Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.
This issue covers the week from March 8 to 15.
Our favorite 5 hacking items
1. Article of the week
Finding Issues In Regular Expression Logic Using Differential Fuzzing
I think some of the most interesting attacks and research are at the intersection of different fields of offensive security. This is a good example by @defparam. He shows how to use differential fuzzing to find logic flaws in web-related regular expressions.
2. Writeups of the week
Obtaining .NET Assemblies from Android Full AOT Compiled Applications
CVE-2020-29653: Stealing Froxlor login credentials using dangling markup
Messing with GitHub’s fork collaboration for fun and profit (GitHub, $30,000)
The first writeup shows a method for extracting assemblies from Android applications compiled with AOT. It might be useful to know for a future mobile engagement.
The second writeup shows a useful technique to remember when you find a HTML injection and want to increase its impact because XSS just isn’t possible.
Lastly, @not_an_aardvark found some pretty serious broken access control issues on GitHub. It’s a very interesting writeup on GitHub’s fork collaboration feature.
3. Vulnerability of the week
leaky.page & A Spectre proof-of-concept for a Spectre-proof web
This is worrying research on Spectre by Google’s Security Team. They showed that it is a pratical attack with a Proof of Concept site that can leak information from victims’ browser memory!
4. Tools of the week
Regexploit & Intro
Regexploit is a Python tool that helps find regular expressions vulnerable to ReDoS. Judging from the list of vulnerabilities @doyensec discovered using it, it seems very effective and worth a try.
Wl is @s0md3v‘s latest tool. It’s a Go utility that converts strings to different casing styles, which is so handy for credentials bruteforce and content discovery.
5. Conference of the week
NahamCON 2021: Red Team Village & Slides:
Wasn’t NahamCon fantastic? I love a good offensive security conference! Since the main track and villages were happenning at the same time, you might’ve missed interesting talks. So, here’s the list of all NahamCon talks and slides I found public if you want to catch up.
Other amazing things we stumbled upon this week
Webinars & Webcasts
Responsible(ish) disclosure writeups
Bug bounty writeups
See more writeups on The list of bug bounty writeups.
Misc. pentest & bug bounty resources
Bug bounty & Pentest news
Community pick of the week
Nice rig there, @plenumlab! We love it and hope it’ll help you find more cool bugs.
Want to share your bug bounty wins, swag and joys with other Bug Bytes readers? Tag us on social media, we’d love to hear from you too!