Bug Bounty & Agile Pentesting Platform

Bug Bytes #131 – Credential stuffing in bug bounty, Hijacking shortlinks & Hacker shows

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.

This issue covers the week from July 5 to 12.

Our favorite 5 hacking items

1. Tools of the week

ppmap
WILSON Cloud Respwnder & Intro

ppmap is a Go scanner to test for XSS via prototype pollution using known gadgets and existing research. Being 100% automated, it is a handy way to test for those low-hanging prototype pollution bugs.

WILSON Cloud Respwnder is an alternative to Burp Collaborator and Interactsh by @honoki. Why another tool? Because it allows you to continue receiving OOB requests for a long time (no need to keep Burp or an Interactsh session open). It can send notifications to Slack or Discord, allows block-listing domains from notifications and serving custom files.
If only it was named AlorsOnDNS!

2. Writeups of the week

Credential stuffing in Bug bounty hunting ($8,300)
Whose app are you downloading? Link hijacking Binance’s shortlinks through AppsFlyer

It is interesting to see credential stuffing (usually more associated with pentest/red teaming) leveraged for bug bounties. @Krevetk0Valeriy shares how they did it and managed to score several bounties.

The second writeup is about exploiting a third-party app analytics platform. By overwriting shortlinks, it was possible to serve malicious apps to thousands of users. As usual, a very insightful writeup by @samwcyo.

3. Challenge of the week

SQHell & ep02 CTF TEARDOWN SQHELL on TryHackMe

SQHell is a free TryHackMe room by @adamtlangley. It covers 5 types including nested SQL injection / SQL inception that is interesting to practice. If stuck, check out the hour-long video walkthrough by the challenge’s author himself.

4. Videos of the week

Hacker Tools – CyberChef & Blog post
Hacker Heroes #4 – @real_bitmap (Interview)

I love listening to interviews when I am walking outside, so this new Hacker Heroes series by @PascalSec comes at a perfect time.
If I’m at a mood for more technical content, @PinkDraconian‘s byte-sized tutorials (both blog posts and this new video format) always teach me something new.
Great job and not just because we’re colleagues!

5. Tip of the week

XML SQL injection

Did you know that XML elements are a good place to test for SQL injection? It’s worth remembering especially in cases where all your XXE attempts are failing.

Other amazing things we stumbled upon this week

Videos

Podcasts

Webinars

Conferences

Tutorials

Medium to advanced

Beginners corner

Writeups

Challenge writeups

Pentest writeups

Responsible(ish) disclosure writeups

N-day vulnerabilities

Bug bounty writeups

See more writeups on The list of bug bounty writeups.

Tools

  • AioResolver: Fast DNS resolver
  • JiraScan: A simple remote scanner for Atlassian Jira
  • roboXtractor: Extract endpoints marked as disallow in robots files to generate wordlists
  • UserEnumTeams: User enumeration with Microsoft Teams API
  • TokenTactics: Azure JWT Token Manipulation Toolset

Tips & Tweets

Misc. pentest & bug bounty resources

Challenges

  • Vuldroid: An intentionally Vulnerable Android Application

Articles

Bug bounty & Pentest news

Non technical

Community pick of the week

You’re killing it! Congratulations @isira_adithya 🔥

If you too have bug bounty wins, swag and joys to share with other Bug Bytes readers, tag us on social media. We love hearing from you!

%d bloggers like this:
-->