The 5 Hacking NewsLetter 47

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 22 to 29 of March.

T5HN47.png

Our favorite 5 hacking items

1. Tip of the week

Bugbounty scope expanding

This paste presents a set of recon steps to expand your bug bounty scope. All of them are well known and documented in most articles on recon, except one which I haven’t seen anywhere before:

Once you have a first list of subdomains (using scraping or bruteforce), split them up to build a new list of subdomains to test for.

For example, let’s say you first found:

  • test.dev.xyz123123ccc.com
  • cc.prod.xyz123123ccc.com

The new subdomains to try are:

  • dev.xyz123123ccc.com
  • prod.xyz123123ccc.com

It’s a simple idea but might allow you to find new “hidden” subdomains. It is very similar to what Altdns does, but I’m not sure splitting up subdomains like this is included in this tool.

More …

The Bug Hunter Podcast 5: Recon workflow & Out of the box thinking in day-to-day life

the-bug-hunter-podcast-episode-05.png

Hi, here’s a new episode of the Bug Hunter podcast!

You can now listen to it using the widget below or on the following platforms: Apple podcasts/iTunes, Google Podcasts, Podbean, Anchor, Spotify, Breaker, Pocket Casts, Overcast and RadioPublic.

If your favorite podcasting app is missing from this list, please let me know so I can add it.

Also, if you prefer written text, you’ll find the whole transcript below. It’s also helpful for finding any links or commands mentioned in the audio.


More …

How to think out of the box with @EdOverflow

how-to-think-out-of-the-box-with-edoverflow.png

Hey hackers! This is the second AMA around the topic of: How to think out of the box?

As a reminder, it’s part of a series started when I was preparing the Bug Hunter podcast Ep. 4 on this same topic. I wanted to include advice from different bug hunters. So I asked several hackers these 3 specific questions:

  • How to find bugs that are not duplicates?
  • How to find new areas of research (like in @securinti’s last blog post or what James Kettle does)?
  • How to find logic bugs or bugs that don’t fall under any category, can’t be found with tools or require real thinking?

@EdOverflow was one of the generous hackers who responded. Here is his advice:

More …

The 5 Hacking NewsLetter 46

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

This issue covers the week from 15 to 22 of March.

T5HN46.png

Our favorite 5 hacking items

1. Tip of the week

T5HN46-tip.png

This is an awesome trick for any bug hunter who uses Chrome. You can create shortcuts to query sites like Shodan, VirusTotal, RiskIQ, etc.

For instance, you can type s google (for https://www.shodan.io/search?query=org%3Agoogle).

To do this, go to Settings in Chrome, then Manage search engines. Add a new one with s as the Keyword and https://www.shodan.io/search?query=org%3Agoogle as the URL.

More …

Compilation of recon workflows

Hi, this is a compilation of recon workflows found online. Use it as inspiration for creating your own Web pentest / bug bounty recon workflow.

These are all the ones that I could find. So if yours is missing and you want to see it featured above too, please send it to [email protected].

I will update this every time I have a new flowchart or mindmap. So keep an eye on this page!

compilation-of-recon-workflows.png

More …