# SRC-experience

**Repository Path**: wang_wei_chen/SRC-experience

## Basic Information

- **Project Name**: SRC-experience
- **Description**: No description available
- **Primary Language**: Unknown
- **License**: Not specified
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 0
- **Created**: 2020-02-29
- **Last Updated**: 2020-12-19

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

# SRC-experience
工欲善其事，必先利其器
最近收集到的一些src挖掘奇技淫巧，
然后还有一些国外新技术的学习网站分享给大家。

<https://www.bugbountynotes.com/training>

<https://pentester.land/newsletter/2019/02/12/the-5-hacking-newsletter-40.html>

**从别的地方扒来一些案例和知识点**
* [bugbountyguide](https://github.com/EdOverflow/bugbountyguide)
* [awesome-bug-bounty](https://github.com/djadmin/awesome-bug-bounty) - A comprehensive curated list of Bug Bounty Programs and write-ups from the Bug Bounty hunters
* [bugbounty-cheatsheet](https://github.com/EdOverflow/bugbounty-cheatsheet)
* [SRC漏洞挖掘小见解](http://www.mottoin.com/95043.html)
* [面向SRC的漏洞挖掘总结](http://blkstone.github.io/2017/05/28/finding-src-vuls/)
* [漏洞挖掘经验分享Saviour](https://xianzhi.aliyun.com/forum/topic/1214/)
* [我的SRC之旅](https://mp.weixin.qq.com/s/2ORHnywrxXPexviUYk7Ccg)
* [浅析通过"监控"来辅助进行漏洞挖掘](https://bbs.ichunqiu.com/thread-28591-1-1.html)
* [威胁情报-生存在SRC平台中的刷钱秘籍](https://bbs.ichunqiu.com/article-921-1.html)
* [威胁情报](https://mp.weixin.qq.com/s/v2MRx7qs70lpnW9n-mJ7_Q)
* [YSRC众测之我的漏洞挖掘姿势](https://bbs.ichunqiu.com/article-655-1.html)
* [SRC的漏洞分析](https://bbs.ichunqiu.com/thread-19745-1-1.html)
* [众测备忘手册](https://mp.weixin.qq.com/s/4XPG37_lTZDzf60o3W_onA)
* [挖洞技巧：如何绕过URL限制](https://www.secpulse.com/archives/67064.html)
* [挖洞技巧：APP手势密码绕过思路总结](https://www.secpulse.com/archives/67070.html)
* [挖洞技巧：支付漏洞之总结](https://www.secpulse.com/archives/67080.html)
* [挖洞技巧：绕过短信&邮箱轰炸限制以及后续](http://mp.weixin.qq.com/s/5OSLC2GOeYere9_lT2RwHw)
* [挖洞技巧：信息泄露之总结](https://www.secpulse.com/archives/67123.html)
* [一些逻辑](https://secvul.com/topics/924.html)
* [OSS对象存储上传解析漏洞](https://xianzhi.aliyun.com/forum/topic/2078)
* [任意文件下载引发的思考](https://www.secpulse.com/archives/68522.html)
* [两种密码重置之综合利用](http://www.freebuf.com/articles/network/166520.html)
* [任意用户密码重置](http://www.freebuf.com/articles/web/166667.html)
* [通用性业务逻辑组合拳劫持你的权限](https://www.anquanke.com/post/id/106961)

新的一年祝大家挖洞必高危。