【GLASSDOOR】网络缓存欺骗导致 gdtoken 泄露 https://hackerone.com/reports/1343086
【 Acronis】#1403176 IDOR vulnerability (Price manipulation) https://hackerone.com/reports/1403176
【Jamf 】Discovering Full Read SSRF in Jamf (CVE-2021-39303 & CVE-2021-40809) – Assetnote https://blog.assetnote.io/2021/11/30/jamf-ssrf/
WordPress Plugin Confusion: How an update can get you pwned | Kamil Vavra @vavkamil https://vavkamil.cz/2021/11/25/wordpress-plugin-confusion-update-can-get-you-pwned/
如何找到一个公司最新或更多的域名? - Recon Stuff https://www.cyberick.com/post/how-to-find-new-more-domains-of-a-company-recon-stuff
Bug bounty methodology V4.0 — Demonstrated | by Thexssrat | Geek Culture | Medium https://medium.com/geekculture/bug-bounty-methodology-v4-0-demonstrated-8e9cb6ed1b12
Uniscan Vulnerability Scanner: Installation Guide and Examples https://securitytrails.com/blog/uniscan
GitHub - glebarez/cero: 从任意主机的SSL证书中获取域名 https://github.com/glebarez/cero
Malwoverview.py 是威胁搜寻的第一响应工具,它对恶意软件样本、URL、IP 地址、域、恶意软件系列、IOC 和哈希执行初始和快速分类。此外,Malwoverview 能够从多个端点提交和下载样本。 https://github.com/alexandreborges/malwoverview
GitHub - scmanjarrez/CVEScannerV2: Nmap script that searches for probable vulnerabilities based on services discovered in open ports. https://github.com/scmanjarrez/CVEScannerV2
