#Learn365

The purpose of #Learn365 collection is to create informational content in multiple codecs and share with the community to allow knowledge advent and studying. Inspired by @harshbhotra

Resources

Days	Topic
Day 1	SSRF,RedTeam
Day 2	SSRF,RedTeam,THM Room
Day 3	SSRF,RedTeam,THM Room
Day 4	Broken Link Hijacking, THM Room
Day 5	Blind XSS,THM Room
Day 6	log4j, THM Room
Day 7	Password Reset link not expire, THM Room
Day 8	DMARC, THM Room
Day 9	CSRF, Linux PrivEsc
Day 10	Clickjacking, Linux PrivEsc
Day 11	Live Bug Hunting, Linux PrivEsc
Day 12	Bug Bounty Wordlist, Linux PrivEsc
Day 13	OWASP Web Application Security Testing, THM Room
Day 14	4.1.2 OWASP Fingerprint Web Server, THM Room
Day 15	4.1.3 OWASP Review Webserver Metafiles for Information Leakage, THM Room
Day 16	4.1.4 Enumerate Applications on Webserver
Day 17	4.1.5 Review Webpage Content for Information Leakage, THM Room
Day 18	4.1.6 Identify Application Entry Points
Day 19	4.1.7 Map Execution Paths Through Application, Github Recon
Day 20	4.1.8 Fingerprint Web Application Framework, Recon Techniques
Day 21	4.1.9,10 Map Application Architecture, THM Room
Day 22	4.2 Configuration and Deployment Management Testing, THM Room
Day 23	4.2.2 Test Application Platform Configuration, THM Room
Day 24	4.2.3 Test File Extensions Handling for Sensitive Information, THM Room
Day 25	4.2.4 Review Old Backup and Unreferenced Files for Sensitive Information, THM Room
Day 26	4.2.5 Enumerate Infrastructure and Application Admin Interfaces, THM Room
Day 27	4.2.6 Test HTTP Methods (with Video), THM Room
Day 28	4.2.7 Test HTTP Strict Transport Security (HSTS), THM Room
Day 29	4.2.8 Test RIA Cross Domain Policy, THM Room
Day 30	4.2.9 Test File Permission, THM Room
Day 31	4.2.10 Test for Subdomain Takeover, THM Room
Day 32	4.2.11 Test Cloud Storage, THM Room, eJPT
Day 33	4.2.12 Test for Content Security Policy, THM Room, eJPT
Day 34	4.3.1 Test Role Definitions, THM Room, eJPT
Day 35	4.3.2 Test User Registration Process
Day 36	4.3.3 Test Account Provisioning Process
Day 37	4.3.4 Testing for Account Enumeration and Guessable User Account
Day 38	4.3.5 Testing for Weak or Unenforced Username Policy, THM Room
Day 39	4.4.1 Testing for Credentials Transported over an Encrypted Channel
Day 40	4.4.2 Testing for Default Credentials
Day 41	CSRF
Day 42	Open Redirect
Day 43	log4j
Day 44	JWT attacks
Day 45	Content Discovery
Day 46	Idor
Day 47	Account takeover
Day 48	RCE on a Java Web Application
Day 49	Dependency Confusion
Day 50	Automate Blind XSS
Day 51	Finding And Exploiting S3 Amazon Buckets For Bug Bounties
Day 52	Web Cache Poisioning attack
Day 53	Unique Case for Price Manipulation
Day 54	Account takeover via the Password Reset Functionality
Day 55	API Token Hijacking Through Clickjacking, THM Room
Day 56	API Exploitation --→ Business Logic Bug
Day 57	Attended Infosec Community Conference on : Android Static Analysis
Day 58	Finding bugs on NFT website for fun & Profit by zseano
Day 59	EXIF Geolocation Data Not Stripped From Uploaded Images
Day 60	Thick Client Pentesting
Day 61	Conduct a Penetration Test Like a Pro in 6 Phases
Day 62	Firewall Penetration Testing
Day 63	Host Discovery & Vulnerability Scanning With Nessus
Day 64	AWS Web Application Firewall (WAF), 5 Exercise Pentesterlabs
Day 65	Introduction To Pentesting - Enumeration, 6 Pentesterlab Exercise
Day 66	Bypassing CSRF Protection, 5 Pentesterlab Exercise
Day 67	HTML Injection
Day 68	Exploiting SQL Injection, Completed Pentesterlab Unix Badge
Day 69	A Weird Price Tampering Vulnerability, Security Operations Center (SOC)
Day 70	A Summary of OAuth 2.0 Attack Methods
Day 71	6 Methods to bypass CSRF protection on a web application
Day 72	Two-factor authentication security testing and possible bypasses
Day 73	10 Types of Web Vulnerabilities that are Often Missed, Understanding BOLA
Day 74	My First Bug Bounty: SQL Injection, SQL INJECTION VULNERABILITY
Day 75	Dank Writeup On Broken Access Control, Bug bounty tips for broken access control on BurpSuite Part 1