Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.
This issue covers the weeks from October 16th until October 22nd.
Intigriti News
From my notebook
- DEF CON 30 – Eugene Lim- You Have 1 New Appwntment – Hacking Proprietary iCalendar Properties & DEF CON 30 – Sick Codes – Hacking the Farm = Breaking Badly into Agricultural Devices If I had to pick the two stand out talks for me at DEFCON this year these are the two that I think about weekly since the summer, and also I actually used some of the tips in the ical video to find a bug! My tip for you reading is to check if apps automatically scan emails or similar to make calendar events.
- Broken Access Control testing by ShreKy & Google VRP — [Insecure Direct Object Reference] $3133.70
- How I Got $10,000 From GitHub For Bypassing Filtration oF HTML tags
- 23000$ for Authentication Bypass & File Upload & Arbitrary File Overwrite
Other Amazing Things
- DEFCON Releases videos from DEFCON 30 August 2022 – here’s just a small selection that interested me
- Hacking doors / Access control system hacking
- DEF CON 30 – Silk – How to Lock Pick
- DEF CON 30 BiC Village – Ochuan Marshall – The Last Log4J Talk You Ever Need
- DEF CON 30 – James Kettle – Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling
- DEF CON 30 – Daniel Jensen – Hunting Bugs in the Tropics
- DEF CON 30 – Orange Tsai – Let’s Dance in the Cache – Destabilizing Hash Table on Microsoft IIS
- DEF CON 30 – Michael Bargury – Low Code High Risk – Enterprise Donation via Low Code Abuse
- DEF CON 30 – Jeffrey Hofmann – PreAuth RCE Chains on an MDM – KACE SMA
- DC30 DCGVR Talks – Careful Who You Colab With
- DEF CON 30 – Samuel Erb, Justin Gardner – Crossing the KASM – a Webapp Pentest Story
- DEF CON 30 – Thomas Roth , Solana – JIT – Lessons from fuzzing a smart contract compiler
- DEF CON 30 – Richard Thieme – UFOs, Alien Life, and the Least Untruthful Things I Can Say
- DEF CON 30 – stacksmashing – The Hitchhacker’s Guide to iPhone Lightning and JTAG Hacking
- DEF CON 30 Retail Hacking Village – Spicy Wasabi – Rock The Cash Box
- $29,000 GitLab – Arbitrary File Read
- LAND A CYBERSECURITY JOB WITH THIS ONE SIMPLE TRICK
- Naabu || Passive Port Scanning Tool
- How Hackers Hide
- I Leaked My IP Address!
- From Pharmacy to Cyber
- Hacker Drones are Finally Here…
- HackTheBox – Faculty
- Intigriti code snippet challenge
- DarkNet Diaries EP 126: REVIL
- CYBER When the Video Game Reaches Out to Ask You to Spend More Money
- Smashing Security 294: The Virgin trains swindler, cyber clowns, and AirTag election debacle
- Malicious Life Hacking Stock Markets Part 2
- Cloud Security Podcast Kubernetes Best Practices-2022
- When you hear “bug bounty hacker” who comes to mind?
- Defining a Bug Bounty methodology
- Ways to succeed in bug bounty
- Smart Contract / Blockchain
- Coping with vulnerabilities
- The Ultimate Guide to Finding Bugs With Nuclei
- Basic And Advance HTTPX For Bug Bounty
- Android Hacking-Exploiting Content Providers
- API Security Checklist
- Hacking GUIDs
- 8 Account takeover methods
- PHP filters chain: What is it and how to use it (deserialisation)
- Practical Guide to Malware Analysis and Reverse Engineering(Analyzing VBA“Macros” Code P-2.2)
- CVE-2020–13956
- Sql Injection for Beginners using Sqlmap Part -2
- My fav 7 methods for Bypassing Android Root detection
- My First Critical Bug In HackerOne Platform
- A $500+ Open Redirect Bounty in Under 10 Minutes
- Facebook SMS Captcha Was Vulnerable to CSRF Attack
- Everything about Session Puzzling and Hijacking
- Burp Suite? No Thanks! Blind SQLi in DVWA With Python (Part 1)
- Exploitation of misconfigured Amazon aws s3 buckets
- WordPress Subdomain Takeover on Bugcrowd Private Program
- HTTP request smuggling Explained and Exploited Part 0x2
- Finding P1 Vulnerabilities: Tools & Resource
- P1 Bug Bounties: Multi-Factor Authentication Bypass
- What are Smart Contracts on Blockchain?
- Exploiting Elastic Search Instances
- OTP in forget password | how to bypass OTP verification | OTP poc
- “Zero-Days” Without Incident – Compromising Angular via Expired npm Publisher Email Domains
- I found a bug that would let me fetch any users password reset link
- An Unexpected Reflected XSS
- GitHub – Crypto-Cat/CTF: CTF chall write-ups, files, scripts etc (trying to be more organised LOL)
- Extract e-mail addresses from a large JSON file – Zero Day Hacker
- JSON Web Tokens
- Don’t use Dalfox for Automated XSS
- Burp Suite for Pentester – XSS Validator – Hacking Articles
- JSubFinder – Searches Webpages For Javascript And Analyzes Them For Hidden Subdomains And Secrets
- xnLinkFinder – A Python Tool Used To Discover Endpoints (And Potential Parameters) For A Given Target
- GitHub – Zerx0r/Kage: Kage is Graphical User Interface for Metasploit Meterpreter and Session Handler
- GitHub – tomnomnom/gron: Make JSON greppable!
- Akamai XSS WAF bypass
- How I found the $1,500 SSRF in Stripe bug bounty program
- Bug report spreadsheet
- 50 YouTube channels to up-skill in cyber security
- 2FA bypass
- Finding your first bug
- Paranoids (Yahoo) promotions until the end of the year
- First 75 hackers of the month between October and the end of the year get a 25% bonus
- First 10 mobile app reports 50% bonus
- Submit a nuclei template for a 10% bonus
- Welcome back bonus coming soon
- Login spoofing issue in GitHub nets researcher $10k bug bounty reward
- Dangerous hole in Apache Commons Text – like Log4Shell all over again
- This week in OSINT
