The 5 Hacking NewsLetter 33
Posted in Newsletter on December 25, 2018
Posted in Newsletter on March 4, 2018
Hi, I’m very happy to present you the first edition of The 5 Hacking NewsLetter!
The idea behind it is to share with you every week the 5 coolest things related to hacking/pentest/bug bounty that I came across and enjoyed. I got the idea from Tim Ferris’s 5 bullet friday email newsletter.
I’ve been following Peter Yaworski for a while (since he published his book Web Hacking 101: How to Make Money Hacking Ethically). But I’ve only discovered this week his Web Hacking Pro Tips interviews.
They’re a must watch! He brings on big names of the Web hacking scene.
Bypassing Google’s authentication to access their Internal Admin panels — Vishnu Prasad P G
I loved reading this write-up! It shows that there are still easy-to-find, high rewarding bugs (13337$!) on big targets such as Google.
Doesn’t it motivate you to start bug bounty yesterday?
Security.txt is a new standard that’s a game changer for anyone who finds a security bug on a website and doesn’t known whether to report it or not (in the absence of a bug bounty program).
This initiative is in its infancy: the author found that only 62 sites from the Alexa Top 100,000 Websites have implemented security.txt files.
I’d rather be a failure in something that I love than a success in something that I hate - George Burns
George Burns was a comedian, actor, singer and writer who died in 1996. So he surely was not talking about IT security, but I find that his principle applies perfectly to penetration testing and especially bug bounty.
I’d easily spend hours training, learning about vulnerabilities, attempting to find valid and unique bug bounty bugs (even if I fail), rather than work an uninteresting corporate job that’d bring me security and “success” but no enjoyment.
See you next time!
If you enjoyed reading this, please consider sharing it, leaving a comment, suggestions…