Bug Bounty & Agile Pentesting Platform

Bug Bytes #189 – Top YouTube Channels of 2022, Web Hackers vs Ferrari, Cognito Security Misconfiguration

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.

This issue covers the weeks from January 2nd to January 8th

Intigriti News

From my notebook

It’s been a quiet week in the offensive security community, this week I’ve put together a must read list on more advanced resources shared this week. From a look into the world of automotive security and household names, to the nitty gritty of Java Deserialisation, scaling up a neat website idea into a search engine and proxying encrypted traffic.

  1. Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More
  2. Exploring the World of ESI Injection
  3. Image Stacks and iPhone Racks – Building an Internet Scale Meme Search Engine
  4. Fetch Diversion
  5. Manipulating AES Traffic using a Chain of Proxies and Hardcoded Keys

Other Amazing Things

Write Ups