The 5 Hacking NewsLetter 11

Hey hackers! Here are our favorite resources for penetration testers and bug bounty hunters for last week (June 29 to July 6).

T5HN11.png

Our favorite 5 hacking items

1. Podcast of the week

Web Hacking Pro Tips #16 with Bull by Peter Yaworski

I loved watching this podcast! The story of Bull (@v0sx9b) is impressive: he’s a self-taught full-time bug bounty hunter since only 2016 and already making a lot of money. So it’s good to listen to his hunting philosophy and tips.

For example, he focuses on big bugs and doesn’t report small ones, but rather keeps them to chain them and report higher impact bugs. This way, he reports 6/7 bugs a month on average but with high criticality & reward.

2. Tool of the week

h1-search by David Sopas

This is a handy tool for bug hunters. It’ll allow you to quickly grab all publicly disclosed reports of any HackerOne program you are working on.

3. Writeup of the week

The $12,000 Intersection between Clickjacking, XSS, and Denial of Service by Sam Curry

This is a great write-up on how to find high reward bugs on a target that has been tested by hundreds or thousands of other researchers. The tricks mentioned include:

  • How to bypass an open redirect filter using the //external.site trick
  • Why you should try both external & internal links when testing for open redirection
  • How to cause client Denial of Service with %0t
  • How to create awesome XSS PoCs using clickjacking and highlighting the information that can be stolen (web sockets session stored within the browser’s local storage)

4. Tip of the week

Free Lists - Bug Bounty

This is a new mailing list started by EdOverflow. You can browse the archive and read many good tips for bug hunters like how to escalate stored XSS for a better reward, great subdomain takeover tricks, etc.

5. Non technical item of the week

T5HN11-kiwicon.jpg A Brief History Of Kiwicon Visual Design

Both the contents and the design of this poster are great. It sums up all the excuses I heard from clients as an internal security auditor then pentester.

The first time I saw it, it made me laugh and feel comforted because I felt less alone in this fight against the false obstacles and excuses.

Other amazing things we stumbled upon this week

Stuff to watch/listen to

Videos

Podcasts

Conferences

Tutorials

Medium to advanced

Beginners corner

Writeups

You can find the latest bug bounty writeups in our dedicated page: List of bug bounty writeups.
Only writeups that did not make it to this selection are listed below. This does not mean that they aren’t worth reading, just that they are not BUG BOUNTY writeups. We will soon post more details about how our curation process.

Tools

If you don’t have time

More tools, if you have time

Misc. pentest & bug bounty resources

Challenges

Non technical

Tweeted this week

We created a collection of our favorite pentest/bug bounty related tweets shared this week. You’re welcome to read it directly on Twitter.


Have a nice weekend folks!

If you want to be notified when new articles (including this newsletter) are published, you can subscribe to this blog.

And if you enjoyed reading this, please consider sharing it, leaving a comment, suggestions, questions…


Comments