Table of contents HowToHunt.md Account Takeover Methodology Chaining Low Impact Bugs with Xss No Rate Limit On Login with Weak Password Policy Password Reset Poisoning Leads To Token Theft Using Auth Bypass Using CSRF Using Sensitive Data Exposure Token Leaks In Response Application Level DoS Email Bounce Issues Long Password DoS Long String DOS Authentication Bypass 2FA Bypasses OTP Bypass By Repeating Requests OTP Bypass Via Response Manipulation Broken-Link Hijacking Broken-Link Hijacking Broken Auth And Session Management Session Based Bugs Bypassing CSP CSP Bypass CMS Wordpress CORS CORS CORS Bypasses CSRF CSRF CSRF Bypass Finding CVEs CVES CheckList Web Application Pentesting Checklist Web Checklist by Chintan Gurjar.pdf Mindmap by Rohit Gautam Source Code Review Code Review Tips EXIF Geo Data Not Stripped EXIF Geo Data Not Stripped File Upload Bypass File Upload Bypass Find Origin IP Find Origin HTTP Desync Attack HTTP_Desync Host-Header Attack Host-Header HTML-Injection HTML-Injection IDOR IDOR JWT ATTACK JWT MFA Bypass MFA Bypasses 2FA-Bypass Misconfigurations Default Credential And Admin Panel OAuth OAuth Open Redirection Find OpenRedirect Trick Open Redirection Bypass Parameter Pollution Parameter Pollution In Social Sharing Buttons Password Reset Functionality MindMap Password Reset Token Leakage Account_Takeover_By_Password_Reset_Functionality Rate Limit Rate-Limit Bypass Recon Recon Workflow Subdomain Enumeration SQLi SQL Injection.md SSRF SSRF Blind SSRF SSTI SSTI Sensitive Info Leaks Github Recon Method Github-Dorks Github Dorks All Google Dorks Shodan CVE Dorks Status Code Bypass Status_Code_Bypass Tips 403 Bypass Subdomain Takeover Subdomain Takeover - Detail Method Subdomain Takeover - Easy Method Tabnabbing Tabnabbing WAF Bypasses WAF Bypass Using Headers Weak Password Policy Weak Password Policy XSS XSS Automated XSS XXE XXE Methods
