Gabrielle B.

[𝐅𝐑𝐄𝐄 𝐑𝐄𝐒𝐎𝐔𝐑𝐂𝐄𝐒 - 𝐁𝐔𝐆 𝐁𝐎𝐔𝐍𝐓𝐘]

Want to get into Bug Bounty? Here is a list of resources

👉 A great introduction on how to get into bug bounty by Katie Paxton-Fear
https://lnkd.in/eEf6b5AN

👉 A list of bug bounty platforms by Bughacking
https://lnkd.in/eQk9jk7M

👉 A list of bug bounty programs by vpnmentor:
https://lnkd.in/eECUuYgp

👉 Want to apply to the Synack Red Team Artemis program?
An exclusive community open to security professionals who identify as women, trans and nonbinary people, and others who identify as a gender minority. See this link:
https://lnkd.in/eD_XDm4j

👉 Farah Hawa has a great video about bug bounty resources:
https://lnkd.in/ea-Nn2KB

👉 The Bug Hunter Handbook by Gowthams
https://lnkd.in/eW6awYWU

👉 A repo “AllAboutBugBounty” by daffainfo
https://lnkd.in/evPuwGKZ

🚨🚨 𝐒𝐇𝐀𝐑𝐄 - Do you know other resources? Please share them in the comment🚨🚨

➡️ 𝐅𝐎𝐋𝐋𝐎𝐖 𝐌𝐄 on github for more pentest tips: https://github.com/CSbyGB ⬅️

⚠️Disclaimers: 
*1 This is provided for educational and informational purpose only
*2 Please note that the term “pentesting“ (or “hacking,“ “bug bounty,“ “red teaming,“ etc.) is used in a legal context as a type of intrusion test to identify vulnerabilities and improve security measures. It is not intended for malicious purposes but rather for the greater good of enhancing cybersecurity.⚠️

#cybersecurity #cybersécurité #bugbounty

[𝐅𝐑𝐄𝐄 𝐑𝐄𝐒𝐎𝐔𝐑𝐂𝐄𝐒 - 𝐒𝐄𝐂𝐔𝐑𝐄 𝐂𝐎𝐃𝐄 𝐑𝐄𝐕𝐈𝐄𝐖]

For any pentest methodologies, it is always useful to know about code.
Furthermore, for white box pentest, you will need to do secure code review and be able to find vulnerabilities by reading the code.
Want to know more about this subject?
This post is for you.

👉 𝗪𝗵𝗮𝘁 𝗶𝘀 𝘀𝗲𝗰𝘂𝗿𝗲 𝗰𝗼𝗱𝗲 𝗿𝗲𝘃𝗶𝗲𝘄?
🌟 How to Identify Vulnerabilities in code – Manual Code Review on Hackingloops
https://lnkd.in/eGdQrB_Q

🌟 Security Code Review 101 by Paul Ionescu:
https://lnkd.in/en6gKsfJ

🌟 OWASP® Foundation Secure Coding Practice
https://lnkd.in/eEAA7Jcf

👉 𝗜𝗻𝘁𝗿𝗼𝗱𝘂𝗰𝘁𝗶𝗼𝗻 𝘁𝗼 𝘀𝗲𝗰𝘂𝗿𝗲 𝗰𝗼𝗱𝗲 𝗿𝗲𝘃𝗶𝗲𝘄
🌟 Farah Hawa’s post about the subject:
https://lnkd.in/eE_zZqdx

🌟 Introduction to Secure Code Review on PentesterLab: 
https://lnkd.in/gXjm_MbJ

🌟 Freddy Macho’s Code review checklist
https://lnkd.in/e2vcqR4M

🌟 Check out the dedicated section on Secure Code Review on my pentips
https://lnkd.in/ehp4M9rp

👉 𝗣𝗿𝗮𝗰𝘁𝗶𝗰𝗲 𝗮𝗻𝗱 𝘀𝗵𝗮𝗿𝗽𝗲𝗻 𝘆𝗼𝘂𝗿 𝗿𝗲𝘃𝗶𝗲𝘄𝗲𝗿 𝘀𝗸𝗶𝗹𝗹𝘀
🌟 Security training platform for devs Hacksplaining:
https://lnkd.in/gqrXr544

🌟 Join the We Hack Purple Community to talk about secure code practice and more
https://lnkd.in/e2FCKTx5

👉 𝗧𝗼𝗼𝗹𝘀
🌟  Code Review and Static Code Analysis on We Hack Purple
https://lnkd.in/er3qnSd7

🌟 Code Review tools on HackTricks
https://lnkd.in/e93pWfni

🌟 Awesome DevSecOps by TaptuIT
https://lnkd.in/eWSpZWN6

🚨🚨 𝐒𝐇𝐀𝐑𝐄 - Do you know other resources? Please share them in the comment🚨🚨

➡️ 𝐅𝐎𝐋𝐋𝐎𝐖 𝐌𝐄 on github for more pentest tips: https://github.com/CSbyGB ⬅️

⚠️Disclaimers: 
*1 This is provided for educational and informational purpose only
*2 Please note that the term “pentesting“ (or “hacking,“ “bug bounty,“ “red teaming,“ etc.) is used in a legal context as a type of intrusion test to identify vulnerabilities and improve security measures. It is not intended for malicious purposes but rather for the greater good of enhancing cybersecurity.⚠️

#cybersecurity #cybersécurité #pentest

[𝗙𝗥𝗘𝗘 𝗥𝗘𝗦𝗢𝗨𝗥𝗖𝗘𝗦 - 𝗣𝗘𝗡𝗧𝗘𝗦𝗧 𝗧𝗢𝗢𝗟𝗦]

There are many different tools for each phase of a pentest. But how to choose?
These resources can help you:

👉 See Rajneesh G.’s post about some of the Practical web Pentesting tools. He even shared them according to the pentest steps:
https://lnkd.in/ei7R8gsx
🚨 Follow Rajneesh he offers amazing content 🚨

👉 You know the Nmap project? Well they have a list of the top 125 Network Security Tools:
https://sectools.org/

👉 You want Open Source?
🌟Drew Robb shared a Top 24 on eSecurity Planet:
https://lnkd.in/ezNgTvfF

🌟And SANS has a list of tools including plenty of pentest tools: 
https://lnkd.in/eHmusQYg

👉 Finally arch3rPro has an amazing amount of tools listed on github:
https://lnkd.in/eA988c_k

𝐒𝐇𝐀𝐑𝐄 - Do you know other resources? Please share them in the comment

➡️ 𝐅𝐎𝐋𝐋𝐎𝐖 𝐌𝐄 on github for more pentest tips: https://github.com/CSbyGB ⬅️

⚠️Disclaimers: 
*1 This is provided for educational and informational purpose only
*2 Please note that the term “pentesting“ (or “hacking,“ “bug bounty,“ “red teaming,“ etc.) is used in a legal context as a type of intrusion test to identify vulnerabilities and improve security measures. It is not intended for malicious purposes but rather for the greater good of enhancing cybersecurity.⚠️

#cybersecurity #cybersécurité #pentest