Bug Bytes #202 – CAIDO, Finding your first bug, and OAuth

By travisintigriti

May 31, 2023

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.

This issue covers the weeks from May 22nd to May 28th

CLICK HERE TO SUBSCRIBE

Intigriti News

From my notebook

This week I’ve been thinking a lot about developing a specialism for hacking, being the kind of hacker who can find a bug anywhere because they’re an expert in a specific class or type of vulnerability, so here are some resources around that theme from my bookmarks!

  1. Web Hacking with Caido – CAIDO is the new Burp replacement everyone is talking about

  2. jq Injection [Jason – Hacky Easter 2023] – Really cool injection bug, demonstrated on a CTF

  3. Bluetooth device hacking reading list – My number 1 suggestion if you’re feeling stuck with your hacking, get a specialism! Maybe bluetooth and IoT could be yours?

  4. Narrative over numbers: Andreessen Horowitz’s State of Crypto report – This is a great look at why crypto and web3 have slowed down a bit and if it’s all hype

  5. Google Fuzzing Forum – tutorials, examples, discussions, research proposals, and other resources related to fuzzing. – Another great specialism and a whole bunch of resources to learn it

You may also like