The 5 Hacking NewsLetter 25

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 19 to 26 of October.

T5HN25.png

Our favorite 5 hacking items

1. Conference of the week

Beyond your studies & Slides by Ange Albertini

Wow, this talk is a gem (the slides also)! I wish I’d seen it as a teenager. It puts a light on so many truths related to infosec, job search, corporate environments, studies, the mold society tries to put you in, etc.

Watch it, even if you’re not a student or that young. If applied, this is life-changing advice.

2. Writeup of the week

Cookie-based-injection XSS making exploitable with-out exploiting other Vulns by @agrawalsmart7

This writeup is a good example of cookie-based XSS exploitation. Once you’ve found a vulnerable URL, transform it by adding the cookie’s name & value to the URL as GET parameters: https://example.com?PHPSESSID={payload}.

Making victims click on a GET URL is easier than injecting HTTP headers / cookies. So this is a better PoC for pentest & bug bounty reports.

3. Challenge of the week

flAWS challenge by @0xdabbad00

Challenges to train for finding bugs on AWS are harder to come by than other vulnerabilities like XSS, SQL injection, etc.

This is a good one. It’ll allow you to learn more about AWS flaws, with tips if you’re stuck. And the great part is that you won’t need to install anything, or bother with configuring a AWS instance, it is all already online and waiting for you!

4. Non technical item of the week

The Cybersecurity Hiring Gap is Due to The Lack of Entry-level Positions by @DanielMiessler

Everybody has been complaining about the cybersecurity hiring crisis for years. I’ve heard about it since I started in 2012!
Juniors can’t find a job because companies only hire experienced candidates. And companies have trouble finding the experienced candidates they need.

This piece by Daniel Miessler is enlightening. He explains the mistakes made by both parties that cause this crisis, and what they could do better.

This could help you if you’re either hiring or looking for a job.

5. Tutorial of the week

Local Linux privilege escalation overview by @L0vvebug

This is a comprehensive tutorial on Linux privilege escalation. It presents multiple techniques to gather information on a system post-exploitation, and to escalate your privileges to root.

This is a good reference: A lot of techniques and commands condensed on the same page, but still understanble and detailed. It should be useful for penetration tests and passing the OSCP.

Other amazing things we stumbled upon this week

Podcasts

Conferences

Slides only

Tutorials

Medium to advanced

Beginners corner

Writeups

Tools

If you don’t have time

  • TLS-Scanner: A tool to assist pentesters in the evaluation of TLS Server configurations
  • SharpSploit & tutorial: SharpSploit is a .NET post-exploitation library written in C#
  • off-by-slash: Burp extension to detect alias traversal via NGINX misconfiguration at scale

More tools, if you have time

  • WebMap: Nmap Web Dashboard and Reporting
  • IVRE: Open source framework for network recon
  • Bscan: An asynchronous target enumeration tool
  • JQShell: A weaponized version of CVE-2018-9206
  • YaCy & Tutorial: A free search engine to use for OSINT or reconnaissance

Misc. pentest & bug bounty resources

Challenges

News

Non technical

Tweeted this week

We created a collection of our favorite pentest & bug bounty related tweets shared this past week. You’re welcome to read them directly on Twitter: Tweets from 10/19/2018 to 10/26/2018


Have a nice week folks!

If you want to be notified when new articles (including this newsletter) are published, you can subscribe to this blog.

And if you enjoyed reading this, please consider sharing it, leaving a comment, suggestions, questions…


Comments