Bug Bytes #108 – Browser to automate XSS, Finding bug bounty collaborators & Ending the SameSite confusion

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.

button

This issue covers the week from January 25 to of February 1st.

Intigriti News

Baron Samedit bug, Zhang Guo deception, SAP attacks & DDoS via RDP

Our favorite 5 hacking items

1. Resource of the week

findhunters

findhunters is a platform by @sametsahinnet for findings hunters that want to collaborate. You can announce that you’re looking for collaborators, which payout split you want, the type of testing, vulnerability or target you’re interested in, etc. It’s a great idea as it may help you reach people you wouldn’t have otherwise known.

2. Writeup of the week

Applying Offensive Reverse Engineering to Facebook Gameroom (Facebook)

@spaceraccoonsec has a talent for explaining complex vulnerabilities and findings. With this writeup, we learn about an insecure deserialization bug he discovered on Facebook Gameroom (a Windows-native client) during Bountycon.

3. Videos of the week

Burp Suite BApp Management for Pentesters and Bug Bounty Hunters
Commonly Misunderstood Bugs: DDoS & DOS
Bug Bounty Fundamentals: Scope

If you want to level up your bug hunting game, @codingo_‘s Youtube channel is a really good place to start. These three new videos are short but packed with information on how to test for Denial of Service vulnerabilities in bug bounties, how to approach scope, and how to manage Burp extensions and configuration.

4. Article of the week

The great SameSite confusion

@jub0bs lifts the veil on a common misconception about the SameSite cookie attribute. It’s an excellent read that helps understand the difference between a site and an origin, and why conflating the two can lead to vulnerabilities.

5. Tool of the week

XSSTRON

XSSTRON is an Electron JS Browser that passively detects XSS while you are browsing. It can find reflected, stored and DOM XSS with support of POST requests. I haven’t tested it yet, but it is from @RenwaX23 who (judging from their Twitter feed and challenges) know a thing or two about XSS.

Other amazing things we stumbled upon this week

Videos

Podcasts

Webinars & Webcasts

Conferences

Slides & Workshop material

Tutorials

Medium to advanced

Beginners corner

Writeups

Challenge writeups

Pentest writeups

Responsible(ish) disclosure writeups

Bug bounty writeups

See more writeups on The list of bug bounty writeups.

Tools

Tips & Tweets

Misc. pentest & bug bounty resources

Articles

Bug bounty & Pentest news

Non technical

Community pick of the week

See how badass @DattanaMayank looks! Congratulations for the cool bug(s) behind these RedBull crates!

We’d love to hear from you too about your bug bounty wins, swag and joys. Tag us on social media if you want to share them with other Bug Bytes readers.