Bug Bounty Tips

General

# This section will be mainly used to store information found on Twitter
# About some bug bounty tips & web tricks


Password Reset

https://twitter.com/HusseiN98D/status/1254888748216655872/photo/1
# 1/ Include controlled mail as a second parameter
# 2/ Bruteforce reset token
# 3/ Try to use a reset token on another account
# 4/ Try to figure out how token are generated