Learn Bug Bounty

HTTP fingerprinting in web applications: article number three in YesWeHack’s bug bounty recon series

Recon series #3: HTTP fingerprinting – sleuthing for a web application’s hidden vulnerabilities

YesWeHack Bug Bounty recon series, guide to subdomain enumeration, illustrated with endpoint nodes

Recon Series #2: Subdomain enumeration – expand attack surfaces with active, passive techniques

XSS attacks and exploitation illustrated with laptop and www.example.com website: The ultimate guide to cross-site scripting

XSS attacks and exploitation: The ultimate guide to cross-site scripting

Bug Bounty Recon Series by YesWeHack

Recon Series #1: Discovering and mapping hidden endpoints and parameters to expand attack surfaces

Pimp My Burp #11 shows you how to use Burp Suite extension Sign Saboteur to master signed token exploits

PimpMyBurp #11 – Master Signed Token Exploits with SignSaboteur

Our Hacker’s Toolbox series, illustrated with a question mark and angle brackets that close HTML and XML tags, focuses on Dom-Explorer, a new open-source tool for understanding how popular browsers parse HTML and uncovering mutation XSS vulnerabilities

Dom-Explorer tool launched to reveal how browsers parse HTML and find mutated XSS vulnerabilities

JS text stands for JavaScript, with insect bugs signifying vulnerability hunting, with yellow theme, in article about how to debug for JavaScript vulnerabilities

White-box penetration testing: How to debug for JavaScript vulnerabilities

Top 5 hacking tools for white-box pentesting

White-box penetration testing: Debugging for Python vulnerabilities

White-box penetration testing with Xdebug: Debugging for PHP vulnerabilities

How to write an effective Bug Bounty report

Smart Automation With Burp Suite