Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.
This issue covers the week from 23 to 30 of August.
Our favorite 5 hacking items
1. Non technical item of the week
Economics of the bug bounty hunting
This is a great read about how @dmi3sh uses specific metrics to increase his hourly rate as a full-time bug hunter.
The main takeaway for me is that he relies on a list of criteria to decide on which target, functionality and bug type it is best to focus. These are things like: Probability of finding a bug, payout, chance of being duped, of getting N/As and out of scope, chances of being paid, etc.
Using these objective elements helps make decisions about what to focus on a lot easier.
More …
Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.
This issue covers the week from 16 to 23 of August.
Our favorite 5 hacking items
1. Article of the week
SSRF in the Wild
This article is an analysis of publicly disclosed SSRF writeups.
@vickieli7 curated 76 unique reports, then read each one and categorized them following criteria like: vulnerable feature, presence of SSRF protection, criticality/impact, type of fix implemented…
She gives interesting statistics on each category. For example, 27 of the 76 bugs affected an image/file upload feature.
I love this idea of studying a vulnerability class by producing statistics based on specific criteria. This can be scaled to include other bug types and more writeups.
It’s also a great idea to look for bypasses each time you read a writeup. This is what allowed @vickieli7 to find one bug while learning about SSRF!
More …
Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.
This issue covers the week from 09 to 16 of August.
Our favorite 5 hacking items
1. Tips of the week
Bounty hunters: how do you organize your notes on targets, especially when switching targets back and forth and doing it for a long time?
This is a cool Twitter thread. Fisher (@Regala_) prompted the question about how other bug hunters organize their notes, and many hunters responded.
Tools mentioned include a private Github repo, simple notes and folders, SwiftnessX, OneNote, a whiteboard for logic flaws, Google Docs, XMind, etc.
It’s nice to get a peak at what others are using!
More …
Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.
This issue covers the week from 02 to 09 of August.
Our favorite 5 hacking items
A. Slides of the week
Black Hat USA 2019 Slides & presentation materials
It feels like Hacker Summer Camp (Black Hat, Defcon, BSides Las Vegas…) has dominated the news this week. A huge chunk of new vulnerabilities, tools, slides, and whitepapers published were shared during these events.
So I am not going to share with you all the links because there are way too many. But you can find slides and whitepapers on the Black Hat website. You can start going through that while waiting for the video recordings to come out.
Also here is what I do to find materials on a topic I’m interested in: I check out the talk’s title and author in the presentations schedule or in the workshops page. Then I search for it on Twitter/Google/Github.
For example, I found these using this method:
Also, don’t forget to check out the arsenal section. You won’t necessarily see links to the tools there, but you can find them on Github/Google (e.g. Eyeballer & JSShell).
More …
Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.
This issue covers the week from 26 of July to 02 of August.
Our favorite 5 hacking items
Ghostwriter, Introduction - Part 1 & Part 2
Ghostwriter is a new project management & reporting engine by SpecterOps. It is open source and free and has a lot of interesting features:
- Client management: for tracking your pentest clients & the information like points of contact, project history, notes…
- Project management: for information like the type of project (pentest, vulnerability assessment, etc), start & end dates, the team assigned to the project…
- Infrastructure management: for tracking and monitoring the domain names & servers you use for the project (like C2 servers)
- Reporting engine: to generate reports in different formats (JSON, docx, xlsx & pptx) with support for template keywords
- Automation: running tasks in the background, released C2 domains at the end of a project & Slack notifications
These are just some functionalities. Ghostwriter is an excellent tool for pentest teams and red teams.
More …
