How to think out of the box with @zseano


Hey hackers! This is the first post of a series on the topic of: How to think out of the box?

When I was preparing the Bug Hunter podcast Ep. 4 on this same topic, I wanted to include advice from different bug hunters. So I asked several hackers these 3 specific questions:

  • How to find bugs that are not duplicates?
  • How to find new areas of research (like in @securinti’s last blog post or what James Kettle does)?
  • How to find logic bugs or bugs that don’t fall under any category, can’t be found with tools or require real thinking?

@zseano was one of the hackers I reached out to, and he was kind enough to respond with awesome advice!
Here is his response:

More …

The 5 Hacking NewsLetter 45

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 8 to 15 of March.


Our favorite 5 hacking items

1. Conference of the week

OWASP AppSec California 2019, especially:

OWASP AppSec conferences are great for anyone interested in (both offensive and defensive) Web app security. This one is particularly good, as you can judge from the list of talks above that I’m planning to watch!

Some of the topics addressed are: extracting endpoints from JS files, FaaS & GraphQL security, Web Caching vulnerabilities, scaling visual identification for bug hunters, new features in ZAP, interesting OWASP tools for white box pentesting…

The only thing missing is the video/slides from workshops which look really interesting. Gonna have to go there myself some day!

More …

The Bug Hunter Podcast 4: Bypassing email filters & Thinking out of the box


Hi, here’s a new episode of the Bug Hunter podcast!

You can now listen to it using the widget below or on the following platforms: Apple podcasts/iTunes, Google Podcasts, Podbean, Anchor, Spotify, Breaker, Pocket Casts, Overcast and RadioPublic.

If your favorite podcasting app is missing from this list, please let me know so I can add it.

Also, if you prefer written text, you’ll find the whole transcript below. It’s also helpful for finding any links or commands mentioned in the audio.

More …

Conference notes: Eliminating False Assumptions in Bug Bounties (OWASP Stockholm 2018)

Hi, these are the notes I took while watching the “Eliminating False Assumptions in Bug Bounties” by Frans Rosén (@fransrosen) on OWASP Stockholm 2018.



This is a talk where @fransrosen responds to arguments he heard on why you shouldn’t do bug bounties. It’s full of thoughts and ideas on how to approach bug bounty mentally and what you can do to overcome common hurdles.

More …

The 5 Hacking NewsLetter 44

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 1 to 8 of March.


Our favorite 5 hacking items

1. Tool of the week

Rescope & Introduction

Wow, I love this tool! Have you’ve ever experienced the discomfort of adding tens of targets one by one or playing with regexes to configure your Burp scope? If yes, worry no more!

It is now possible to copy a bug bounty program’s scope from their page, paste it to a .txt file, and convert it to Burp scope using one command.

Rescope takes as input a file containing your target domains, subdomains, IPs, wildcard subdomains, etc. And outputs a JSON file that you can import in Burp to automagically configure your scope. In one shot, and no regex required.

Here’s an example input file:

In Scope:
Critical * and *
High (internal testing)

Out of Scope:

It can contain any text and descriptions. The tool extract targets wherever they are. The only thing to remember is to put !EXCLUDE before to list your exclusions, because by default all targets found are considered included.

More …