Skip to content

Bergee's Stories on Bug Hunting

hacking, cyber security and programming

Menu

Blog
About Me
Contact
Resources
Side projects

Menu

Bug Bounty Resources

Videos
Labs
Books

Bug Bounty Related Channels

Conferences

BlackHatOfficialYT
BlackAlps
BSides
BsidesWarsaw
DEFCON
EKOPArtySecurityConference
HackersOnBoard
Hacktivity - IT Security Festival
NullCon
OffensiveCon
OWASP Global
OWASP Poland
OWASP Stockholm
OWASP Nagpur
Security Fest
InsomniHack
Red Team Village
ShellCon

Bug Bounty POC Disclosures

Bug Bounty POC Disclosure 1
Bug Bounty POC Disclosure 2
Bug Bounty POC Disclosure 3
Bug Bounty POC Disclosure 4
Bug Bounty POC Disclosure 4
Professor The Hunter
vulnerability0lab

Security and more

GynvaelColdwind EN
CalleSwenson
CryptoCat
CyberSecurityTV
DarkSec
David Bombal
GoatSniff
HackersEra
HackerSploit
Hacking Simplified
Hacksplaining
LeetCipher
LiveOverflow
MetaSplotation
NullByte
Secret Letters of Hacker
Cobalt
PwnFunction
The Ethical Hacker Network
The Osint Curious Project
ArtOfTheProblem
OSINT
ComputerPhile
Explaining Computers
Kacper Szurek EN
OWASP Dev Slop

Polish Language Materials

CERT Polska
GynvaelColdwind
Zaufana Trzecia Strona
Kacper Szurek
Niebezpiecznik
Sekurak TV
Jakub Mrugalski

Labs

Portswigger Web Security Academy
Hack The Box
Try Hack Me
Penterster Lab

Various challenges

Challenges aggregator
Over The Wire Wargames
Exploiting challanges
Crypto challenges

XSS challenges

Intigriti XSS challenges
Google XSS Game
XSS Game
Unescape Room
Prompt to win

Vulnerable Applications

OWASP Vulnerable Web Applications
VulnHub
XEE Lab
File Upload Lab

Free

Web Hacking 101
Bug Bounty Playbook
OWASP Testing Guide 4.0

Paid

The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws [2nd Edition]
Real-World Bug Hunting: A Field Guide to Web Hacking
Bug Bounty Hunting for Web Security: Find and Exploit Vulnerabilities in Web sites and Applications [1st Edition]
Bug Bounty Hunting Essentials: Quick-paced guide to help white-hat hackers get through bug bounty programs
A bug bounty hunting journey: Overcome your limits and become a successful hunter
A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security
Hands-On Bug Hunting for Penetration Testers: A practical guide to help ethical hackers discover web application security flaws
Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities
The Hacker Playbook 3: Practical Guide To Penetration Testing
Penetration Testing: A Hands-On Introduction to Hacking [1st Edition]
Ethical Hacking: A Hands-on Introduction to Breaking In
Hacking APIs: Breaking Web Application Programming Interfaces
The Mobile Application Hacker's Handbook [1st Edition]

A Little Break from Bug Bounty – I Made a Word Search Game!
How I hacked XXXX for fun and !profit
Accessing admin panel with fuzzing, digging and guessing
From AngularJS CSTI to credentials theft
The story of exposed service, SSRF, CSP bypass and credentials stealing via XSS
“Hacking” the hotel room TV
Broken links hijacking and CDN takeover
How I found multiple critical bugs in Red Bull
Chaining multiple vulnerabilities for credential stealing
Blind account takeover
Turning cookie based XSS into account takeover
Blind os command injection
Five-minute hunting for hidden XSS
URL filter bypass, RFI and XSS
The forgotten API and XSS filter bypass
XSS via Angular Template Injection
Breaking things legally for fun and profit

Hackers' playground

https://www.tryhackme.com
https://www.pentesterlab.com
https://www.hackthebox.com
https://portswigger.net/web-security/all-labs

© 2025 Bergee's Stories on Bug Hunting