Sponsored by

The 5 Hacking NewsLetter 75

Posted in Newsletter on October 16, 2019

The 5 Hacking NewsLetter 75

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 04 to 11 of October.

Our favorite 5 hacking items

1. Video of the week

Bug Bounty - Hunting Third Level Domains

If you have heard of recursive subdomain enumeration and wished to see practical examples, this is a video for you.

@thecybermentor shows how to enumerate subdomains, spot interesting ones, and iterate enumeration to get third level domains. He also shows how to organize findings, automate the whole process, and go further by using Nmap and Eyewitness. Really helpful for beginners to automation and recon!

2. Slides of the week

Entrepreneurship for hackers: “A thing or two I learnt while building PentesterLab”

As a hacker and entrepreneur, I’m very interested in what @snyff has to say. He built Pentester Lab by himself, without investors and has been living from it since 2018, while providing real value to clients.

If you too are interested in entrepreneurship, you might want to read about his advice on what a good idea is, why external funding is not necessarily an advantage, why starting a business with a free product is a bad idea, how to price your product, etc.

3. Tools of the week

Dr. Watson is a Burp Suite extension that passively detects secrets in domains in scope based on a Regex. To try it, I have added Github to Burp’s scope and navigated a repository that I knew contained a lot of sensitive information. Immediately, new issues appeared for github.com: “Asset discovered: S3 bucket”, “Asset discovered: IP”… The tool can find keys, S3 buckets, DigitalOcean Space, Azure blobs, IP addresses, domains and subdomains. But since regexes are defined in a file (issues_library.json), it is possible to extend its capabilities by adding new regexes.

The second set of tools are scripts for finding sensitive information on Github. I love that they are lighweight, each do one specific thing, and are great examples to study for anyone who wants to learn programming for hacking purposes.

. Conference of the week

LevelUp 0x05

It’s always a joy to watch LevelUp. I think it is one of the best conferences for bug hunters and Web app pentesters.

In this edition, there are four talks on car hacking, Android app vulnerabilities, GSuite security, and GraphQL hacking.

5. Tutorial of the week

Authorization Token manipulation using Burp Suite extender & BearerAuthToken

This tutorial and tool might be handy if you have to test an application that requires an authorization token for each request, with a short session timeout. Once a token expires, you have to manually re-authenticate on the app to get a new one. But this breaks Burp’s scanner automation.

The solution offered, BearerAuthToken, is a Burp Suite extension that automatically generates a new token for each request to make sure that it will be valid and that the authenticated state will be maintained. So useful and easy to use!

Other amazing things we stumbled upon this week

Videos

Podcasts

Webinars & Webcasts

Conferences

Slides only

Tutorials

Medium to advanced

Beginners corner

Writeups

Challenge writeups

Pentest writeups

Responsible(ish) disclosure writeups

Bug bounty writeups

See more writeups on The list of bug bounty writeups.

Tools

If you don’t have time

  • DomainDog: A cli tool to perform reverse whois lookups through viewdns.info
  • StatusParser: Retrieve the status codes from a list of URLs

More tools, if you have time

  • Snapback: HTTP(s) Screenshots for Pen Testers Who Value Their Time
  • Pivoting into VPC networks: Pivot into private VPC networks using a VPN connection
  • PHP Object Injection Slinger: Burp Suite extension to automatically identify serialization issues in PHP Frameworks
  • Traxss: Automated XSS Vulnerability Scanner
  • Entrust-identityguard-tools: Tools for playing with Entrust IdentityGuard soft tokens, such as decrypting QR codes and deriving OTP secrets
  • Callback Catcher: A multi-socket control tool designed to aid in pentest activities, like the love child of Burp Collaborator & Responder

Misc. pentest & bug bounty resources

Challenges

Articles

News

Bug bounty & Pentest news

Reports

Vulnerabilities

Breaches & Attacks

Other news

Non technical

Tweeted this week

We created a collection of our favorite pentest & bug bounty related tweets shared this past week. You’re welcome to read them directly on Twitter: Tweets from 10/04/2019 to 10/11/2019.


Curated by Pentester Land & Sponsored by Intigriti

Have a nice week folks!

If you enjoyed reading this, please consider sharing it, leaving a comment, suggestions, questions…

Top