The 5 Hacking NewsLetter 78

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 25 of October to 01 of November.

T5HN78.png

Our favorite 5 hacking items

1. Podcast of the week

The Bug Bounty Podcast - Episode #1 - STÖK

This podcast is A-M-A-Z-I-N-G! It makes you feel like you’re at a live hacking event, sitting with two seasoned bug hunters discussing all kinds of subjects. It goes from how to pronounce CSRF, how @stokfredrik overcame depression, to his race conditions research, etc.

This is perfect for when you want to listen to something relaxing but still informational and related to bug bounties. To accompany with a nice cup of coffee, hygge style!

2. Writeup of the week

Abusing HTTP hop-by-hop request headers

This is some cool research on hop-by-hop headers. These are headers that are used by proxies and not forwarded to the end server.

@nj_dav discovered a way to abuse them and basically remove other request headers. This can have unexpected results like authentication bypass, Cache poisoning DoS, etc.

The premise is simple to understand, but it would be interesting to practice this attack and take the research further by testing on common WAFs.

3. Tips of the week

What do you do when doing blackbox web testing that may be obvious to you but not so obvious to other people?

This is an excellent question asked by @nnwakelam. Doing “not so obvious” tests is the best way to differentiate yourself and avoid duplicates.

The thread includes some very interesting responses, for instance: “Continuously scanning for surface will net you more $$$ in the long run. Looking at an asset once defeats the purpose of a BB, it might as well be a pen test at that point”.

It’s good to know all these strategies, and test them especially if stuck in dup’zone.

4. Video of the week

Live Bug Bounty Recon Session on Verizon Media’s Yahoo.com W/ @Securinti

@securinti is most known for his crazy logic bugs. Since he is killing it at live hacking events, and mostly shares unique creative bugs, it is interesting to get to know his mindset and approach. A recommended watch!

5. Conferences of the week

Global AppSec Amsterdam 2019 SAINTCON 2019 [email protected] 2019

Wow, there are way too many interesting talks to list them and comment them all here!

Let’s just say that Global AppSec and SAINTCON both offer a lot of talks on a large variety of topics, and many of them are really captivating.

[email protected] has two panels I find interesting for bug hunters: one with bug bounty millionaires @nnwakelam, @thedawgyg and @santi_lopezz99. And another one on hacking the talent gap with @d0nut and @yaworsk.

Other amazing things we stumbled upon this week

Videos

Podcasts

Webinars & Webcasts

Conferences

Slides only

Tutorials

Medium to advanced

Beginners corner

Writeups

Challenge writeups

Pentest writeups

Responsible(ish) disclosure writeups

Bug bounty writeups

See more writeups on The list of bug bounty writeups.

Tools

If you don’t have time

  • BugReplay: Browser extension to record bugs with network traffic and JS console (commercial tool)
  • XORpass: Encoder to bypass WAF filters using XOR operations
  • Femida: Burp extension for automated blind-xss testing (both passive & active)
  • UhOh365: A script that can see if an email address is valid in Office365 (user/email enumeration). This does not perform any login attempts, is unthrottled, and is useful for social engineering assessments to find which emails exist and which don’t. See Reddit discussion on the weakness exploited by this tool

More tools, if you have time

Misc. pentest & bug bounty resources

Challenges

Articles

News

Bug bounty & Pentest news

Reports

Vulnerabilities

Breaches & Attacks

Other news

Non technical

Tweeted this week

We created a collection of our favorite pentest & bug bounty related tweets shared this past week. You’re welcome to read them directly on Twitter: Tweets from 10/25/2019 to 11/01/2019.


Curated by Pentester Land & Sponsored by Intigriti

Have a nice week folks!

If you want to be notified when new articles (including this newsletter) are published, you can subscribe to this blog.

And if you enjoyed reading this, please consider sharing it, leaving a comment, suggestions, questions…


Comments