bugbounty技巧聚合20211116 - 火线 Zone-安全攻防社区

bugbounty技巧聚合20211116

45813

漏洞报告

【Glovo】chainning bugs to get full disclosure of Users addresses
https://hackerone.com/reports/1398905

挖洞技巧

Laravel 8.x image upload bypass
https://hosein-vita.medium.com/laravel-8-x-image-upload-bypass-zero-day-852bd806019b

Recon: an important part of penetration test for finding vulnerabilities
https://blog.securelayer7.net/recon-an-important-part-of-penetration-test-for-finding-vulnerabilities/

Recon Experience with Trickest — Subdomain Recon Tale in a Workflow #1
https://trickest.medium.com/recon-experience-with-trickest-subdomain-recon-tale-in-a-workflow-1-a522717d1471