The 5 Hacking NewsLetter 33
Posted in Newsletter on December 25, 2018
Posted in Newsletter on October 14, 2018
Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.
This issue covers the week from 5 to 12 of October.
The Art of Subdomain Enumeration by Appsecco
The folks from Appsecco regularly share great information and tools on recon and particularly subdomain enumeration, including two LevelUp talks and now this free book. I highly recommend it, but make sure to take notes and integrate the different techniques into your subdomain enumeration methodology to benefit from it.
This was a fun read! It’s a bug found on a vending machine’s Android app: anyone could buy stuff with a zero-credit account.
It’s a nice example of reverse engineering an Android app, detecting and exploiting weak database encryption.
Certstream by Cali Dog Security
There are a lot of tools to monitor Certificate Transparency logs nowadays. Although I already use some of them like Censys, Crt.sh & Facebook’s CT monitoring tool, I immediately added this one to my methodology because it presents a stream that is updated with SSL certificates in real time!
Eliminating False Assumptions in Bug Bounties by Frans Rosén @fransrosen (OWASP Stockholm)
This is a relatively short talk but the advice given is gold, especially if you are new to bug hunting. Frans talks about ups and downs of bug bounty and some tips to avoid dupes, N/As and boredom.
For example, he recommends hunting on old programs with a large attack surface like Google, Facebook or Yahoo because they put up new code all the time and are less tested since most newbies go for the new programs.
XSS Cheat Sheet by @brutelogic
This is a good cheatsheet that can be helpful if you’re stuck with an XSS filter or learning about this type of bugs.
We discovered a bug in one of the Google+ People APIs:
- Users can grant access to their Profile data, and the public Profile information of their friends, to Google+ apps, via the API.
- The bug meant that apps also had access to Profile fields that were shared with the user, but not marked as public.
We created a collection of our favorite pentest & bug bounty related tweets shared this past week. You’re welcome to read them directly on Twitter: Tweets from 10/05/2018 to 10/12/2018
Have a nice week folks!
If you enjoyed reading this, please consider sharing it, leaving a comment, suggestions, questions…