100 Days to Hack and Improve

After finishing with OSCP cert and trying to expand the scope of learning and knowledge, pentesting in web applications didn’t sound like a bad idea knowing that people can legally do it among distint Bug Bounty platforms. The beginning of the journey seemed frustrating having many duplicates among different web vulnerabilities and programs. After looking on twitter some posts with the hashtag “#100daystolearnandimprove” starting with Aishwarya Kendle, the idea to start some kind of level up goal in 100 days seemed pretty interesting.

Fortunately, I won’t be walking through this path along due to my great collaborator Rajesh Ranjan had the idea to complete this goal as a manner of collaboration and open contribution. As young folks among the extensive infosec world, Rajesh and I will be sharing certain sources that have been helpful in our hunting journey. The soruces will vary from books, writeups, and amazing pentesters and hunters who share their talent in the infosec communities. Every post and day from 1 to 100 will be posted here. Every single feedback is welcome.

Sam (CoffeeJunkie) and Rajesh Ranjan bring an open scope among Open Redirect vulnerabilities, and interesting filters on Shodan in order to get interesting assets and results.

Sam (CoffeeJunkie) and Rajesh Ranjan bring a talk related to HTTP Parameter Pollution and SSL filters in shodan in order to find further vulnerabilities.

Sam (CoffeeJunkie) and Rajesh Ranjan talks about escalation and uses of CSRF and SSRF vulnerabilities.

Sam (CoffeeJunkie) and Rajesh Ranjan explain HTML injection, content spoofing, CRLF, and SSRF escalation vulnerabilities which can bring exploitation further in web applications.

Sam (CoffeeJunkie) and Rajesh Ranjan get into Cross Site Scripting with its filters and complexities, and an escalation for SSRF attacks that allows the attacker to read AWS data in EC2 buckets.

Sam (CoffeeJunkie) and Rajesh Ranjan explain recon for nested subdomains and template injections with it client-side and server-side

Sam (CoffeeJunkie) and Rajesh Ranjan explain SQLi, common findings for HTTP Splitting, and OAuth security and misconfigurations.

Sam (CoffeeJunkie) and Rajesh Ranjan extended recon with nmap and some internet tools, and SSRF capabilities.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about IDORs with less common attack vector, and XXE vulnerability found on Google

Sam (CoffeeJunkie) and Rajesh Ranjan talk about vertical and horizontal privilege escalation, and remote code execution.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about recon with wayback machine, and memory vulnerabilities and subdomain takeovers.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about finding possible parameters for XSS and SSRF with ParamSpider, also touch topics related to race conditions and IDORs.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about GitHub recon, logic and configuration vulnerabilities.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about GitHub recon automation, Shodan recon simplified, and dorks.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about Open Redirect escalation and capabilities, and Directory Traversal Attacks with its bypasses.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about file inclusion vulnerabilities and portscanning.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about Hostil Subdomain take over and HTTP Smuggling.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about the swiss knife ffuf.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about Account Take Overs due to chain vulnerabilities and CSRF attack examples.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about CSRF bypass protection and Path Traversal.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about JWT token and cool forgotten password functions!

Sam (CoffeeJunkie) and Rajesh Ranjan talk about attacks to Json Web Token and API Testing!

Sam (CoffeeJunkie) and Rajesh Ranjan talk about Google API Keys exploit and API testing findings.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about account takeovers and API keys.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about Server Site Template Injection (SSTI) and S3 buckets misconfiguration by parts.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a resource to bypass 2FA and part 2 on S3 buckets misconfigurations.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a pretty interesting attack called “Pixel that steals your data” and Vulnerability chaining such as Open Redirect and OAuth misconfiguration.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a good write up about rate limit and captcha bypass, also with deserialization attacks!

Sam (CoffeeJunkie) and Rajesh Ranjan talk about weak cryptography that achieves account takeover, and unrestricted file upload which leads RCE.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about two resources related to weak cryptography to open redirect and RCE examples for beginners!

Sam (CoffeeJunkie) and Rajesh Ranjan talk about SSRF and a case for bypassing a WAF for XSS.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about Information Disclosure and RXSS and IDORs on cookies.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about Privilege Escalation for JWT and LFI potentialities!

Sam (CoffeeJunkie) and Rajesh Ranjan talk about cases related to XSS and its capabilities such as privilege escalation and stealing plain text passwords.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a resource for XSS WAF bypass and Cracking Passwords from Response Headers!

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a resource related to server misconfigurations and a pretty simple SQL injection found on MEGA.NZ by Naresh LamGade

Sam (CoffeeJunkie) and Rajesh Ranjan talk about XSS escalation by PDF generation and database credential leakage!

Sam (CoffeeJunkie) and Rajesh Ranjan rest after a week with couple reports. Tomorrow monday we’ll see how they got solved, they still in triaged ! Besides that a write up about GraphQL and some Bill Hicks.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about Android vulnerabilities, a curious report about CRLF and Stored XSS, and a weekly report with bugs.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about JWT attacks and XSS based on POST request!

Sam (CoffeeJunkie) and Rajesh Ranjan talk about Security Assertion Markup Language (SAML) and XXE in POST Request Allowing XML and JSON in their Responses!

Sam (CoffeeJunkie) and Rajesh Ranjan talk about SAML Testing and Deserialization vulnerabilities and practice.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about Self XSS to CSRF and Unrestricted File Uploads Capabilities!

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a writeup related on bypassing CSRF protection to account take over, HTTP smuggling resources, and weekly report from Rajesh Ranjan and me (CoffeeJunkie).

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a resource for privilege escalation and how to avoid captchas while doing google dorks.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a quick review from Offensive AI

Sam (CoffeeJunkie) talk about simple SMTP Injections.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a SSRF found by nahamsec and a XSS bypass in namecheap.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a writeup source for path traversal and a simple use for amass.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a writeup source about vertical privilege escalation and finding endpoints.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a writeup source about the $8000 npm token and pretty good reports to learn from [H1-2006 2020] CTF by hipotermia](https://twitter.com/hipotermia), Bugra Eskici, and Robert Vulpe.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a new tool called Subvenkon and a exercise of hackthissite related to .htacces file and directory listing.

Sam (CoffeeJunkie) shares a handy tool from projectdiscovery called httpx.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about testing for Subdomain Takeover on Microsoft Azure and simply explaining “TE-CL” HTTP Request Smuggling attack.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a write up for an SSRF bug and a small script gathered from Ashish Kunwar that will test firebase API Keys.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a write up source related to Misconfigured CORS via Wildcard Subdomains and handy google dorks page.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a write up source for Bypassing MFA Implementation in OWA by Using EWS Misconfiguration and a tip from Adrien in order to find more endpoints in drupal CMS.

Sam (CoffeeJunkie) talk about tails on account take over. I found this worth reading due to the fact of the process thought of the writer.

Sam (CoffeeJunkie) talk about simple bash scripting for noobies :)

Sam (CoffeeJunkie) and Rajesh Ranjan talk about two account take overs from F1ras Fatnassi and Swapnil Maurya. Write ups are a huge contribution to the community which allows more people to learn and get a better approach of their targets. Thanks!

Sam (CoffeeJunkie) and Rajesh Ranjan talk about Reflected XSS, Client Side Template injection, and Covering a little on OAuth!

Sam (CoffeeJunkie) talk about some basic understanding about Javascript in web apps

Sam (CoffeeJunkie) intelligence X to spand OSINT and recon.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about recon in samsung repositories and harpoon for osint!

Sam (CoffeeJunkie) and Rajesh Ranjan talk about account takeover and favicon.ico for recon.

Sam (CoffeeJunkie) shares a resource for osint.

Sam (CoffeeJunkie) shares a writeup from Harsh Bothra.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about testing for Subdomain Takeover on Microsoft Azure and simply explaining “TE-CL” HTTP Request Smuggling attack.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a write up source on error base SQL and a good discover of SSRF on Zimbra by Yasho.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about HTTP Smuggling to Steal Access Token and SSRF on Vimeo.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a write up source related to github recon and a pretty good tool for URL tracking ;)

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a write up source deleting posts on facebook and account take over.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a write up source on Remote Code execution on Citrix and Deserialization learnings from Portswigger.

Sam (CoffeeJunkie) talks about a write up source related to information disclosure.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a write up source related to Zendesk takeover and a good Dafault HTTP hunter :)

Sam (CoffeeJunkie) and Rajesh Ranjan talk about a writeup source related to Blind XSS and JS files analysis.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about the exploit for shellshock and a nice site to find bug bounty tips.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about the exploit for shellshock and a nice site to find bug bounty tips.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about related to price manipulation and Cookie Based XSS Exploitation :)

Sam (CoffeeJunkie) shares some readings related to HTTP smuggling with 5 practical tips from Pieter :)

Sam (CoffeeJunkie) and Rajesh Ranjan talk about Host header injection to sql injection and some recon with intrigue io .

Sam (CoffeeJunkie) and Rajesh Ranjan talk about some readings on wfuzz for fuzzing and an alternative for directory brute forcing which is PathBrute.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about some readings on persistence for account take over and a pretty cool path traversal.

Sam (CoffeeJunkie) talk about some readings on DOM XSS due to the usage of paraminer.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about some readings on Hacking companies through help desk and reNgine for recon.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about some readings on HTTP Smuggling and one liner to grab spring boot in shodan!

Sam (CoffeeJunkie) and Rajesh Ranjan talk about some readings on HTTP Smuggling and one liner to grab spring boot in shodan!

Sam (CoffeeJunkie) and Rajesh Ranjan talk about some readings on information disclosure and XSS in hidden inputs.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about some readings on HTTP Smuggling and JSON leaked data.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about some readings on RustScan fast port scanner and WordPress plugin to Site Remote Takeover.

Sam (CoffeeJunkie) talk about some readings on Sam Curry’s find in starbucks.

Sam (CoffeeJunkie) talk about some readings on CWFF to make custom wordlists.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about some readings on business logic and CSRF protection bypass.

Due to travel reasons #100daystohackandimprove moved to twitter. The following days will be posted on Twitter till day 97.

Due to travel reasons #100daystohackandimprove moved to twitter. The following days will be posted on Twitter till day 97.

Due to travel reasons #100daystohackandimprove moved to twitter. The following days will be posted on Twitter till day 97.

Due to travel reasons #100daystohackandimprove moved to twitter. The following days will be posted on Twitter till day 97.

Sam (CoffeeJunkie) and Rajesh Ranjan talk about some readings on business logic and CSRF protection bypass.

Sam (CoffeeJunkie) talk about some readings on business logic and CSRF protection bypass.

Sam (CoffeeJunkie) to be done