION TO RCE](/days/day307.md)

**308** | [PHP-FPM LOCAL ROOT VULNERABILITY](/days/day308.md)

**309** | [Support Board 3.3.4 Arbitrary File Deletion to Remote Code Execution](/days/day309.md)

**310** | [SuDump: Exploiting suid binaries through the kernel](/days/day310.md)

**311** | [Attacking and Securing CI/CD Pipeline](/days/day311.md)

**312** | [Exploiting Protobuf Webapps](/days/day312.md)

**313** | [CookieMonster](/days/day313.md)

**314** | [Get shells with JET, the Jolokia Exploitation Toolkit](/days/day314.md)

**315** | [Android security checklist: WebView](/days/day315.md)

**316** | [5 Ways to Exploit a Domain Takeover Vulnerability](/days/day316.md)

**317** | [Create a proxy DLL with artifact kit](/days/day317.md)

**318** | [How to search for XXE!](/days/day318.md)

**319** | [Defeating Android Certificate Pinning with Frida](/days/day319.md)

**320** | [What can I do with Open Redirect with OAuth?](/days/day320.md)

**321** | [Practical HTTP Header Smuggling: Sneaking Past Reverse Proxies to Attack AWS and Beyond](/days/day321.md)

**322** | [T-Reqs: HTTP Request Smuggling with Differential Fuzzing](/days/day322.md)

**323** | [ChaosDB Explained: Azure's Cosmos DB Vulnerability Walkthrough](/days/day323.md)

**324** | [MULTIPLE CONCRETE CMS VULNERABILITIES ( PART1 – RCE )](/days/day324.md)

**325** | [Android App Hacking Workshop](/days/day325.md)

**326** | [Secondary Contexts Slides](/days/day326.md)

**327** | [HTTP/2 request smuggling (explained using beer)](/days/day327.md)

**328** | [Scanning for hardcoded secrets in source code - Security Simplified](/days/day328.md)

**329** | [Staying sane in bug bounties](/days/day329.md)

**330** | [How Your E-book Might Be Reading You: Exploiting EPUB Reading Systems](/days/day330.md)

**331** | [Attacking SAML implementations](/days/day331.md)

**332** | [Uniscan: An RFI, LFI, and RCE Vulnerability Scanner](/days/day332.md)

**333** | [JavaScript type confusion: Bypassed input validation (and how to remediate)](/days/day333.md)

**334** | [Multiple Vulnerabilities in ResourceSpace](/days/day334.md)

**335** | [Unboxing BusyBox – 14 new vulnerabilities uncovered by Claroty and JFrog](/days/day335.md)

**336** | [Zero-Day Disclosure: Palo Alto Networks GlobalProtect VPN CVE-2021-3064](/days/day336.md)

**337** | [Simple SSRF Allows Access To Internal Assets](/days/day337.md)

**338** | [Multiple Resource by XVNPW Blog](/days/day338.md)

**339** | [WordPress Plugin Confusion: How an update can get you pwned](/days/day339.md)

**340** | [RCE with SSRF and File Write as an exploit chain on Apache Guacamole](/days/day340.md)

**341** | [Grafana CVE-2021-43798](/days/day341.md)

**342** | [Data Exfiltration via CSS + SVG Font](/days/day342.md)

**343** | [The Pen Testing Tools We’re Thankful for in 2021](/days/day343.md)

**344** | [HitCon CTF Challenges by Orange](/days/day344.md)

**345-363** | [Random Readings](/days/day345-363.md)

**364** | [Metasploit Basics for Hackers](/days/day364.md)

**365** | [NCC Group’s Cryptopals Guided Tour!](/days/day365.md)