Giter VIP home page Giter VIP logo

learn365's Introduction

Learn365

This repository contains all the information shared during my Learn 365 Challenge. Learn 365 is a challenge to keep the learning spirit going on and challenge myself to learn something daily for the whole year, it can be anything from infosec to general life. Follow me on Twitter for Regular Updates: Anubhav Singh. Huge thanks to Harsh Bothra, from whoam I got motivated to start this Learn365 challenge.

Day Topic
1
  • Learn Javascript
  • The Tool Box karma v2 and 4-ZERO-3 - Talk
  • Finding and exploiting unintended functionality in main web app APIs - Writeup
  • Workflow for Javascript Recon
2
  • Learn Javascript
  • Read BugBounty BootCamp - Book
  • Learn Python
3
  • Learn Javascript
  • AWS Lambda Command Injection - Writeup
  • A tale of zero click account takeover - Writeup
4
  • Learn CSS
  • Learn Python
5
  • Learn Javascript [Revision]
6
  • Solved DOM based XSS Labs on Portswigger
7
  • Solved DOM based XSS Labs on Portswigger
  • Learn Python
8
  • A Cool Account Takeover Vulnerability due to lack of Client Side Validation - WriteUp
9
  • WebSockets not Bound by SOP and CORS? - WriteUp
10
  • Unauth Cache Purging - WriteUp
  • How I was able to change victim’s password using IDN Homograph Attack - WriteUp
11
  • Controlling the web message source - Lab
  • JavaScript for Hackers - Video
  • HACKING postMessage() - Video
  • Introduction postmessage vulnerabilities - Writeup
  • Postmessage vulnerability demo -Lab
12
  • A simple Data Exfiltration! Excel magic - Writeup
13
  • One Token to leak them all : The story of a $8000 NPM_TOKEN - Writeup
  • Introduction to GraphQL - GraphQL Exploitation Part1 - Video
14
  • Finding The Origin IP Behind CDNs - Writeup
15
  • Hunting postMessage Vulnerabilities - White Paper
16
  • 120 Days of High Frequency Hunting - WriteUp
  • Hunting postMessage Vulnerabilities - White Paper
17
  • How to find new/more domains of a company? - Recon Stuff - Writeup
18
  • Read BugBounty BootCamp - Book
19
  • The Tale of a Click leading to RCE - Writeup
20
  • PostMessage Vulnerabilities - WriteUp
21
  • DVGA - Damn Vulnerable GraphQL Application Part 2 - Video
22
  • Chrome DevTools Crash Course - Video
23
  • Crontab for Linux Admins - Video
24
  • Template Injection in Action: 2-hour workshop on Template Injection (SSTI)
  • Read BugBounty BootCamp - Book
25
  • Hacking REST APIs: A beginner's guide - Course
26
  • Read BugBounty BootCamp - Book
  • Read zseano's methodology - Book
27
  • Read zseano's methodology - Book
28
  • Read zseano's methodology - Book
  • Params — Discovering Hidden Treasure in WebApps - Writeup
29
  • WebSockets and Hacking - Writeup
30
  • Pentesting API Top 10 - Talk
31
  • Read BugBounty BootCamp - Book
  • Bypassing SSRF Protection to Exfiltrate AWS Metadata from LarkSuite - Writeup
32
  • Android: Quick History on Smartphones - Video
  • Intro to App Development - Video
  • Top 25 Browser Extensions for Pentesters and Bugbounty Hunters (2022) - Writeup
33
  • Intro to Android Architecture and Security - Video
  • What is an Android Operating System & Its Features - Writeup
  • Android Internals 101: How Android OS Starts You Application - Writeup
  • Android Security Part 1- Understanding Android Basics - Writeup
34
  • Mobile Application Penetration Testing - TCM Course
35
  • Read BugBounty BootCamp - Book
36
  • Solved 1-10 Challenges of InjuredAndroid
  • Recon methodology of @GodfatherOrwa - Video
37
  • Read BugBounty BootCamp - Book
38
  • 1,2 Exercises: Android App Reverse Engineering 101
39
  • 3,4 Exercises: Android App Reverse Engineering 101
40
  • Android App Reverse Engineering LIVE! Part 1 - Workshop
41
  • Android Architecture + Static Analysis with apktool + gf + jadx
  • Insecure Logging & Storage + Setup Genymotion & pidcat
42
  • Troubleshooting connection between WSL and android emulator
43
  • Mobexler : A Mobile Application Penetration Testing Platform - Video
44
  • Android Pentesting Lab Setup - Writeup
45
  • Hacking Android Deeplink Issues and Insecure URL Validation - Video
46
  • SINGLE-SIGN-ON SECURITY ISSUES : BugBounty BootCamp - Book
47
  • Solved Flag 12 & 13 of Injured Android
48
  • Android SSL Pinning Bypass for Bug Bounties & Penetration Testing - Video
  • SSL Pinning in Android Part 1 - Writeup
  • SSL Pinning in Android Part 2 - Writeup
  • What is Android Rooting? - Writeup
  • Four Ways to Bypass Android SSL Verification and Certificate Pinning - Writeup
49
  • Bypassing OkHttp Certificate Pinning - Writeup
  • Disabling SSL Pinning in Android Apps using Frida / Objection - Writeup
  • How To Bypass Apps Root Detection In Android - Writeup
  • Bug Bounty on Android : setup your Genymotion environment for APK analysis - Writeup
50
  • The Ultimate Guide to Android SSL Pinning Bypass - Guide
51
  • OAuth terminologies and flows explained - Video
  • OAuth 2.0 Hacking Simplified — Part 1 — Understanding Basics - Writeup
  • OAuth 2.0 Hacking Simplified — Part 2 — Vulnerabilities and Mitigation - Writeup
52
  • Bug Bounty — Bypassing Endpoints - Writeup
53
  • How I made 25000 USD in bug bounties with reverse proxy - Writeup
54
  • Intercepting Android Emulator SSL traffic with burp using magisk - Writeup
55
  • Subdomains Tools Review: a full and detailed comparison of subdomain enumeration tools - Writeup
56
  • Lab: Authentication bypass via OAuth implicit flow
57
  • Web Authentication and Authorization Zine - Zine
58
  • Forced OAuth profile linking - Lab
  • OAuth account hijacking via redirect_uri - Lab
  • Stealing OAuth access tokens via an open redirect - Lab
59
  • ANDROID APP SECURITY BASICS (Static analysis - Part 1) - Video
60
  • HACKING ANDROID WebViews (Static analysis - Part 2) - Video
  • Getting Started with Android Application Security - Writeup
  • Android Pentest: Automated Analysis using MobSF - Writeup
  • Static Analysis of Android Application & Tools Used - Writeup
  • Complete Android Pentesting Guide - Writeup
61
  • Android App Security & Testing - Writeup
  • Exploiting Android activity android:exported="true" - Writeup
  • Exploiting Activity in medium android app - Writeup
62
  • Android Penetration Testing: Drozer - Writeup
63
  • Android Pentest: Deep Link Exploitation - Writeup
64
  • Android Applications Pentesting (Static Analysis) - HackTricks

learn365's People

Contributors

dn0m1n8tor avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.