Sponsored by

The 5 Hacking NewsLetter 7

Posted in Newsletter on June 11, 2018

The 5 Hacking NewsLetter 7

Hey hackers! Once again, I scoured the Web to get you the best resources on hacking, pentesting and bug bounty hunting shared this week.

I’m publishing this a little late because there’s a lot of research involved and, well, sometimes life gets in the way… So the week covered is from the 1st to the 8th of June.

Have fun reading this, and don’t forget to share, retweet, comment, ask…!

Our favorite 5 hacking items

1. Webcast I enjoyed watching

Attack Tactics Part 1 by Black Hills Information Security

This is a great webcast! I loved watching it for all the state of the art information, tips and feedback from professional pentesters.

2. Writeup of the week

Getting PHP Code Execution and leverage access to panels,databases,server

This is a very well written writeup that details the recon process and the methodology used to find a PHP code execution and an SQL injection. It’s a real life example that is very educational for beginner penetration testers and bug bounty hunters.

3. Tutorials of the week

29 short videos that teach you how to use Shodan from the command-line

As a pentester or bug bounty hunter, you probably use Shodan all the time. But if you’re not currently using its GUI (i.e. the website) and not the command line, these videos are highly recommended! The GUI is nice but the CLI is a lot more practical, especially for logging purposes and when testing dozens of IPs & hosts at once.

4. Non technical item of the week

J4vv4d blog & J4vv4D Youtube channel

I like watching these short and fun videos. J4vv4d doesn’t take himself too seriously and tackles topics that anyone in the infosec field can relate to. Some of my favorites are:

5. Article of the week

What is CSP?

This is a nice introduction to understand Content Security Policy (CSP) and start looking for CSP bypass vulnerabilities!

Other amazing things we stumbled upon this week

Videos & Podcasts





Misc. pentest & bug bounty resources

Non technical

Penetration Test vs. Red Team Assessment: The Age Old Debate of Pirates vs. Ninjas Continues

See you next time!

If you enjoyed reading this, please consider sharing it, leaving a comment, suggestions, questions…