Archive for: February 2024

Bug Bounty Cheat Sheet

29 February 2024 - Posted in Uncategorized by The XSS Rat

Information Gathering - Identify target IP addresses and domains. - Perform DNS enumeration. - Identify technologies used by the target (e.g., Wappalyzer). - Identify people related to the target

CSRF

29 February 2024 - Posted in Bug bounties by The XSS Rat

CSRF(Cross-Site Request Forgery) Understanding CSRF. CSRF attacks occur when a malicious actor tricks an authenticated user into unknowingly performing actions on a web application that they are

22 Online tools for hackers

22 February 2024 - Posted in tools by The XSS Rat

Web App Checklist

16 February 2024 - Posted in Bug bounties by The XSS Rat

CSRF: Verify token presence on necessary forms (Create, Update, Delete) Check server-side token length validation Ensure server checks for token parameter Test server response to empty parameter and

JWT for Beginners

02 February 2024 - Posted in Uncategorized by The XSS Rat

JWT for Beginners 1. JWT Overview: JSON Web Tokens (JWTs) are a compact, URL-safe means of representing claims between two parties. JWTs are often used for authentication, information exchange, and

Useful websites for hackers

02 February 2024 - Posted in Uncategorized by The XSS Rat

List of websites that can be useful resources for ethical hackers, bug bounty hunters, and penetration testers. hackxpert labs - Practise labs for ethical hacking. Bugcrowd - Another popular bug