🪴 Quartz 4.0

      • 00. OSCP HTB Tracker (0xdf List)
      • GTR - Got To Remember
      • HTB - Active
      • HTB - Broker
      • HTB - Cascade
      • HTB - Certified
      • HTB - Cicada
      • HTB - Escape
      • HTB - Forest
      • HTB - Heist
      • HTB - Help
      • HTB - Intelligence
      • HTB - Jeeves
      • HTB - Manager
      • HTB - Monteverde
      • HTB - Networked
      • HTB - Querier
      • HTB - Return
      • HTB - Sauna
      • HTB - TheFrizz
      • HTB - Timelapse
        • Abusing VPNs
        • Active Directory: BloodHound
        • Active Directory: Impacket
        • Active Directory: NetExec (nxc)
        • Active Directory: Responder
        • AD Credential Looting (Mimikatz & SAM)
        • Exploitation: Metasploit Framework (msfconsole)
        • Exploitation: SQLMap
        • Hashcat
        • Linux File Transfer
        • Linux Privilege Escalation (Manual)
        • OSINT: Domain Enumeration
        • Pivoting & Tunneling (Ligolo-ng & Chisel)
        • Scanning: Nmap
        • Web Hacking: Exploitation (XSS, Command Injection, File Upload)
        • Web Hacking: Fuzzing & Directory Busting
        • Windows File Transfer
        • Windows Privilege Escalation (Manual)
            • XSS
            • XSS-Labs
          • 00 - Methodology
          • 00 - Reconnaissance and Information Gathering
          • 01 - Authentication and Authorization Attacks
          • 02 - Local and Remote File Inclusion
          • 03 - SQL Injection
          • 04 - XSS
          • 05 - Command Injection
          • 06 - Server Side Template Injection (SSTI)
          • 07 - XML External Entity (XXE)
          • 08 - Insecure File Upload
          • 09 - Recon Automation
          • 10 - Client-Site Request Forgery
          • 11 - Server-Side Request Forgery
          • 12 - Other Vulnerabilties
          • 13 - WAF Bypass
          • 14 - Exam Prep (PJWPT)
    Home

    ❯

    Web Application Security

    ❯

    Practical Bug Bounty

    Folder: Web-Application-Security/Practical-Bug-Bounty

    16 items under this folder.

    • Jul 08, 2026

      00 - Methodology

      • Jul 08, 2026

        00 - Reconnaissance and Information Gathering

        • Jul 08, 2026

          01 - Authentication and Authorization Attacks

          • Jul 08, 2026

            02 - Local and Remote File Inclusion

            • Jul 08, 2026

              03 - SQL Injection

              • Jul 08, 2026

                04 - XSS

                • Jul 08, 2026

                  05 - Command Injection

                  • Jul 08, 2026

                    06 - Server Side Template Injection (SSTI)

                    • Jul 08, 2026

                      07 - XML External Entity (XXE)

                      • Jul 08, 2026

                        08 - Insecure File Upload

                        • Jul 08, 2026

                          09 - Recon Automation

                          • Jul 08, 2026

                            10 - Client-Site Request Forgery

                            • Jul 08, 2026

                              11 - Server-Side Request Forgery

                              • Jul 08, 2026

                                12 - Other Vulnerabilties

                                • Jul 08, 2026

                                  13 - WAF Bypass

                                  • Jul 08, 2026

                                    14 - Exam Prep (PJWPT)


                                    Created with Quartz v4.4.0 © 2026

                                    • GitHub
                                    • Discord Community