# Tips and Write-ups

###

### Bug Bounty Handbook: (<https://gowthams.gitbook.io/bughunter-handbook/>)

### Bug Bounty Tips: (<https://gowsundar.gitbook.io/book-of-bugbounty-tips/>)

***

* <https://kingcoolvikas.medium.com/how-i-was-able-to-see-sensitive-information-on-one-of-the-indias-best-school-website-5800b5ab834c>
* <https://ajaksecurity.medium.com/how-to-become-a-successful-bug-bounty-hunter-in-2023-f3c1499959da>
* <https://bxmbn.medium.com/>
* <https://infosecwriteups.com/bug-bounty-hunting-methodology-tools-tips-tricks-blogs-books-6f84cda7ce34>

### Subdomain Enumeration

The best terminal-based subdomain scanner tools to find subdomains

* AMASS
* SubBrute
* Knock
* DNSRecon
* Sublist3r
* AltDNS
* Axiom
* Haktrails
* Anubis
* Lepus
* subfinder

## Subdomain Enumeration Guide

* <https://sidxparab.gitbook.io/subdomain-enumeration-guide/passive-enumeration/passive-sources>

## Writeup About XSS Finding

* <https://infosecwriteups.com/how-i-was-able-to-find-50-cross-site-scripting-xss-security-vulnerabilities-on-bugcrowd-public-ba33db2b0ab1>

## Writeup about SQL Injection

* <https://medium.com/@a7madhacck/how-i-found-my-first-sql-injection-2-in-two-different-website-9c6c324b53c>

### 403 Bypass tool:

{% embed url="<https://github.com/Dheerajmadhukar/4-ZERO-3>" %}

### Filter Subdomains:

```bash
awk -F[/.] 'NF > 5' subdomains.txt 
```

### Sort unique domains based on their content length

```bash
cat cl.txt | awk '{print $NF, $0}' | sort -u -k1,1 | cut -d' ' -f2- 
```

### Upload shell via SQLmap into Database

{% embed url="<https://www.youtube.com/watch?v=FjgKtBAiLKQ>" %}