The 5 Hacking NewsLetter 7

Hey hackers! Once again, I scoured the Web to get you the best resources on hacking, pentesting and bug bounty hunting shared this week.

I’m publishing this a little late because there’s a lot of research involved and, well, sometimes life gets in the way… So the week covered is from the 1st to the 8th of June.

Have fun reading this, and don’t forget to share, retweet, comment, ask…!

T5HN7.png

Our favorite 5 hacking items

1. Webcast I enjoyed watching

Attack Tactics Part 1 by Black Hills Information Security

This is a great webcast! I loved watching it for all the state of the art information, tips and feedback from professional pentesters.

2. Writeup of the week

Getting PHP Code Execution and leverage access to panels,databases,server

This is a very well written writeup that details the recon process and the methodology used to find a PHP code execution and an SQL injection. It’s a real life example that is very educational for beginner penetration testers and bug bounty hunters.

3. Tutorials of the week

29 short videos that teach you how to use Shodan from the command-line

As a pentester or bug bounty hunter, you probably use Shodan all the time. But if you’re not currently using its GUI (i.e. the website) and not the command line, these videos are highly recommended! The GUI is nice but the CLI is a lot more practical, especially for logging purposes and when testing dozens of IPs & hosts at once.

4. Non technical item of the week

J4vv4d blog & J4vv4D Youtube channel

I like watching these short and fun videos. J4vv4d doesn’t take himself too seriously and tackles topics that anyone in the infosec field can relate to. Some of my favorites are:

5. Article of the week

What is CSP?

This is a nice introduction to understand Content Security Policy (CSP) and start looking for CSP bypass vulnerabilities!

Other amazing things we stumbled upon this week

Videos & Podcasts

Tutorials

Writeups

Tools

Tweets

Misc. pentest & bug bounty resources

Non technical


See you next time!

If you want to be notified when new articles (including this newsletter) are published, you can subscribe to this blog.

And if you enjoyed reading this, please consider sharing it, leaving a comment, suggestions, questions…


Comments