How to think out of the box with @EdOverflow

Hey hackers! This is the second AMA around the topic of: How to think out of the box?

As a reminder, it’s part of a series started when I was preparing the Bug Hunter podcast Ep. 4 on this same topic. I wanted to include advice from different bug hunters. So I asked several hackers these 3 specific questions:

• How to find bugs that are not duplicates?
• How to find new areas of research (like in @securinti’s last blog post or what James Kettle does)?
• How to find logic bugs or bugs that don’t fall under any category, can’t be found with tools or require real thinking?

@EdOverflow was one of the generous hackers who responded. Here is his advice:

The 5 Hacking NewsLetter 46

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 15 to 22 of March.

Our favorite 5 hacking items

1. Tip of the week

This is an awesome trick for any bug hunter who uses Chrome. You can create shortcuts to query sites like Shodan, VirusTotal, RiskIQ, etc.

For instance, you can type s google (for https://www.shodan.io/search?query=org%3Agoogle).

To do this, go to Settings in Chrome, then Manage search engines. Add a new one with s as the Keyword and https://www.shodan.io/search?query=org%3Agoogle as the URL.

Compilation of recon workflows

Hi, this is a compilation of recon workflows found online. Use it as inspiration for creating your own Web pentest / bug bounty recon workflow.

These are all the ones that I could find. So if yours is missing and you want to see it featured above too, please send it to [email protected].

I will update this every time I have a new flowchart or mindmap. So keep an eye on this page!

How to think out of the box with @zseano

Hey hackers! This is the first post of a series on the topic of: How to think out of the box?

When I was preparing the Bug Hunter podcast Ep. 4 on this same topic, I wanted to include advice from different bug hunters. So I asked several hackers these 3 specific questions:

• How to find bugs that are not duplicates?
• How to find new areas of research (like in @securinti’s last blog post or what James Kettle does)?
• How to find logic bugs or bugs that don’t fall under any category, can’t be found with tools or require real thinking?

@zseano was one of the hackers I reached out to, and he was kind enough to respond with awesome advice!
Here is his response:

The 5 Hacking NewsLetter 45

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 8 to 15 of March.

Our favorite 5 hacking items

1. Conference of the week

OWASP AppSec California 2019, especially:

• An Attacker’s View of Serverless and GraphQL Apps & Slides
• Endpoint Finder: A static analysis tool to find web endpoints, Slides & EndpointFinder
• Pose a Threat: How Perceptual Analysis Helps Bug Hunters & Slides
• Creating Accessible Security Testing with ZAP & Slides
• Cache Me If You Can: Messing with Web Caching & Slides
• Automated Account Takeover: The Rise of Single Request Attacks & Slides
• Open-source OWASP tools to aid in penetration testing coverage & Slides
• The Call is Coming From Inside the House: Lessons in Securing Internal Apps & Slides

OWASP AppSec conferences are great for anyone interested in (both offensive and defensive) Web app security. This one is particularly good, as you can judge from the list of talks above that I’m planning to watch!

Some of the topics addressed are: extracting endpoints from JS files, FaaS & GraphQL security, Web Caching vulnerabilities, scaling visual identification for bug hunters, new features in ZAP, interesting OWASP tools for white box pentesting…

The only thing missing is the video/slides from workshops which look really interesting. Gonna have to go there myself some day!