The 5 Hacking NewsLetter 12

Hey hackers! These are our favorite pentest & bug bounty related resources for the week from 6 to 13 of July.

T5HN12.png

Our favorite 5 hacking items

1. Videos of the week

SteelCon 2018 - , particularly:

I would have loved to go to SteelCon 2018 and see all these talks live! They are not all technical but when I’m looking for something to watch/pass the time, I usually prefer watching conference videos like these to TV shows. They teach me new technical skills/information and help put me in a hacker’s mindset and motivate me for better bug hunting.

2. Tool of the week

https://buckets.grayhatwarfare.com/: The Shodan of Amazon S3 buckets

The story of why it was created

This is a searchable database of open Amazon S3 buckets. I haven’t had the time to try it yet, but I love the idea of an equivalent of Shodan for S3 buckets!

70 000 buckets are listed, you can easily search for company names or domain names, and browse the contents of buckets.

3. Writeup of the week

#BugBounty — Compromising User Account- ”How I was able to compromise user account via HTTP Parameter Pollution(HPP)” by Avinash Jain

This is a good real-life example of HTTP Parameter Pollution. Avinash first detected it on a social sharing button, then tested for the same issue on the password reset functionality of the same site and was able to reset the password of any user, escalating from HPP to account takeover.

4. Tutorial of the week

OSINT Primer: Domains (Part 1) by Patrick Hudak

Any tutorial by Patrick Hudak is a great tutorial! They are always detailed, informative and easily understandable.

In this one, he explains how to find information related to a given domain, like its owner, reputation, DNS settings…

Finding a domain’s owner can be very useful for bug hunters, to avoid attacking an out of scope domain that does not belong to your target.

5. Non technical item of the week

Watch Your Hack

Basic security tips for the layman. This is a page to share with your relatives, co-workers, neighbors, etc, to help them protect themselves from black hats.

Other amazing things we stumbled upon this week

Stuff to watch/listen to

Videos

Podcasts

Conferences

Tutorials

Medium to advanced

Beginners corner

Writeups

You can find the latest bug bounty writeups in our dedicated page: List of bug bounty writeups.
Only writeups that did not make it to this selection are listed below. This does not mean that they aren’t worth reading, just that they are not BUG BOUNTY writeups. We will soon post more details about how our curation process.

Tools

  • Hawkeye: A tool for analyzing a filesystem/directory recursively looking for interesting stuff for infosec like private SSH keys, config files, etc
  • Curate: A tool for fetching archived URLs (to be rewritten in Go) by EdOverflow
  • Burp Suite HTTP Smuggler: A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
  • TheHaywireHax: A collection of scripts and hacks I made by DeWolfRobin
  • StaCoAn: Crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications
  • Findautoelevate.ps1: super quick powershell script to enumerate executables with auto-elevation enabled, handy for privilege escalation research purposes
  • Cheat.sh: the only cheat sheet you need https://cheat.sh/
  • Sniff-Paste: OSINT Pastebin Harvester
  • file-magic.py: the nix *file tool ported to Windows
  • ScreenShooter: Convert your masscan/subdomain-scan results (80,443,8080) into screenshots for better analysis
  • Swiftness: Swiftness is a macOS productivity tool for bug hunters and security professionals to intensify penetration testing process with checklist and notes features

Misc. pentest & bug bounty resources

Challenges

Non technical

Tweeted this week

We created a collection of our favorite pentest & bug bounty related tweets shared this week. You’re welcome to read it directly on Twitter.


Have a nice weekend folks!

If you want to be notified when new articles (including this newsletter) are published, you can subscribe to this blog.

And if you enjoyed reading this, please consider sharing it, leaving a comment, suggestions, questions…


Comments