//* In The Name Of God *//

	  Hello dears, welcome to One Nice Life website. Together, we will have a good tutorial about pentest and Bug Bounty :)





	      1.1.1.1.1	
 	
Database <=> Server-Side + Cache + WAF (PHP - Python - Node.js - Java - ASP.NET Core )      <========   HTTP(GET, POST)   ====================>   1.1.1.1.1    <<< CDN Server + Cache + WAF >>>  188.114.97.0    <<< DNS Server >>>     Domain: https://1nicelife.com     Name Server 1: garret.ns.cloudflare.com =>  188.114.97.0      << Proxy & VPN >>    <<< ISP >>>     << Browser + Cache >>  Client-Side (HTML - CSS - Java Script)	
		                                                	   				                  Request                           Response                                                                                                                    	          Name Server 2: laura.ns.cloudflare.com  =>  188.114.96.0
   														    
																																1** => Info
																																2** => Successful
																																200
																																3** => Redirection
																																301
																																302
																																4** => Error Client Side
																																403
																																404
																																429	
																																5** => Error Server Side		
																																503		

--------------------------------------------------------------------------------------------------------------------
  														    
Telegram:   														    
	https://t.me/OneNiceLife    |   @ OneNiceLife

--------------------------------------------------------------------------------------------------------------------
Active Scan | Passive Scan:

Active Scan:

			Request  ===> Server => Access.log
	    	Response <===



Passive Scan:			

https://github.com/vavkamil/awesome-bugbounty-tools

BurpJSLinkFinder ==> Burp Extension for a passive scanning JS files for endpoint links.

--------------------------------------------------------------------------------------------------------------------
JSON Web Token (JWT):

              https://jwt.io/

--------------------------------------------------------------------------------------------------------------------


Proxy Server | VPN server

1) Why?

2) Change IP

3) Traffic

4) Encryption

5) Hackers

6) TOR | Proxy Chain

--------------------------------------------------------------------------------------------------------------------

UDP ==> User Datagram Protocol

1) Transport layer

2) IP

3) Packet

4) Connectionless 

5) NO Reliability

6) NO Flow control

7) NO Ordering

8) Speed

9) Usage ==> Online games
	

--------------------------------------------------------------------------------------------------------------------

TCP ==> Transmission Control Protocol

		IP_1 <======== Packet =========> IP_2


1) Transport layer

2) IP

3) Packet

4) connection-oriented

5) Reliability

6) Flow control

7) Ordering

8) Speed

9) Usage:

	1) Hypertext Transfer Protocol (HTTP)
	2) Hypertext Transfer Protocol Secure (HTTPS)
	3) Secure Shell (SSH)
	4) File Transfer Protocol (FTP)
	5) Electronic mail (Email)
	



--------------------------------------------------------------------------------------------------------------------
TLS | SSL | HTTPS:


Man-In-The-Middle Attack


TLS      ==> Transport Layer Security

SSL      ==> Secure Sockets Layer

HTTP + S ==> Hypertext Transfer Protocol + Secure

--------------------------------------------------------------------------------------------------------------------

Park Domain:

	Domain ==> Domain   | 1nicelife.ir ==> Redirect 301 ==> 1nicelife.com

--------------------------------------------------------------------------------------------------------------------

Web caching:
	
	1) Browser ==> Ctrl + F5
	
	2) CDN

	3) Website ==> WP Rocket Plugin | Lite Speed Plugin
		
	4) Server  ==> Varnish Cache	

	
Query String Trick in Bypass Cache: 									    
   														    
					?aaaaa
--------------------------------------------------------------------------------------------------------------------

DNS Record Types:

1) A Record       ==> Domain to IPv4

2) AAAA Record    ==> Domain to IPv6

3) CNAME Record   ==> Domain to Domain

4) TXT Record     ==> Register OR SPF (Sender Policy Framework)

5) MX Record      ==> Mail Server

6) NS Record      ==> Server


7) PTR Record     ==> IP to Domain

8) SRV Record     ==> PORT

9) SOA Record     ==> Domain INFO

10) CAA Record    ==> SSL



--------------------------------------------------------------------------------------------------------------------

https://www.1nicelife.com/pro-website-pentest-and-bug-bounty-tutorial/?id=25&cat=cyber&level=pro



http                                               ==> Protocol

s                                                  ==> SSL Certificate

www.                                               ==> Subdomain

1nicelife                                          ==> Domain

.com                                               ==> Top Level Domain (TLD)

/pro-website-pentest-and-bug-bounty-tutorial       ==> Path

/?id=1&cat=cyber                                   ==> Query String

?                                                  ==> Query String Begin

&                                                  ==> Query String Separator

=                                                  ==> Equal Sign

id,cat                                             ==> Parameter Name

1,cyber                                            ==> Parameter Value