Bug Bytes #71 – 20K Facebook XSS, LevelUp 0x06 & Naffy’s Notes

bugbytes-71

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.

button

This issue covers the week from 08 to 15 of May.

Our favorite 5 hacking items

1. Tool of the week

Wuzz

If you ever want to send HTTP requests for a quick test without firing up Burp/ZAP, this is the tool for you. It is an interactive CLI tool for HTTP inspection. It allows you to send HTTP requests from the terminal, while controlling everything from the headers to the request’s type and data.

2. Writeup of the week

$20000 Facebook DOM XSS (Facebook, $20,000)

DOM XSS through postMessage is trendy and lucrative. @vinodsparrow found one in Facebook’s login button, and shares all the details in this cool writeup. The nice thing is, he not only shares the code to exploit it, but also explains what led him to believe that there was an issue in the first place.

3. Videos of the week

@nnwakelam is one of the current bug hunter millionaires, and is particularly known for his recon skills. It is awesome to have this almost 2-hour interview where he chats with @nahamsec about his specialty, extending the attack surface, plus many other things like bug examples, Burp, vulnerability indicators… Also, just in case, here is his TL;DR.

LevelUp is also a rendez-vous I never miss. Topics range from automotive testing to security code review, writing résumés, choosing targets, and making better decisions as bug hunters.

4. Non technical items of the week

These are two good pieces that point out important questions every struggling bug hunter should ask themselves. The idea is to find out what is hindering you. So, even if these exact questions don’t apply to you, try to extrapolate to find your own missing pieces.

5. Tutorial of the week

How To Scan AWS’s Entire IP Range to Recon SSL Certificates

This article expands on an idea mentioned in Naffy’s interview, that is scanning AWS’s entire IP range and identifying certificates belonging to your target. This is done by chaining existing open source tools, and could be applied to other Cloud providers like Azure.

Other amazing things we stumbled upon this week

Videos

Podcasts

Webinars & Webcasts

Conferences

Tutorials

Medium to advanced

Beginners corner

Writeups

Challenge writeups

Pentest writeups

Responsible(ish) disclosure writeups

Bug bounty writeups

See more writeups on The list of bug bounty writeups.

Tools

Misc. pentest & bug bounty resources

Challenges

Articles

News

Bug bounty & Pentest news

Reports

Vulnerabilities

Breaches & Attacks

Other news

Coronavirus

Non technical

Tweeted this week

We created a collection of our favorite pentest & bug bounty related tweets shared this past week. You’re welcome to read them directly on Twitter: Tweets from 05/08/2020 to 05/15/2020.

Curated by Pentester Land & Sponsored by Intigriti