The 5 Hacking NewsLetter 59

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 14 to 21 of June.

T5HN40.png

Our favorite 5 hacking items

1. Video of the week

VIM tutorial: linux terminal tools for bug bounty pentest and redteams with @tomnomnom

Oh my! We’re really spoilt this week between this video tutorial with @tomnomnom and @nahamsec’s recon tips video (see below).

@tomnomnom shares so many tips that are worthy to discover whether your are a beginner or seasoned bug hunter. This includes the tools he uses for recon (including custom ones like assetfinder and html-tool), BASH basics, how to manually search for secrets in Git repos, how to use (and exit) VIM and a lot more.

This is a must watch if you’re into Web app security!

More …

The 5 Hacking NewsLetter 58

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 07 to 14 of June.

T5HN58.png

Our favorite 5 hacking items

1. Conference of the week

BSides London 2019, especially:

Stress, anxiety and depression are three health risks that we should all be aware of and have strategies to avoid. This talk is a perfect reminder of their distinctions, why they affect us and what to do to avoid them or to get better. This is very helpful especially for us, hackers, who can spend days in front of our computers, forgetting to exercise, sleep or eat properly.

More …

The 5 Hacking NewsLetter 57

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 31 of May to 07 of June.

T5HN57.png

Our favorite 5 hacking items

1. Tip of the week

Foxyproxy.json for disabling distracting Firefox traffic from Burp

If you’re a regular Firefox + Burp user, you probably have noticed that Firefox generates some traffic that shows up in Burp, like requests to http://detectportal.firefox.com/ or update checks.

This JSON file is @liamosaur’s Foxyproxy configuration file that allows him to disables this unwanted traffic.

More …

The 5 Hacking NewsLetter 56

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 24 to 31 of May.

T5HN56.png

Our favorite 5 hacking items

1. Tool of the week

Keye

Keye is a really useful recon tool. It’s the first one I’ve come across that allows hackers to easily monitor changes in URLs.

It’s written in Python with SQLite3 integrated. You give it a list of urls, and run it periodically (using Cron for example). It then requests the urls and detects changes based on the responses’ Content-Length. You can also receive Slack notifications when changes are detected.

More …

The 5 Hacking NewsLetter 55

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 17 to 24 of May.

T5HN55.png

Our favorite 5 hacking items

1. Article of the week

Turning your time into bugs — zseano’s thoughts

If you’re into bug bounty, and want to get into the right mindset for success, then you need to read this and apply it.

The advice given is common sense, but sometimes what we need to hear is exactly that.

I love this piece, especially these two reminders: What you can try is limitless. And focus on specific goals to avoid burnout.

More …