Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.
This issue covers the week from September 18th to September 24th
Intigriti News
- It’s CHALLENGE O’CLOCK!
- XXE! Automate or search for it manually
- Exploiting SQL Injection vulnerabilities!
From my notebook
- Hacker Tweets Explained
- Tokyo Hacking & Interview with 0xLupin (Ep. 37)
- IDOR – how to predict an identifier? Bug bounty case study
- 22.6k+ GitHub Stars Note-Taking App Hit by XSS Vulnerability
- Build It Before Breaking It !!
- India hacks Pakistani websites post-terrorist attack
- How is cloud pentesting different to config review? (shorts)
- How to Look For Virtual Hosts // How To Bug Bounty
- Data Security RoadMap in 2023
- Application Security vs Cloud Security (shorts)
- Michael Taggart’s Journey in Education and Information Security
- GCP Service Account explained! (shorts)
- Authentication Vulnerabilities – Lab #10 Offline password cracking | Short Version
- I Explored Ransomware Cybercrime on the Dark Web
- How to Stop an Army of 14 Million Zombie Computers🎙Darknet Diaries Ep. 94: Mariposa Botnet
- Hacking a vice presidential Yahoo account (shorts)
- Which Visual Studio Code Extensions Can Be Hacked?
- Cloud Pentesting: AWS vs GCP (shorts)
- Run ANY Linux Program In Memory
- Automated Password Hacking (for the lazy hacker)
- Directory Traversal / File Read Into Zip with Python [HackTheBox Snoopy]
- HackTheBox – Snoopy
- How “Mimikatz” works (shorts)
- Tesla insiders leaked tons of data! #shorts #cybersecurity #infosec (shorts)
- UK changing laws to stop security patches to software to make spying easier! #cybersecurity #privacy(shorts)
- Start doing cloud pentesting in GCP? (shorts)
- Do not forget about this attack scenario #bugbounty #bugbountytips #bugbountyhunter (shorts)
- Sherrod DeGrippo on Why She Loves Cyber Crime
- Risky Business #722 — Microsoft embraces Zero Trust… Authentication?
- SN 940: When Hashes Collide – Secure-wipe best practices, browser identity segregation, bye bye Twitter (X)
- Episode 393 – Can you secure something you don’t own?
- Beginner
- Unmasking Directory Traversal: Navigating Vulnerabilities in Web Applications
- Guarding the Cosmos: The Dark Secrets of Your WordPress `wp-config.php` File
- Bruteforcing Files and Directories is Easy… Right?
- Extracting Sensitive Data from HTML and JS Files.
- [CORS] Easy peasy lemon squeezy
- Race Condition Vulnerabilities: A Hands-On Primer — Part 1
- Intermediate
- Injecting Danger: Understanding Server-Side Template Exploits
- The Introduction to AXIOM
- The Ultimate SQLmap Tutorial: Master SQL Injection and Vulnerability Assessment!
- Automating Reconnaissance with Sling Shot R3con — powered by project Discovery tools
- Mastering Reconnaissance with Project Discovery
- Cloud Security: Protecting Your Digital Oasis in the Cloud
- Behind the Hack: The Mechanics of SQL Injection Attacks
- Advanced
- How a Simple Spreadsheet Can Hack Your Computer | CSV Injection
- How to use Burp Suite Like a PRO?
- Ethical Hacker’s Passive Reconnaissance Toolkit
- Find Bugs While Sleeping ? Get Phone Notifications When A Bug Is Found
- Understanding CVE-2023–24329 -Python urlparse Function
- New ways to inject system CA certificates in Android 14
- Security Research
- Exploit Analysis: Request-Baskets v1.2.1 Server-side Request Forgery (SSRF)
- CVE-2023–39612: CSP bypasss + XSS to achieve Admin Account Takeover + Remote Command Execution
- Defeating Visual Studio Code embedded reverse shell
- Critical DICOM Server Misconfigurations Lead to Exposure of 1.6M Medical Records
- The WebP 0day
- Multiple Memory Corruption Vulnerabilities
- LUCR-3: Scattered Spider Getting SaaS-y in the Cloud
- The indomitable maintainer spirit versus the indifferent cruelty of JavaScript
- Writing API exploits using Postman Flows
- Wind River VxWorks tarExtract directory traversal vulnerability
- Fileless Remote Code Execution on Juniper Firewalls – Blog
- Account Takeover in Canvas Apps served in Comet due to failure in Cross-Window-Message Origin validation
- I hacked macOS! (CVE-2022-32947)
- Bugs
- Reverse Search IDOR approach to Exposure of all Organizational Sensitive Information.
- $1,250 worth of Host Header Injection
- Csrf with content type change.
- Discovering 7 Open Redirect Bypasses and 3 XSS Bypasses Within a Single Program
- Cross-site Scripting (XSS) On Small Crm Portal CVE-2023–43331
- Subdomain Takeover
- How I Earned My Place Among Ferrari’s Elite-16 in the Hall of Fame
- Broken access control (username or email enumeration)
- Uncovering a Critical Vulnerability in Samsung Mobile Security: A Bug Bounty Journey
- My debut with a Critical Bug: How I found my first bug (API misconfiguration)
- My $1000 Bounty Bug: How I Stopped Companies from Losing Money with an IDOR Flaw
- Stored XSS in Admin Panel
- How 2 Cute Bugs offered me a reward of 650€
- Discovering PII with Google Dorking: My Journey of Finding Vulnerabilities in Government Website
- Tricky 2FA Bypass Leads to 4 digit Bounty $$$$
- Unlocking Premium CV Features: My Journey to Downloading CVs for Free
- How I Got 4 SQLI Vulnerabilities At One Target Manually Using The Repeater Tab
- OTP Bypass leads to Account Creation
- Weird LFI and escalating the impact from High to Critical
- One click Account Takeover & IDOR leaks all user information
- API Information Disclosure Leading to Admin Account Takeover
- OTP Bypass via Source Page Inspection
- How i found an Stored XSS on Google Books
- No Rate Limit for Forgot Password
- Privilege Escalation: How I Earned $500 by Discovering the Ability to Delete Documents as a Student
- Bypassing ML based phishing and spam detection using evasion
- Webinar Pro or Not: The $500 Access Control Bug
- Hacking into gRPC-Web
- CTF challenges
- Haylxon: Take screenshots of urls/websites from terminal new release 🦊
- Automating Reconnaissance with Sling Shot R3con — powered by project Discovery tools
- MFMokbel/Crawlector: Crawlector is a threat hunting framework designed for scanning websites for malicious objects.
- HTMLSmuggler – HTML Smuggling Generator And Obfuscator For Your Red Team Operations
- SMShell – Send Commands And Receive Responses Over SMS From Mobile Broadband Capable Computers
- Surf – Escalate Your SSRF Vulnerabilities On Modern Cloud Environments
