MindMaps ๐บ๏ธ
This repository stores and houses various Mindmaps for bug bounty Hunters
๐งโ๐ฆฐ , pentesters๐งโ๐ฆฐ and offensive(๐ด )/defensive(๐ต ) security Professionals๐ซ provided by me as well as contributed by the community๐ง๐ปโ๐คโ๐ง๐ฝ. Your contributions and suggestions are welcomed.
| Name | Link | Type | Description | Author |
|---|---|---|---|---|
| Bug Hunters Methodology | This Mindmap explains how to test for bugs on Bug bounty programs | Jhaddix | ||
| Fiding Server side issues | This mind-map explains how to look for server side issues on your bug-bounty/pentest targets | Imran parray | ||
| Javascript Recon | How to perform recon on JavaScript files | Imran parray | ||
| My Recon | This mind-map explains how to look for various server side and client side bugs on Bug bounty programs | Imran parray | ||
| Testing 2FA | How to test 2FA for Bugs | hackerscrolls | ||
| Testing 2FA [2] | How to test 2FA for Bugs | hackerscrolls | ||
| 2FA Bypass Techniques | 2FA Bypass Techniques | Harsh Bothra | ||
| Android Attacker Vectors | Detailed Mindmap on How to find and exploit Android bugs. | hackerscrolls | ||
| Testing oAuth for Vulnerabilities | How to test Oauth for Bugs | hackerscrolls | ||
| Security Assesment Mindmap | General security Assessment Mind-map | Sopas | ||
| Red Teaming Mind Map from The Hacker Playbook 3 | Mind-map containing several techniques and approaches used by Red team members | Marcon Lencini | ||
| SSRF MindMap | How to test SSRF for Bugs | hackerscrolls | ||
| Code Review Mindmap | Mindmap containing several techniques and approaches that can be used during code reviews. | www.amanhardikar.com | ||
| Android Application Penetration Testing Mindmap | A simple mind-map which explains various test cases around Android Application Penetration Testing | Harsh Bothra | ||
| Cookie Based Authentication Vulnerabilities | a comprehensive Mind-map which includes various techniques to test Cookie based authentication mechanism. | Harsh Bothra | ||
| Tesing JIRA for CVE's | Detailed Mind-map on How to find and exploit JIRA CVE's. | Harsh Bothra | ||
| Scope Based Testing | This Mind-map explains how to test for bugs based on the scope of your target. | Harsh Bothra | ||
| OAuth 2.0 Threat Model Pentesting Checklist | The following checklist represents a simplified visual alternative to IETF OAuth 2.0 Security Best Current Practice publication combined with various other public resources we found usefull. | Binary Brotherhood | ||
| Bug Bounty Platforms | list of bug bounty platform available | fujie gu | ||
| Web App Pentest | Web application Pentest Mindmap | Ding Jayway | ||
| Web App Pentest | This mind-map has the list of bugs and the corresponding tools and techniques used to find those bugs | Ninad Mathpati | ||
| Mobile Security Mindmap | a comprehensive Mind-map which includes various techniques to test Mobile Application for security issues | Aman Hardikar | ||
| Web Security Field Mindmap | This mindmap is an combination of Web Attacks, AppSec and Bug Bounty stuff | jois | ||
| Security Consulting & Implementation | Security Consulting & Implementation mindmap | Lawrence Pingree | ||
| Information Security Technologies & Markets | This Mindmap is an combination of Information Security Technologies & Markets | ovens ffdf | ||
| Information Security Technologies & Markets | This mindmap contains different Information Security Technologies & Markets | John Fortner | ||
| Nmap Scans Mindmap | This mindmap show how different type of scans can be performed via Nmap Scanner | Only Hacker | ||
| Cross Site Request Frogery Mindmap | This mindmap show how different type of security tests can be performed while testing CSRF | alexlauerman | ||
| Access Control Vulnerabilities | List of Techniques that can be use to test access control models of an Application | Pratik Gaikwad | ||
| CISO MindMap 2021 | is the latest and updated CISO MindMap for 2021 with a number of updates and new recommendations for 2021-22 | Rafeeq Rehman | ||
| Common Vulnerabilites on Forgot Password Functionality | List of Test cases that can be perform on an Forgot password functionalities within the web apps | Harsh Bothra | ||
| Common XML Attacks | In this Mindmap Harsh Bothra Tired to list all the attacks that can be performed on an XML endpoints/services | Harsh Bothra | ||
| Copy of Vulnerability Checklist for SAML | List of all the Vulnerability that can be tested on SAML Endpoints/Services | Harsh Bothra | ||
| Exploting Grafana | Possible test cases to Exploit Publicly Avilable Grafa Instance | Muhammad Daffa | ||
| FILE READ vulnerabilities | Practical strategies for exploiting FILE READ vulnerabilities | Lukasz Mikuลa | ||
| The Cyber Guy - Recon | in this mindmap the CyberGuy shares his Recon Methodology | theCyberGuy0 | ||
| Penetration Testing Certifications | in this mindmap Tahar Tries to uncover the list of Certification in the field of Penetration testing | MrTaharAmine | ||
| Linux Privilege Escalation | this mindmap shows several linux privilege escalation Techniques | Source |
%20-%20hackerscroll/Testing%202FA.jpeg){kind=link}
Special Thanks to all the authors for publishing these mindmaps