Add this Regex in your Burpsuite to Filter out Potential Parameters.
๐ฅ
๐๐๐ฃ๐ : https://twitter.com/thecybertix/status/1687004260846968832?t=B24H82qV0Iu4R500qLza7w&s=19
๐ฅ
๐๐๐ฃ๐ : https://twitter.com/thecybertix/status/1687004260846968832?t=B24H82qV0Iu4R500qLza7w&s=19
X (formerly Twitter)
Cybertix (@thecybertix) on X
Add this Regex in your Burpsuite to filter out Potential Parameters:
(?i)\b\w*id\b(?!\w)\s*=\s*("[^"]*"|'[^']*'|[^&\s}]*)
๐๐ช๐๐จ๐๐ง๐๐๐ ๐ฉ๐ค ๐ค๐ช๐ง ๐๐ค๐ช๐๐ช๐๐ ๐พ๐๐๐ฃ๐ฃ๐๐ก:
https://t.co/hsohFNvIcT
Follow us๐
#bugbountytips #BugBounty #IDOR #bug #hackerone #bounty
(?i)\b\w*id\b(?!\w)\s*=\s*("[^"]*"|'[^']*'|[^&\s}]*)
๐๐ช๐๐จ๐๐ง๐๐๐ ๐ฉ๐ค ๐ค๐ช๐ง ๐๐ค๐ช๐๐ช๐๐ ๐พ๐๐๐ฃ๐ฃ๐๐ก:
https://t.co/hsohFNvIcT
Follow us๐
#bugbountytips #BugBounty #IDOR #bug #hackerone #bounty
Forwarded from Jeetendra Joshi
## Test For SQL Injection
[ ] Test SQL Injection on authentication forms
[ ] Test SQL Injection on the search bar
[ ] Test SQL Injection on editable characteristics
[ ] Try to find SQL keywords or entry point detections
[ ] Try to inject SQL queries
[ ] Use tools like SQLmap or Hackbar
[ ] Use Google dorks to find the SQL keywords
[ ] Try GET based SQL Injection
[ ] Try POST based SQL Injection
[ ] Try COOKIE based SQL Injection
[ ] Try HEADER based SQL Injection
[ ] Try SQL Injection with null bytes before the SQL query
[ ] Try SQL Injection with URL encoding
[ ] Try SQL Injection with both lower and upper cases
[ ] Try SQL Injection with SQL Tamper scripts
[ ] Try SQL Injection with SQL Time delay payloads
[ ] Try SQL Injection with SQL Conditional delays
[ ] Try SQL Injection with Boolean based SQL
[ ] Try SQL Injection with Time based SQL
Follow on Twitter(X) : twitter.com/SH3lLH4CK3R
Join Telegram : t.me/Sh3llh4ck3r_Seโฆ
Subscribe YouTube : youtube.com/@newbiehackers
Follow on Instagram : instagram.com/sh3llh4ck3r
#bugbounty #ethicalhacking #hackforgood #infosec #cybersec #cybersecurity #informationsecurity
#smartcontract #blockchain #hacking #Web3Community #web3security #bugbounty #bugbountytips #sqlinjection
#Ethereum #howtohack #hackerone #immunefy #opensource #bugcrowd #solidity #programming
[ ] Test SQL Injection on authentication forms
[ ] Test SQL Injection on the search bar
[ ] Test SQL Injection on editable characteristics
[ ] Try to find SQL keywords or entry point detections
[ ] Try to inject SQL queries
[ ] Use tools like SQLmap or Hackbar
[ ] Use Google dorks to find the SQL keywords
[ ] Try GET based SQL Injection
[ ] Try POST based SQL Injection
[ ] Try COOKIE based SQL Injection
[ ] Try HEADER based SQL Injection
[ ] Try SQL Injection with null bytes before the SQL query
[ ] Try SQL Injection with URL encoding
[ ] Try SQL Injection with both lower and upper cases
[ ] Try SQL Injection with SQL Tamper scripts
[ ] Try SQL Injection with SQL Time delay payloads
[ ] Try SQL Injection with SQL Conditional delays
[ ] Try SQL Injection with Boolean based SQL
[ ] Try SQL Injection with Time based SQL
Follow on Twitter(X) : twitter.com/SH3lLH4CK3R
Join Telegram : t.me/Sh3llh4ck3r_Seโฆ
Subscribe YouTube : youtube.com/@newbiehackers
Follow on Instagram : instagram.com/sh3llh4ck3r
#bugbounty #ethicalhacking #hackforgood #infosec #cybersec #cybersecurity #informationsecurity
#smartcontract #blockchain #hacking #Web3Community #web3security #bugbounty #bugbountytips #sqlinjection
#Ethereum #howtohack #hackerone #immunefy #opensource #bugcrowd #solidity #programming
X (formerly Twitter)
Jeetendra Joshi ๐ฎ๐ณ (@SH3lLH4CK3R) on X
๐๐Bug Hunter | Smart Contract Security | CTF Player | Exploit Developer | Python Developer | Web Application Security | Solidity Developer |