Bug Bounty & Agile Pentesting Platform

Bug Bytes #126 – XSS in AWS, exotic Python RCE vectors, zseano’s methodology

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.

This issue covers the week from May 31 to June 7.

Intigriti News

The Ethical Hacker Insights Report 2021 webinar

Our favorite 5 hacking items

1. Conference of the week

Unexpected Execution: Wild Ways Code Execution can Occur in Python & Repo

In this talk, Graham Bleaney and Ibrahim Mohamed show several functions that enable Remote Code Execution in Python other that the standard eval and exec libraries. This is so insightful for anyone interested in RCE, SSTI or Deserialization vulnerabilities in Python apps.

2. Writeup of the week

XSS in the AWS Console (Amazon)

@Frichette_n found two XSS vulnerabilities in AWS Console. Like he says, the writeup has everything from XSS to CSP bypass, Client-Side template injection and memes. A great read and cool findings!

3. Resources of the week

zseano’s methodology & Other BugBountyHunter.com news
NotKeyHacks

@zseano‘s methodology is freeee! It’s a 71 pages ebook where he details his own methodology for bug hunting, including tools and all the questions he asks himself at each step that allow him to find vulnerabilities that most people miss.

@dee__see‘s NotKeyHacks is such a great idea! It’s the opposite of KeyHacks, so a collection of tokens that look sensitive but are not. Next time you intent to report hardcoded tokens or API keys, make sure to check if they appear in this repo.

4. Tools of the week

XSS Hunter Express

page-fetch & What is a Prototype Pollution vulnerability and how does page-fetch help?

If you want a self-hosted version of XSS Hunter to test for Blind XSS, this is it! @IAmMandatory re-wrote the tool to make it easy to install and maintain thanks to Docker and Let’s Encrypt certificates.

page-fetch is @TomNomNom‘s latest open source tool that helps test for client-side bugs like Prototype pollution. It comes with a detailed tutorial on this vulnerability class, how it works and how page-fetch helps detect it.

5. Tutorial of the week

ASP.NET Cryptography for Pentesters & Cheatsheet

This tutorial by @paulmmueller covers the practical exploitation of ASP.NET cryptography, with a cheatsheet for pentesters. This could be an invaluable resource when you’re testing an ASP.NET app for the first time.

Other amazing things we stumbled upon this week

Videos

Podcasts

Webinars

Conferences

Tutorials

Medium to advanced

Beginners corner

Writeups

Challenge writeups

Pentest writeups

Responsible(ish) disclosure writeups

N-day vulnerabilities

Bug bounty writeups

See more writeups on The list of bug bounty writeups.

Tools

Tips & Tweets

Misc. pentest & bug bounty resources

Challenges

Articles

Bug bounty & Pentest news

Non technical

Community pick of the week

Awesome! It looks good, @sumgr0, and is very well deserved!

Do you also have bug bounty wins, swag and joys to share with other Bug Bytes readers? Tag us on social media, we love to hear from you!

%d bloggers like this:
-->