bugbounty-cheatsheet
big-list-of-naughty-strings
Our great sponsors
bugbounty-cheatsheet | big-list-of-naughty-strings | |
---|---|---|
3 | 41 | |
5,561 | 45,851 | |
- | - | |
0.0 | 0.0 | |
8 months ago | 11 days ago | |
Python | ||
Creative Commons Attribution Share Alike 4.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
bugbounty-cheatsheet
big-list-of-naughty-strings
- What's that touchscreen in my room?
-
Horrib
Related: https://github.com/minimaxir/big-list-of-naughty-strings
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
- The Big List of Naughty Strings
-
Super sorry to the guy with the username reset on GitHub
Sounds like we need to use the Big List Of Naughty Strings to weed out troublesome usernames...
https://github.com/minimaxir/big-list-of-naughty-strings
- API Security Testing
-
Discussion Thread
oh boy oh boy https://github.com/minimaxir/big-list-of-naughty-strings
-
100+ Must Know Github Repositories For Any Programmer
2. Big List of Naughty Strings
- A Summary of Fuzzing Tools and Dictionaries For Bug Bounty Hunters
- Damned dirty input
What are some alternatives?
API-Security-Checklist - Checklist of the most important security countermeasures when designing, testing, and releasing your API
SecLists - SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
wstg - The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
CheatSheetSeries - The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
sql-injection-payload-list - 🎯 SQL Injection Payload List
ms-teams-rce
command-injection-payload-list - 🎯 Command Injection Payload List
eslint-plugin-no-unsanitized - Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike
ssti-payloads - 🎯 Server Side Template Injection Payloads
javascript-questions - A long list of (advanced) JavaScript questions, and their explanations :sparkles:
can-i-take-over-xyz - "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
content - The content behind MDN Web Docs