Security Research

Proof of Concepts As someone wise once said, "POC or GTFO". Share your favorite security write-ups and POC's with the community. Share your POCs, share others'. Discuss them here. Tools Discussion Chat about tools that are new to you or new to the world. Discuss what works, what doesn't, how things could improve, etc. Tool Talk. Tool Time.
Researcher Resources - Getting Started [Security Research] (13)
Researcher Resources - Tutorials [Security Research] (9)
Researcher Resources - Bounty Bug Write-ups [Security Research] (2)

This is a collection of bug bounty reports that were submitted by security researchers in the infosec community. These write-ups are a great way to learn from fellow hackers. Web Hacking Uber Bug Bounty Turning Self-…

Researcher Resources: Thick Client Focused [Security Research] (3)

A collection of thick client specific resources. A handy list for your reference! Books: * Hacking - the Art of Exploitation (2nd edition) * Hacker Disassembling Uncovered * The Shellcoders Handbook - Discovering And E…

Researcher Resources: Mobile Focused [Security Research] (3)

A collection of Mobile specific resources. You may see these elsewhere, but this is a handy list for your reference! Resources compiled by Bugcrowd's Director of Technical Operations, Jason Haddix: Mobile App Security …

No Automation need some help [Tools Discussion] (4)
Harder than Normal Anti-Jailbreak code (Mobile - iOS) [Tools Discussion] (3)
Researcher Resources - Tools ( 2 3 ) [Tools Discussion] (49)
Share a link to your security blog [Security Research] (18)
Are Google Dorks often Leveraged [Tools Discussion] (4)
Researcher Resources - How to become a Bug Bounty Hunter ( 2 ) [Security Research] (31)
Link rel=canonical XSS exploitation [Security Research] (5)
Any Idea to Trigger Execution of JavaScript in rel Tag [Security Research] (3)
Is Burp Suite Spider and Intruder Safe? [Tools Discussion] (4)
Strategy for testing multiple applications [Security Research] (2)
What are your favorite Firefox add-ons for penetration testing? [Security Research] (2)
VPS or a local VM? [Security Research] (3)
HUNT burp extension [Tools Discussion] (3)
Bulk IP scanning for ports by masscan [Tools Discussion] (8)
Looking for ways to do some undetecable web crawling [Security Research] (11)
XSS in Search bar [Security Research] (3)
Dirb Issues and further dir hunting [Tools Discussion] (5)
Bug hunter build-out? [Tools Discussion] (3)
Getting started in mobile app testing [Security Research] (13)
Gmail phishing command and control framework [Tools Discussion] (2)
Open Redirect Vulnerability [Security Research] (7)
Is this considered directory traversal? [Security Research] (3)
Free hacking books [Security Research] (2)
Best way to get into RCE XXE SSRF? [Security Research] (3)
Writing a bug report - Attack Scenario and Impact are key! [Security Research] (4)