Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.
Awesome Lists | Featured Topics | Projects
https://github.com/imran-parray/Mind-Maps

Mind-Maps of Several Things
https://github.com/imran-parray/Mind-Maps
Last synced: 3 months ago
JSON representation
Mind-Maps of Several Things
Host: GitHub
URL: https://github.com/imran-parray/Mind-Maps
Owner: imran-parray
Created: 2020-08-20T13:09:13.000Z (about 4 years ago)
Default Branch: master
Last Pushed: 2023-06-29T16:43:43.000Z (over 1 year ago)
Last Synced: 2024-06-12T06:38:15.894Z (5 months ago)
Size: 30.1 MB
Stars: 2,367
Watchers: 70
Forks: 511
Open Issues: 1
Metadata Files:
- Readme: README.md
- Security: Security Assesment - SOPAS/assessment-mindset.png
Awesome Lists containing this project

awesome-hacking-lists - imran-parray/Mind-Maps - Mind-Maps of Several Things (Others)
README

        # MindMaps 🗺️

> This repository stores and houses various Mindmaps for bug bounty Hunters🧑‍🦰, pentesters🧑‍🦰 and offensive(🔴)/defensive(🔵) security Professionals🫂 provided by me as well as contributed by the community🧑🏻‍🤝‍🧑🏽. Your contributions and suggestions are welcomed.

| Name                                            | Link                                                         | Type   | Description                                                  | Author                                              |

| ----------------------------------------------- | ------------------------------------------------------------ | ------ | ------------------------------------------------------------ | --------------------------------------------------- |

| Bug Hunters Methodology                         | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Bug%20Hunters%20Methodology%20v4/MindMap.png) | **🔴**    | This Mindmap explains how to test for bugs on Bug bounty programs | [Jhaddix](https://twitter.com/jhaddix)              |

| Fiding Server side issues                       | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Finding%20Server%20Side%20Issues%20-%20imran%20parray/Finding%20Server%20Side%20Issues.jpg) | **🔴**  | This mind-map explains how to look for server side issues on your bug-bounty/pentest targets | [Imran parray](https://twitter.com/imranparray101)  |

| Javascript Recon                                | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Js%20Recon%20-%20Imran%20Parray/Javascript-file-methodology.png) | **🔴**  | How to perform recon on JavaScript files                     | [Imran parray](https://twitter.com/imranparray101)  |

| My Recon                                        | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Recon%20-%20Imran%20parray/My-recon.png) | **🔴**  | This mind-map explains how to look for various server side and client side bugs on Bug bounty programs | [Imran parray](https://twitter.com/imranparray101)  |

| Testing 2FA                                     | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Testing%202FA-hackerscrolls/Testing%202FA.jpeg) | **🔴**  | How to test 2FA for Bugs                                     | [hackerscrolls](https://twitter.com/hackerscrolls)  |

| Testing 2FA [2]                                 | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Testing%202FA%20(2)%20-%20hackerscroll/Testing%202FA.jpeg) | **🔴**  | How to test 2FA for Bugs                                     | [hackerscrolls](https://twitter.com/hackerscrolls)  |

| 2FA Bypass Techniques                            | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/2FA%20Bypass%20Techniques%20-%20Harsh%20Bothra/2FA%20Bypass%20Techniques.png) | **🔴**  | 2FA Bypass Techniques                                    | [Harsh Bothra](https://twitter.com/harshbothra_)  |

| Android Attacker Vectors                        | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Android%20Attacker%20Vector%20-%20hackerscroll/Android%20Attacker%20Vector.png) | **🔴**  | Detailed Mindmap on How to find and exploit Android bugs.    | [hackerscrolls](https://twitter.com/hackerscrolls)  |

| Testing oAuth for Vulnerabilities               | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Testing%20OAuth%20-%20hackerscroll/Testing%20oAuth.jpeg) | **🔴**  | How to test Oauth for Bugs                                   | [hackerscrolls](https://twitter.com/hackerscrolls)  |

| Security Assesment Mindmap                      | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Security%20Assesment%20-%20SOPAS/assessment-mindset.png) | **🔴**  | General security Assessment Mind-map   | [Sopas](https://twitter.com/dsopas)                 |

| Red Teaming Mind Map from The Hacker Playbook 3 | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Red%20Teaming%20Mind%20Map%20from%20The%20Hacker%20Playbook%203/blog_hackerplaybook_mindmap.png) | **🔴**  | Mind-map containing several techniques and approaches used by Red team members | [Marcon Lencini](https://twitter.com/lancinimarco)  |

| SSRF MindMap                                    | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/SSRF%20-%20Hackerscroll/ssrf.jpeg) | **🔴**  | How to test SSRF for Bugs                                    | [hackerscrolls](https://twitter.com/hackerscrolls)  |

| Code Review Mindmap                             | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Code%20review%20-%20amanhardikar/CodeReview.png) | **🔴**🔵 | Mindmap containing several techniques and approaches that can be used during code reviews. | [www.amanhardikar.com](http://www.amanhardikar.com) |

| Android Application Penetration Testing Mindmap| [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Android%20Mindmap%20-%20Harsh%20Bothra/AndroidMindmap.jpeg) | **🔴** | A simple mind-map which explains various test cases around Android Application Penetration Testing | [Harsh Bothra](https://twitter.com/harshbothra_) |

| Cookie Based Authentication Vulnerabilities | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Cookie%20Based%20Authentication%20Vulnerabilities%20-%20Harsh%20Bothra/Cookie_Based_Authentication_Vulnerabilities.png) | **🔴** | a comprehensive Mind-map which includes various techniques to test Cookie based authentication mechanism. | [Harsh Bothra](https://twitter.com/harshbothra_) |

| Tesing JIRA for CVE's                       | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Tesing%20JIRA%20for%20CVE's%20-%20Harsh%20Bothra/JIRA_CVEs.png) | **🔴** | Detailed Mind-map on How to find and exploit JIRA CVE's. | [Harsh Bothra](https://twitter.com/harshbothra_) |

| Scope Based Testing                         | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Scope%20Based%20Testing%20-%20Harsh%20Bothra/Scope_Based_Recon.png) | **🔴** | This Mind-map explains how to test for bugs based on the scope of your target. | [Harsh Bothra](https://twitter.com/harshbothra_) |

| OAuth 2.0 Threat Model Pentesting Checklist| [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Oauth2%20Pentest%20Checklist%20-%20BinaryBrotherh1/oauth.png) | **🔴** | The following checklist represents a simplified visual alternative to IETF OAuth 2.0 Security Best Current Practice publication combined with various other public resources we found usefull.| [Binary Brotherhood](https://twitter.com/BinaryBrotherh1) |

|Bug Bounty Platforms  |[🔗](https://www.mindmeister.com/1578309575/bug-bounty-platforms)| 🔴 | list of bug bounty platform available  | [fujie gu](https://www.mindmeister.com/users/channel/51127258)  |

|Web App Pentest|[🔗](https://www.mindmeister.com/1748098748/web-app-pentest?fullscreen=1)|🔴|Web application Pentest Mindmap|[Ding Jayway](https://www.mindmeister.com/users/channel/60235712)|

|Web App Pentest|[🔗](https://www.mindmeister.com/1470766611/web-app-pentest?fullscreen=1)|🔴|This mind-map has the list of bugs and the corresponding tools and techniques used to find those bugs|[Ninad Mathpati](https://www.mindmeister.com/users/channel/45787993)|

|Mobile Security Mindmap|[🔗](https://raw.githubusercontent.com/imran-parray/Mind-Maps/master/Mobile%20App%20Security%20-%20Aman%20Hardikar/map.png)|🔴|a comprehensive Mind-map which includes various techniques to test Mobile Application for security issues|[Aman Hardikar](https://twitter.com/AmanHardikar)|

|Web Security Field Mindmap|[🔗](https://www.mindmeister.com/1746180947/web-vulnerability-by-joas-antonio?fullscreen=1)|🔴🔵|This mindmap is an combination of Web Attacks, AppSec and Bug Bounty stuff|[jois](https://www.mindmeister.com/users/channel/36439824)|

|Security Consulting & Implementation|[🔗](https://www.mindmeister.com/988579189/security-consulting-implementation?fullscreen=1)|🔵|Security Consulting & Implementation mindmap|[Lawrence Pingree](https://www.mindmeister.com/users/channel/1154930)|

|Information Security Technologies & Markets|[🔗](https://www.mindmeister.com/783360255/information-security-technologies-markets-by-lawrence-pingree?fullscreen=1)|🔴🔵|This Mindmap is an combination of Information Security Technologies & Markets|[ovens ffdf](https://www.mindmeister.com/users/channel/16669742)|

|Information Security Technologies & Markets|[🔗](https://www.mindmeister.com/333578609/information-security-technologies-markets)|🔴🔵|This mindmap contains different Information Security Technologies & Markets|[John Fortner](https://www.mindmeister.com/users/channel/4563052)|

|Nmap Scans Mindmap|[🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Nmap%20scans%20-%20OnlyHacker/mindmap.jpg)|🔴🔵|This mindmap show how different type of scans can be performed via Nmap Scanner|[Only Hacker](https://onlyhacker.com)|

|Cross Site Request Frogery Mindmap|[🔗](https://raw.githubusercontent.com/imran-parray/Mind-Maps/master/XSRF%20-%20Trust%20Foundry/CSRF-CheatSheet-v2.3.1.png)|🔴🔵|This mindmap show how different type of security tests can be performed while testing CSRF|[alexlauerman](https://twitter.com/alexlauerman)|

|Access Control Vulnerabilities| [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Access%20Control%20Vulnerabilities%20-%20Pratik%20Gaikwad/Access-Control-vaulnerabilites.png) | **🔴**  | List of Techniques that can be use to test access control models of an Application| [Pratik Gaikwad](https://twitter.com/X0rby7e)  |

|CISO MindMap 2021| [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/CISO%20MindMap%202021%20-%20Rafeeq%20Rahman/CISO_Job_MindMap_Rafeeq_Rehman_v_2021.png) | **🔵**  | is the latest and updated CISO MindMap for 2021 with a number of updates and new recommendations for 2021-22| [Rafeeq Rehman](https://rafeeqrehman.com/author/boota135/)  |

| Common Vulnerabilites on Forgot Password Functionality | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Common%20Vulnerabilites%20on%20Forgot%20Password%20Functionality%20-%20%20Harsh%20Bothra/Common%20Vulnerabilities%20on%20Forget%20Password%20Functionality.pdf) | **🔴**  | List of Test cases that can be perform on an Forgot password functionalities within the web apps| [Harsh Bothra](https://twitter.com/harshbothra_)  |

| Common XML Attacks  | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Common%20XML%20Attacks%20-%20Harsh%20Bothra/XML%20Attacks%20New.pdf) | **🔴**  | In this Mindmap Harsh Bothra Tired to list all the attacks that can be performed on an XML endpoints/services   | [Harsh Bothra](https://twitter.com/harshbothra_)  |

| Copy of Vulnerability Checklist for SAML  | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/2FA%20Bypass%20Techniques%20-%20Harsh%20Bothra/2FA%20Bypass%20Techniques.png) | **🔴**  | List of all the Vulnerability that can be tested on SAML Endpoints/Services    | [Harsh Bothra](https://twitter.com/harshbothra_)  |

| Exploting Grafana  | [🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Exploting%20Grafana%20-%20daffainfo/grafana.png) | **🔴**  | Possible test cases to Exploit Publicly Avilable Grafa Instance    | [Muhammad Daffa](https://twitter.com/daffainfo)  |

| FILE READ vulnerabilities  | [🔗](https://raw.githubusercontent.com/imran-parray/Mind-Maps/master/File%20Read%20Vulnerabilites%20-%20Lukasz%20Miku%C5%82a/FRV.jpeg) | **🔴**  | Practical strategies for exploiting FILE READ vulnerabilities | [Lukasz Mikuła](https://twitter.com/0xluk3)  |

|The Cyber Guy - Recon|[🔗](https://raw.githubusercontent.com/imran-parray/Mind-Maps/master/The%20Cyber%20Guy%20-%20Recon%20Mindmap/theCyberGuy_Recon_V1.0.png)|🔴|in this mindmap the CyberGuy shares his Recon Methodology|[theCyberGuy0](https://twitter.com/theCyberGuy0)|

|Penetration Testing Certifications|[🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Penetration%20Testing%20Certification%20-%20Tahar/mindmap.jpeg)|🔴🔵|in this mindmap Tahar Tries to uncover the list of Certification in the field of Penetration testing|[MrTaharAmine](https://twitter.com/MrTaharAmine)|

|Linux Privilege Escalation |[🔗](https://github.com/imran-parray/Mind-Maps/blob/master/Linux%20Privilege%20Escalation%20-%20Mindmap/Linux_Previlege_Escalation.png)|🔴|this mindmap shows several linux privilege escalation Techniques|[Source](https://twitter.com/hackinarticles/status/1464075216993206274?s=28)|

---

Special Thanks to all the authors for publishing these mindmaps 🥳🥳🥳