By travisintigriti
February 15, 2023
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.
This issue covers the weeks from February 6th to February 12th
Intigriti News
Ubisoft join us with their VDP why not take a look and skill up your game hacking?
From my notebook
Hi everyone! I’m back! I took 2 weeks off while I adjusted to the new semester here. inthe UK, but we’re back so let’s check out this week’s top 5…
CyberSecurity Journey With @HarshBothra | Hacker2Hacker | SSRF
Solving a VM-based CTF challenge without solving it properly
Other Amazing Things
$1mln – Generating ETH from thin air – Aurora rainbow bridge
Why you should try bug bounty hunting with application analysis!
@PatrickAlphaC Web3 Education, Auditing and Advice for New Engineers in Web3
Announcing Nuclei Cloud – SaaS platform built on the top of Nuclei – @emgeekboy
Hey fam, What are some of the best shodan resources you all have seen? – @Jhaddix
Bypassing SameSite=lax cookie restrictions to preform CSRF resulting to a horizontal privilege
Blind Time-based SQL injection vulnerability in an Indian government website
SSRF That Allowed Us to Access Whole Infra Web Services and Many More
How I Was Able to Takeover User Accounts via CSRF on an E-Commerce Website
The truth behind the 3rd argument for exploiting the Webexservice
Finding Treasures in Github and Exploiting AWS for Fun and Profit — Part 1
Does it really helps? Partially redacting account numbers contained in the credit report.
SSRF in redacted.com: How I Found and Reported a Vulnerability
Firefly: a smart black-box fuzzer for web applications testing
S3BucketList – Firefox plugin that lists Amazon S3 Buckets found in requests.