Posts tagged: bug bounty

Understanding Broken Access Control (BAC): A Comprehensive Guide

12 November 2024 - Posted in Bug bounties by The XSS Rat

Introduction As web applications have evolved from static to dynamic, the complexity of managing access has grown. The need for stringent access control mechanisms has become paramount, especially as

Advanced Techniques for Bypassing Web Filters: A Practical Guide to Identifying and Exploiting XSS Vulnerabilities

12 November 2024 - Posted in XSS by The XSS Rat

In web application security, Cross-Site Scripting (XSS) vulnerabilities are a common yet powerful threat, enabling attackers to execute scripts in a user's browser. Security-conscious developers

BugBounty tools for JavaScript

05 April 2024 - Posted in tools by The XSS Rat

getJS - https://github.com/003random/getJS GoLinkFinder - https://github.com/0xsha/GoLinkFinder de4js - https://lelinhtinh.github.io/de4js/ JSParser - https://github.com/nahamsec/JSParser LinkFinder

Bug Bounty Cheat Sheet

29 February 2024 - Posted in Uncategorized by The XSS Rat

Information Gathering - Identify target IP addresses and domains. - Perform DNS enumeration. - Identify technologies used by the target (e.g., Wappalyzer). - Identify people related to the target

A list of 50 web application exploit techniques that bug bounty hunters should be familiar with.

07 November 2023 - Posted in Uncategorized by The XSS Rat

Below is a list of 50 web application exploit techniques that bug bounty hunters should be familiar with. This list includes a range of common vulnerabilities that attackers may exploit, and

A Very Basic Bug Bounty Methodology

05 November 2023 - Posted in Bug bounties by The XSS Rat

Cross-Site Scripting (XSS) Reflected XSS: Look for parameters and user inputs that are reflected back in the page without proper encoding. Use fuzzing with a list of XSS payloads to test how inputs