Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/imran-parray/Mind-Maps
Mind-Maps of Several Things
https://github.com/imran-parray/Mind-Maps
Last synced: 3 months ago
JSON representation
Mind-Maps of Several Things
- Host: GitHub
- URL: https://github.com/imran-parray/Mind-Maps
- Owner: imran-parray
- Created: 2020-08-20T13:09:13.000Z (about 4 years ago)
- Default Branch: master
- Last Pushed: 2023-06-29T16:43:43.000Z (over 1 year ago)
- Last Synced: 2024-06-12T06:38:15.894Z (5 months ago)
- Size: 30.1 MB
- Stars: 2,367
- Watchers: 70
- Forks: 511
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Security: Security Assesment - SOPAS/assessment-mindset.png
Awesome Lists containing this project
- awesome-hacking-lists - imran-parray/Mind-Maps - Mind-Maps of Several Things (Others)
README
# MindMaps πΊοΈ
> This repository stores and houses various Mindmaps for bug bounty Huntersπ§βπ¦°, pentestersπ§βπ¦° and offensive(π΄)/defensive(π΅) security Professionalsπ« provided by me as well as contributed by the communityπ§π»βπ€βπ§π½. Your contributions and suggestions are welcomed.
| Name | Link | Type | Description | Author |
| ----------------------------------------------- | ------------------------------------------------------------ | ------ | ------------------------------------------------------------ | --------------------------------------------------- |
| Bug Hunters Methodology | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Bug%20Hunters%20Methodology%20v4/MindMap.png) | **π΄** | This Mindmap explains how to test for bugs on Bug bounty programs | [Jhaddix](https://twitter.com/jhaddix) |
| Fiding Server side issues | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Finding%20Server%20Side%20Issues%20-%20imran%20parray/Finding%20Server%20Side%20Issues.jpg) | **π΄** | This mind-map explains how to look for server side issues on your bug-bounty/pentest targets | [Imran parray](https://twitter.com/imranparray101) |
| Javascript Recon | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Js%20Recon%20-%20Imran%20Parray/Javascript-file-methodology.png) | **π΄** | How to perform recon on JavaScript files | [Imran parray](https://twitter.com/imranparray101) |
| My Recon | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Recon%20-%20Imran%20parray/My-recon.png) | **π΄** | This mind-map explains how to look for various server side and client side bugs on Bug bounty programs | [Imran parray](https://twitter.com/imranparray101) |
| Testing 2FA | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Testing%202FA-hackerscrolls/Testing%202FA.jpeg) | **π΄** | How to test 2FA for Bugs | [hackerscrolls](https://twitter.com/hackerscrolls) |
| Testing 2FA [2] | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Testing%202FA%20(2)%20-%20hackerscroll/Testing%202FA.jpeg) | **π΄** | How to test 2FA for Bugs | [hackerscrolls](https://twitter.com/hackerscrolls) |
| 2FA Bypass Techniques | [π](https://github.com/imran-parray/Mind-Maps/blob/master/2FA%20Bypass%20Techniques%20-%20Harsh%20Bothra/2FA%20Bypass%20Techniques.png) | **π΄** | 2FA Bypass Techniques | [Harsh Bothra](https://twitter.com/harshbothra_) |
| Android Attacker Vectors | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Android%20Attacker%20Vector%20-%20hackerscroll/Android%20Attacker%20Vector.png) | **π΄** | Detailed Mindmap on How to find and exploit Android bugs. | [hackerscrolls](https://twitter.com/hackerscrolls) |
| Testing oAuth for Vulnerabilities | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Testing%20OAuth%20-%20hackerscroll/Testing%20oAuth.jpeg) | **π΄** | How to test Oauth for Bugs | [hackerscrolls](https://twitter.com/hackerscrolls) |
| Security Assesment Mindmap | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Security%20Assesment%20-%20SOPAS/assessment-mindset.png) | **π΄** | General security Assessment Mind-map | [Sopas](https://twitter.com/dsopas) |
| Red Teaming Mind Map from The Hacker Playbook 3 | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Red%20Teaming%20Mind%20Map%20from%20The%20Hacker%20Playbook%203/blog_hackerplaybook_mindmap.png) | **π΄** | Mind-map containing several techniques and approaches used by Red team members | [Marcon Lencini](https://twitter.com/lancinimarco) |
| SSRF MindMap | [π](https://github.com/imran-parray/Mind-Maps/blob/master/SSRF%20-%20Hackerscroll/ssrf.jpeg) | **π΄** | How to test SSRF for Bugs | [hackerscrolls](https://twitter.com/hackerscrolls) |
| Code Review Mindmap | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Code%20review%20-%20amanhardikar/CodeReview.png) | **π΄**π΅ | Mindmap containing several techniques and approaches that can be used during code reviews. | [www.amanhardikar.com](http://www.amanhardikar.com) |
| Android Application Penetration Testing Mindmap| [π](https://github.com/imran-parray/Mind-Maps/blob/master/Android%20Mindmap%20-%20Harsh%20Bothra/AndroidMindmap.jpeg) | **π΄** | A simple mind-map which explains various test cases around Android Application Penetration Testing | [Harsh Bothra](https://twitter.com/harshbothra_) |
| Cookie Based Authentication Vulnerabilities | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Cookie%20Based%20Authentication%20Vulnerabilities%20-%20Harsh%20Bothra/Cookie_Based_Authentication_Vulnerabilities.png) | **π΄** | a comprehensive Mind-map which includes various techniques to test Cookie based authentication mechanism. | [Harsh Bothra](https://twitter.com/harshbothra_) |
| Tesing JIRA for CVE's | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Tesing%20JIRA%20for%20CVE's%20-%20Harsh%20Bothra/JIRA_CVEs.png) | **π΄** | Detailed Mind-map on How to find and exploit JIRA CVE's. | [Harsh Bothra](https://twitter.com/harshbothra_) |
| Scope Based Testing | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Scope%20Based%20Testing%20-%20Harsh%20Bothra/Scope_Based_Recon.png) | **π΄** | This Mind-map explains how to test for bugs based on the scope of your target. | [Harsh Bothra](https://twitter.com/harshbothra_) |
| OAuth 2.0 Threat Model Pentesting Checklist| [π](https://github.com/imran-parray/Mind-Maps/blob/master/Oauth2%20Pentest%20Checklist%20-%20BinaryBrotherh1/oauth.png) | **π΄** | The following checklist represents a simplified visual alternative to IETF OAuth 2.0 Security Best Current Practice publication combined with various other public resources we found usefull.| [Binary Brotherhood](https://twitter.com/BinaryBrotherh1) |
|Bug Bounty Platforms |[π](https://www.mindmeister.com/1578309575/bug-bounty-platforms)| π΄ | list of bug bounty platform available | [fujie gu](https://www.mindmeister.com/users/channel/51127258) |
|Web App Pentest|[π](https://www.mindmeister.com/1748098748/web-app-pentest?fullscreen=1)|π΄|Web application Pentest Mindmap|[Ding Jayway](https://www.mindmeister.com/users/channel/60235712)|
|Web App Pentest|[π](https://www.mindmeister.com/1470766611/web-app-pentest?fullscreen=1)|π΄|This mind-map has the list of bugs and the corresponding tools and techniques used to find those bugs|[Ninad Mathpati](https://www.mindmeister.com/users/channel/45787993)|
|Mobile Security Mindmap|[π](https://raw.githubusercontent.com/imran-parray/Mind-Maps/master/Mobile%20App%20Security%20-%20Aman%20Hardikar/map.png)|π΄|a comprehensive Mind-map which includes various techniques to test Mobile Application for security issues|[Aman Hardikar](https://twitter.com/AmanHardikar)|
|Web Security Field Mindmap|[π](https://www.mindmeister.com/1746180947/web-vulnerability-by-joas-antonio?fullscreen=1)|π΄π΅|This mindmap is an combination of Web Attacks, AppSec and Bug Bounty stuff|[jois](https://www.mindmeister.com/users/channel/36439824)|
|Security Consulting & Implementation|[π](https://www.mindmeister.com/988579189/security-consulting-implementation?fullscreen=1)|π΅|Security Consulting & Implementation mindmap|[Lawrence Pingree](https://www.mindmeister.com/users/channel/1154930)|
|Information Security Technologies & Markets|[π](https://www.mindmeister.com/783360255/information-security-technologies-markets-by-lawrence-pingree?fullscreen=1)|π΄π΅|This Mindmap is an combination of Information Security Technologies & Markets|[ovens ffdf](https://www.mindmeister.com/users/channel/16669742)|
|Information Security Technologies & Markets|[π](https://www.mindmeister.com/333578609/information-security-technologies-markets)|π΄π΅|This mindmap contains different Information Security Technologies & Markets|[John Fortner](https://www.mindmeister.com/users/channel/4563052)|
|Nmap Scans Mindmap|[π](https://github.com/imran-parray/Mind-Maps/blob/master/Nmap%20scans%20-%20OnlyHacker/mindmap.jpg)|π΄π΅|This mindmap show how different type of scans can be performed via Nmap Scanner|[Only Hacker](https://onlyhacker.com)|
|Cross Site Request Frogery Mindmap|[π](https://raw.githubusercontent.com/imran-parray/Mind-Maps/master/XSRF%20-%20Trust%20Foundry/CSRF-CheatSheet-v2.3.1.png)|π΄π΅|This mindmap show how different type of security tests can be performed while testing CSRF|[alexlauerman](https://twitter.com/alexlauerman)|
|Access Control Vulnerabilities| [π](https://github.com/imran-parray/Mind-Maps/blob/master/Access%20Control%20Vulnerabilities%20-%20Pratik%20Gaikwad/Access-Control-vaulnerabilites.png) | **π΄** | List of Techniques that can be use to test access control models of an Application| [Pratik Gaikwad](https://twitter.com/X0rby7e) |
|CISO MindMap 2021| [π](https://github.com/imran-parray/Mind-Maps/blob/master/CISO%20MindMap%202021%20-%20Rafeeq%20Rahman/CISO_Job_MindMap_Rafeeq_Rehman_v_2021.png) | **π΅** | is the latest and updated CISO MindMap for 2021 with a number of updates and new recommendations for 2021-22| [Rafeeq Rehman](https://rafeeqrehman.com/author/boota135/) |
| Common Vulnerabilites on Forgot Password Functionality | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Common%20Vulnerabilites%20on%20Forgot%20Password%20Functionality%20-%20%20Harsh%20Bothra/Common%20Vulnerabilities%20on%20Forget%20Password%20Functionality.pdf) | **π΄** | List of Test cases that can be perform on an Forgot password functionalities within the web apps| [Harsh Bothra](https://twitter.com/harshbothra_) |
| Common XML Attacks | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Common%20XML%20Attacks%20-%20Harsh%20Bothra/XML%20Attacks%20New.pdf) | **π΄** | In this Mindmap Harsh Bothra Tired to list all the attacks that can be performed on an XML endpoints/services | [Harsh Bothra](https://twitter.com/harshbothra_) |
| Copy of Vulnerability Checklist for SAML | [π](https://github.com/imran-parray/Mind-Maps/blob/master/2FA%20Bypass%20Techniques%20-%20Harsh%20Bothra/2FA%20Bypass%20Techniques.png) | **π΄** | List of all the Vulnerability that can be tested on SAML Endpoints/Services | [Harsh Bothra](https://twitter.com/harshbothra_) |
| Exploting Grafana | [π](https://github.com/imran-parray/Mind-Maps/blob/master/Exploting%20Grafana%20-%20daffainfo/grafana.png) | **π΄** | Possible test cases to Exploit Publicly Avilable Grafa Instance | [Muhammad Daffa](https://twitter.com/daffainfo) |
| FILE READ vulnerabilities | [π](https://raw.githubusercontent.com/imran-parray/Mind-Maps/master/File%20Read%20Vulnerabilites%20-%20Lukasz%20Miku%C5%82a/FRV.jpeg) | **π΄** | Practical strategies for exploiting FILE READ vulnerabilities | [Lukasz MikuΕa](https://twitter.com/0xluk3) |
|The Cyber Guy - Recon|[π](https://raw.githubusercontent.com/imran-parray/Mind-Maps/master/The%20Cyber%20Guy%20-%20Recon%20Mindmap/theCyberGuy_Recon_V1.0.png)|π΄|in this mindmap the CyberGuy shares his Recon Methodology|[theCyberGuy0](https://twitter.com/theCyberGuy0)|
|Penetration Testing Certifications|[π](https://github.com/imran-parray/Mind-Maps/blob/master/Penetration%20Testing%20Certification%20-%20Tahar/mindmap.jpeg)|π΄π΅|in this mindmap Tahar Tries to uncover the list of Certification in the field of Penetration testing|[MrTaharAmine](https://twitter.com/MrTaharAmine)|
|Linux Privilege Escalation |[π](https://github.com/imran-parray/Mind-Maps/blob/master/Linux%20Privilege%20Escalation%20-%20Mindmap/Linux_Previlege_Escalation.png)|π΄|this mindmap shows several linux privilege escalation Techniques|[Source](https://twitter.com/hackinarticles/status/1464075216993206274?s=28)|---
Special Thanks to all the authors for publishing these mindmaps π₯³π₯³π₯³