Bug Bytes #187 – NahamCon, IWCon, Hacking Misconceptions, Scaling Recon and Jason’s Pentest

By travisintigriti

December 28, 2022

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.

This issue covers the weeks from December 12th until December 25th.


Intigriti News

From my notebook

  1. NahamCon EU 2022: A Free Virtual Offensive Security Conference – NahamCon’s first regional conference, focusing on the EU/India timezones and hosted by InsiderPhD and Farah Hawa. Tons of great talks but here are the 3 available at the moment!

  2. IWCon 2022 – IWCon was just the week after and again a fantastic conference, no videos yet but some speakers have shared their slides!

  3. I Hope This Sticks: Analyzing ClipboardEvent Listeners for Stored XSS. When is copy-paste payloads not self-XSS? – Technically this was a talk at NahamCon so this is kinda a 2-for-1 but this write up by SpaceRacoon looks at event listeners and stored XSS

  4. CVE-2022-42710: A journey through XXE to Stored-XSS – Follow Omar as they find CVE-2022-42710

  5. Hacker Gift Giving ideas by insiderPhD – I put together some threads if anyone is looking for last minute gifts for their hacker friends, I’ve summarised it in 3 categories, IRL stuff you can wrap, virtual gifts and books

Other Amazing Things

You may also like