{"version":1,"pages":[{"id":"DGQF0fPRnWEJX8CRei37","title":"HowToHunt.md","pathname":"/howtohunt","siteSpaceId":"sitesp_znjOQ","description":""},{"id":"GXWcz6VKvZmEcBOafhKO","title":"Hidden API Functionality Exposure","pathname":"/howtohunt/api-testing/hidden_api_functionality_exposure","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"API Testing"}]},{"id":"9HJVvkBCen0AfuBPUVgB","title":"Reverse Engineer an API","pathname":"/howtohunt/api-testing/reverse_engineer_an_api","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"API Testing"}]},{"id":"-MdQ3Xjbh-n61OEJXYjT","title":"Account Takeover Methodology","pathname":"/howtohunt/account-takeover-methodology/account_takeovers_methods","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Account Takeover Methodology"}]},{"id":"-MdQ5H-KAoA4rUJb8X_x","title":"Application Level DoS Methods","pathname":"/howtohunt/application-level-dos/ald_methods","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Application Level DoS"}]},{"id":"-MQVM13bif9vp5sC_zYi","title":"2FA Bypasses","pathname":"/howtohunt/authentication-bypass/2fa_bypasses","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Authentication Bypass"}]},{"id":"-MdQ5H-OHvOKyNRqfq7W","title":"OTP Bypass","pathname":"/howtohunt/authentication-bypass/otp_bypass","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Authentication Bypass"}]},{"id":"0EWTdxirFBkWgslr6D9P","title":"Account Ban Bypass","pathname":"/howtohunt/authentication-bypass/account_ban_bypass","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Authentication Bypass"}]},{"id":"-MQVM13ggHPDu8JpBTTa","title":"Broken-Link Hijacking","pathname":"/howtohunt/broken-link-hijacking/brokenlinkhijacking","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Broken-Link Hijacking"}]},{"id":"-MQVM13ji4Xz85kMvxO8","title":"Session Based Bugs","pathname":"/howtohunt/broken-auth-and-session-management/session_based_bugs","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Broken Auth And Session Management"}]},{"id":"0rcXAodTpOxkc8VyRORF","title":"AEM","pathname":"/howtohunt/cms/aem","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"CMS"}]},{"id":"taQVFEC047mex6x1TC6X","title":"Drupal","pathname":"/howtohunt/cms/drupal","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"CMS"}]},{"id":"-MQVM13p4pBOs4HLqX7f","title":"Wordpress","pathname":"/howtohunt/cms/wordpress","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"CMS"}]},{"id":"RWmD1WKAgHHgDzc4Cy36","title":"Moodle","pathname":"/howtohunt/cms/moodle","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"CMS"}]},{"id":"-MQVM13sb80UGiv9Jd2V","title":"CORS","pathname":"/howtohunt/cors/cors","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"CORS"}]},{"id":"-MQVXsz7YC_0HaaBPyRW","title":"CORS Bypasses","pathname":"/howtohunt/cors/cors_bypasses","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"CORS"}]},{"id":"A7b7hLIWXQhQ0F0WYAqA","title":"CSRF","pathname":"/howtohunt/csrf/csrf","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"CSRF"}]},{"id":"-MQVNAtbfMgyohUw3nDu","title":"CSRF MindMap","pathname":"/howtohunt/csrf/csrf-1","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"CSRF"}]},{"id":"-MQVXszBcVRQgz5-Dm4H","title":"CSRF Bypass","pathname":"/howtohunt/csrf/cross_site_request_forgery_bypass","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"CSRF"}]},{"id":"-MQVNAtf4gGwa7boryfN","title":"CVES","pathname":"/howtohunt/finding-cves/easycve","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Finding CVEs"}]},{"id":"-MQVQTY6FdEbAXKPkHBG","title":"Web Application Pentesting Checklist","pathname":"/howtohunt/checklist/web-application-pentesting-checklist","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"CheckList"}]},{"id":"-MQVXszMKdBL43d9i7tR","title":"Web Page Code Review Tips","pathname":"/howtohunt/web-page-source-code-review/codereviewtips","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Web Page Source Code Review"}]},{"id":"-MQVXszP0TQ-kNP8FbZN","title":"EXIF Geo Data Not Stripped","pathname":"/howtohunt/exif-geo-data-not-stripped/exif_geo","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"EXIF Geo Data Not Stripped"}]},{"id":"R5M2Wnkt6p0rY6u5sljn","title":"File Upload Bypass","pathname":"/howtohunt/file-upload-bypass/file_upload","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"File Upload Bypass"}]},{"id":"-MQVXszV5smhQqyRfJfT","title":"Find Origin","pathname":"/howtohunt/find-origin-ip/findorigin","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Find Origin IP"}]},{"id":"FHuaGJADMYiXAPu8pXRa","title":"GraphQL","pathname":"/howtohunt/graphql/graphql","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"GraphQL"}]},{"id":"-MQVXszYTyIVT-5n3xWE","title":"HTTP_Desync","pathname":"/howtohunt/http-desync-attack/http_desync","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"HTTP Desync Attack"}]},{"id":"-MQVXszarq4xg8mLWciO","title":"Host-Header","pathname":"/howtohunt/host-header-attack/host-header","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Host-Header Attack"}]},{"id":"-MVfbeV3Kgwo-jhpwh2F","title":"HTML-Injection","pathname":"/howtohunt/html-injection/html_injection_on_password_reset_page","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"HTML-Injection"}]},{"id":"-MQVXszdAEa2p-WOFQ0Y","title":"IDOR","pathname":"/howtohunt/idor/idor","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"IDOR"}]},{"id":"bOTUTytxRQ1Z6dekgzj4","title":"JWT","pathname":"/howtohunt/jwt-attack/jwt","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"JWT ATTACK"}]},{"id":"AfpKLcb2sxIpcs199WvK","title":"JIRA","pathname":"/howtohunt/jira-attack/jira","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"JIRA ATTACK"}]},{"id":"-MQVXszjm4WAQWO8ygbq","title":"MFA Bypasses","pathname":"/howtohunt/mfa-bypass/mfa_bypasses","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"MFA Bypass"}]},{"id":"-MQVXszkmATUwSLqIHiB","title":"2FA-Bypass","pathname":"/howtohunt/mfa-bypass/2fa_bypass","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"MFA Bypass"}]},{"id":"-MdQ324BysLKvkPZRJDH","title":"Default Credential And Admin Panel","pathname":"/howtohunt/misconfigurations/default-credential-and-admin-panel","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Misconfigurations"}]},{"id":"SG25E35gj6j7nuHtPiOc","title":"Docker","pathname":"/howtohunt/misconfigurations/docker","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Misconfigurations"}]},{"id":"MLdPM29Pvs8b5HogQXJd","title":"S3 Bucket","pathname":"/howtohunt/misconfigurations/s3-bucket_misconfig","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Misconfigurations"}]},{"id":"-MQVXszqTp_UOpdj4XqJ","title":"OAuth","pathname":"/howtohunt/oauth/oauth","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"OAuth"}]},{"id":"bB4S4ZfX7X0lHrcGEPUf","title":"OAuth Hunting","pathname":"/howtohunt/oauth/oauth-2.0-hunting-methodology","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"OAuth"}]},{"id":"-MQVXsztkpwVNOC5u94s","title":"Find OpenRedirect Trick","pathname":"/howtohunt/open-redirection/find_openredirect_trick","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Open Redirection"}]},{"id":"-MQVXszujv7ZqN4b23bw","title":"Open Redirection Bypass","pathname":"/howtohunt/open-redirection/open_redirection_bypass","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Open Redirection"}]},{"id":"-MQVXszxAcwmVVKrPjoF","title":"Parameter Pollution In Social Sharing Buttons","pathname":"/howtohunt/parameter-pollution/parameter_pollution_in_social_sharing_buttons","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Parameter Pollution"}]},{"id":"-MQVXt--e_YW1f-msxVc","title":"MindMap","pathname":"/howtohunt/password-reset-functionality/password_reset_functionality","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Password Reset Functionality"}]},{"id":"-MQVXt-0tf8YfttvB32I","title":"Password Reset Token Leakage","pathname":"/howtohunt/password-reset-functionality/password_reset_token_leakage","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Password Reset Functionality"}]},{"id":"-MVfbeVVm3S7qRiv5aNY","title":"Account_Takeover_By_Password_Reset_Functionality","pathname":"/howtohunt/password-reset-functionality/account_takeover_by_password_reset_functionality","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Password Reset Functionality"}]},{"id":"B5EfBtes4mw7Do2EwK2j","title":"Password_Reset_Flaws","pathname":"/howtohunt/password-reset-functionality/password_reset_flaws_by_sm4rty","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Password Reset Functionality"}]},{"id":"YaLmZ5byGUF2eAgdMJBt","title":"Rate Limit Flaws","pathname":"/howtohunt/rate-limit/rate_limit","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Rate Limit"}]},{"id":"-MQVXt-3OCv1hdBXIgRk","title":"Rate-Limit Bypass","pathname":"/howtohunt/rate-limit/ratelimitbypass","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Rate Limit"}]},{"id":"9GSBe5jHvNDwCT0ePNlH","title":"No Rate-Limit on Verify-PhoneNo","pathname":"/howtohunt/rate-limit/no-rate-limit-on-verify-phoneno","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Rate Limit"}]},{"id":"3oK4B282LAl3O3eZaZgg","title":"No Rate-limit on Invite User","pathname":"/howtohunt/rate-limit/no-rate-limit-on-invite-user","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Rate Limit"}]},{"id":"333VBlhwoOqzVJbiK07t","title":"No Rate-limit on Promo","pathname":"/howtohunt/rate-limit/no-rate-limit-on-promo","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Rate Limit"}]},{"id":"sqgAlD101aMAjRSZwRRO","title":"No Rate-limit on Verify-email","pathname":"/howtohunt/rate-limit/no-rate-limit-on-verify-email","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Rate Limit"}]},{"id":"4nLVKD76rBiWGRsWtO75","title":"No Rate-limit on forget-password","pathname":"/howtohunt/rate-limit/no-rate-limit-on-forget-password","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Rate Limit"}]},{"id":"pGFGsnUiFhTDKgXnIQ4f","title":"Race Condition","pathname":"/howtohunt/race-condition/race_conditions","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Race Condition"}]},{"id":"qkv4MRMYDUFlOVmFElQg","title":"Github","pathname":"/howtohunt/recon/github_dorking","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Recon"}]},{"id":"-MSDhQc1kARb0PZmjW3x","title":"Recon Workflow","pathname":"/howtohunt/recon/workflow","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Recon"}]},{"id":"-MQVXt-6eBqj8_K4n7_k","title":"Subdomain Enumeration","pathname":"/howtohunt/recon/subdomain_enumeration","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Recon"}]},{"id":"-MQVXt-9shaIO80RJTAH","title":"SQL Injection.md","pathname":"/howtohunt/sqli/sql_injection","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"SQLi"}]},{"id":"4vdWXWjn8uqRtaSjTW98","title":"SAML","pathname":"/howtohunt/saml/saml","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"SAML"}]},{"id":"-MQVXt-CbbsTshZbep-A","title":"SSRF","pathname":"/howtohunt/ssrf/ssrf","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"SSRF"}]},{"id":"-MQVXt-D9CuH3Yvjl5zs","title":"Blind SSRF","pathname":"/howtohunt/ssrf/blind_ssrf","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"SSRF"}]},{"id":"-MQVXt-GrmKSMVvT3m-7","title":"SSTI","pathname":"/howtohunt/ssti/ssti","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"SSTI"}]},{"id":"ZC21sRDNX8NZlJSpXMJD","title":"Sign Up Bugs","pathname":"/howtohunt/sign-up-functionality/hunting_for_bugs_in_signup_feature","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Sign Up Functionality"}]},{"id":"qbw5KTF22edfe7lpzbhx","title":"Sign Up MindMap","pathname":"/howtohunt/sign-up-functionality/sign-up-mindmap","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Sign Up Functionality"}]},{"id":"-MQVXt-JydwdOTukRVyV","title":"Github Recon Method","pathname":"/howtohunt/sensitive-info-leaks/github_recon_method","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Sensitive Info Leaks"}]},{"id":"-MQVXt-KWTaQluCcYoAr","title":"Github-Dorks","pathname":"/howtohunt/sensitive-info-leaks/github-dorks","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Sensitive Info Leaks"}]},{"id":"-MQVXt-L2d1EsZBUXSub","title":"Github Dorks All","pathname":"/howtohunt/sensitive-info-leaks/github_dorks_all","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Sensitive Info Leaks"}]},{"id":"-MQVXt-Mo9USeHJvsHKn","title":"Google Dorks","pathname":"/howtohunt/sensitive-info-leaks/google_dorks","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Sensitive Info Leaks"}]},{"id":"-MQVXt-Naa7OXyLuzNaq","title":"Shodan CVE Dorks","pathname":"/howtohunt/sensitive-info-leaks/shodan_cve_dorks","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Sensitive Info Leaks"}]},{"id":"KqfDqmZpxEBsaK65cLQY","title":"Version Leaks","pathname":"/howtohunt/sensitive-info-leaks/version_leak","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Sensitive Info Leaks"}]},{"id":"-MQVXt-QbCaTqQ-QpM76","title":"Status_Code_Bypass Tips","pathname":"/howtohunt/status-code-bypass/status_code_bypass","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Status Code Bypass"}]},{"id":"-MQVXt-R0r0tb4GDfX9M","title":"403 Bypass","pathname":"/howtohunt/status-code-bypass/403bypass","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Status Code Bypass"}]},{"id":"-MQVXt-UdPNN1aUkszuB","title":"Subdomain Takeover - Detail Method","pathname":"/howtohunt/subdomain-takeover/subdomain_takeover","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Subdomain Takeover"}]},{"id":"jhQXFniWIh0kmwVsgGvT","title":"Subdomain Takeover - Easy Method","pathname":"/howtohunt/subdomain-takeover/easy_methods","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Subdomain Takeover"}]},{"id":"m0x4bwb6INYmgxzCSAR8","title":"Subs or Top level Domain","pathname":"/howtohunt/subdomain-takeover/sub_or_top_level_domain_takeover","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Subdomain Takeover"}]},{"id":"-MQVXt-YzImdRyQT3nSA","title":"Tabnabbing","pathname":"/howtohunt/tabnabbing/tabnabbing","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Tabnabbing"}]},{"id":"-MQVXt-aroJWRl5cygC3","title":"WAF Bypass Using Headers","pathname":"/howtohunt/waf-bypasses/waf_bypass_using_headers","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"WAF Bypasses"}]},{"id":"-MQVXt-dBhnmf7s67gMb","title":"Weak Password Policy","pathname":"/howtohunt/weak-password-policy/weak_password_policy","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"Weak Password Policy"}]},{"id":"-MQVXt-gBGPV_cTuYcuK","title":"XSS","pathname":"/howtohunt/xss/xss","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"XSS"}]},{"id":"adjGTIJ4fMsnIA9d9tNJ","title":"Bypass CSP","pathname":"/howtohunt/xss/bypass_csp","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"XSS"}]},{"id":"3EmBLiwOLqrFvEcfjRhO","title":"XSS Bypass","pathname":"/howtohunt/xss/xss_bypass","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"XSS"}]},{"id":"-MQVXt-hlWELNc7TnSfP","title":"Automated XSS","pathname":"/howtohunt/xss/automated_xss","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"XSS"}]},{"id":"TCJXU3OB6nww7anh0w4g","title":"Post Message Xss","pathname":"/howtohunt/xss/post_message_xss","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"XSS"}]},{"id":"-MQVXt-kEc09npQRHrSk","title":"XXE Methods","pathname":"/howtohunt/xxe/xxe_methods","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"XXE"}]},{"id":"b3K7PStssHjZRd0eLknO","title":"Billion Laugh Attack","pathname":"/howtohunt/xxe/billion_laugh_attack","siteSpaceId":"sitesp_znjOQ","description":"","breadcrumbs":[{"label":"XXE"}]}]}