The 5 Hacking NewsLetter 33
Posted in Newsletter on December 25, 2018
Posted in Newsletter on September 25, 2018
Hey hackers! These are our favorite resources related to pentesting and bug hunting that we came across recently.
This issue covers the week from 14 to 21 of September.
It’s weird how often I face a new challenge and, while preparing this newsletter, come across relevant resources without looking for them specifically! This is the case for all 5 items of this week, so I hope that you find them as informative as they were for me.
Discovering GraphQL endpoints and SQLi vulnerabilities by @localh0t
I read more and more bug bounty writeups like this one or this one that mention misconfigured GraphQL endpoints and these bugs seem to pay really well.
GraphQL is an alternative to Web services like REST. This tutorial is a great introduction to understand their differences, how to find hidden GraphQL endpoints and exploit them to detect SQL injection.
How I XSS’ed Uber and Bypassed CSP by @mefkansec
I love the creativity of the recon work that led to this XSS: @mefkansec looked for Uber invitation links mentioned everywhere on forums & social media. Then he used a google dork to find a lot more invitation links in order to gather new GET parameters until he found one that was vunerable to a simple reflective XSS.
@Yassineaboukir recommends reverse engineering and analyzing the source code of Electron apps, as an easy way to find hardcoded secrets. The tutorial he mentions is very concise and should help you get started quickly.
Also, @0xibram recommends in the comments using this guide once you have the source code: Electron Security Checklist - A guide for developers and auditors.
@gwendallecoguic suggests 4 blog posts that helped him learn how to bypass Cloudflare. Try the different techniques until you find one that works on your target.
This tool helps monitor Certificate Transparency logs for new subdomains, when you’re targeting a specific bug bounty program or during a long term pentest engagement.
It uses the API of Entrust Datacard’s Certificate Transparency Search Tool.
We created a collection of our favorite pentest & bug bounty related tweets shared this past week. You’re welcome to read them directly on Twitter: Tweets from 09/14/2018 to 09/21/2018
Have a nice week folks!
If you enjoyed reading this, please consider sharing it, leaving a comment, suggestions, questions…