🐝 Hive Five 112 - NahamSec quit recon, Top Web3 developer mistakes, and a Docker clinic

Hi friends,

Greetings from the hive!

I hope all is well. Sadly, I’ve been sickly all week and bedridden for part of the weekend. I’m not sure what it is, but hopefully, it will pass soon.

Let’s take this week by swarm!

🐝 The Bee’s Knees

1. NahamSec quit recon… and made $10,000 in bounties. He challenged himself to use no automation and reconnaissance. more

2. Subdomain Takeover: How a Misconfigured DNS Record Could Lead to a Huge Supply Chain Attack. This blog post discusses the discovery of a vulnerability which allowed malicious actors to claim assets.npmjs.com subdomain, and would likely have constructed a supply chain attack with. more

3. Top 6 Web3 developer mistakes (and how to prevent them). more

4. CorePlague: Severe Vulnerabilities in Jenkins Server Lead to RCE. Aqua Nautilus researchers have discovered a chain of vulnerabilities, dubbed CorePlague, in the widely used Jenkins Server and Update Center (CVE-2023-27898, CVE-2023-27905). more

5. Faster than Rust and C++: the PERFECT hash table. more

️💪 Sponsor

Sponsor the Hive Five and reach a highly engaged community of engineers, security researchers, and ethical hackers who are at the forefront of the industry.

🔥 Buzzworthy

✅ Changelog

1. Interactsh v1.1.0 - An OOB interaction gathering server and client library. more | release

2. Go 1.20.2 and 1.19.7 are released. Security: Includes a security fix for crypto/elliptic (CVE-2023-24532). more

3. SecLists 2031.1 release, Seclists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place. more

📅 Events

1. nikhil(niks) will be speaking at GISEC Global (14 - 16 March) on the dark stage. more

2. Katie will be keynoting APISecure (March 14 & 15) with “Your Technical Debt is My Bug Bounty - Some fun hacker stories and the future of API hacking”. more | register

3. Jason Haddix and BuddoBot will be at HackSpaceCon at the Kennedy Space Center in Florida (April 13th to 15th). more

4. Red Team Training by Charles “Mr.Un1k0d3r” Hamilton again at HackSpaceCon. The training is divided in five sections: Initial foothold, Gaining access, Offensive Coding, internal reconnaissance and lateral movement. more

🎉 Celebrate

1. Congrats to the winners of Yogosha’s Live Hacking Event at rooted con! more

2. Alethe spent a morning giving 20min crash courses in Cybersecurity career paths to Elementary school students. Lovely! more

3. Ben Sadeghipour and Jason Haddix are excited to host Bug Bounty Village for the at BSidesSF this year. Let’s go! more

💰 Career

1. Clint Gibler shares resources to break into the field or take your career to the next level. more

2. BusesCanFly is open to internships and other opportunities. They’re passionate about hardware hacking and general offensive security research, and would love to put that to use and cause problems for good. more

3. Careers in OSINT is a free, public series of video interviews that aims to highlight many of the careers where you can use your OSINT skills. more

⚡️ Community

1. Ambassador Spotlight: samux, who is creating a place for new hackers to find community in Chile. more

2. Ben has really been enjoying designing his own graphics like thumbnails, social cards, and whatnot. more

3. Osirys is moving to Paddington in Brisbane and is looking to meet up with hackers. more

4. Katie Paxton-Fear hinted to a big announcement. Spoilers: New videos, livestreams showing you actual skills you need for hacking, and more. more

5. Researcher Spotlight: bl3ep. International Women’s Day is not only a day for acknowledging and honoring women, but also a day to support increased equality. more

📰 Read

1. Two patched RCE vulnerabilities found in the PostScript interpreter on Lexmark printers, found by NCC Group Research & Technology. more | CVE-2023-26063 | CVE-2023-26066

2. The GitHub Security Lab audited DataHub, an open source metadata platform, and discovered several vulnerabilities in the platform’s authentication and authorization modules. These vulnerabilities could have enabled an attacker to bypass authentication and gain access to sensitive data stored on the platform. more

3. Unauthorized access to Codespace secrets in GitHub. This indicates that by default, some additional access controls are implemented in this type of fork because they are sensitive. more

4. ChatGPT’s API is So Good and Cheap, It Makes Most Text Generating AI Obsolete. more

5. DFWORKS knows what pizza you ordered! Glympse is a journey sharing and location tracking application that helps either individual users or enterprise partners with deliveries and other trips. more

📚 Resources

1. Godfather Orwa’s huge collection of subdomains of bounty programs. more

2. Book recommendations for those wanting to break into cybersecurity/hacking to learn the basics. more

3. cipher387/juicyinfo-nuclei-templates contains templates for extracting useful info from web pages. more

4. Jason Haddix on stealth and supercharging your offensive security testing using Axiom by pry0cc & 0xtavian. more

5. harsh-bothra/SecurityStories: 52 Weeks, 52 Stories. An initiative to share stories of cyber security professionals who are spread across the globe to tell the world about how they started, what were the blockers in their journey, where they were vs where they are now. more

🎥 Watch

1. BBRD podcast - bounty automation and scaling 0days with Michael Ness. more

2. Build, Break, and Hack WebSockets. more

3. Broken Access Control - Lab #7 User ID controlled by request parameter. This lab has a horizontal privilege escalation vulnerability on the user account page. more

4. Docker Clinic, Pt. 2 continuing the review of everything you need to get started with containers. more

5. Attacking Language Server JSON RPC. While auditing a VSCode Extension + Language Server LiveOverflow noticed something interesting. more

🎵 Listen

1. Binary Exploitation Podcast 194 - Hacking the DSi and some Fuzzing Tips. more

2. Bug Bounty Podcast 193 - ImageMagick, Cracking SmartLocks, and Broken OAuth. This episode covers a lot of ground, from an insecure OAuth flow (Booking.com) to a crazy JSON injection and fail-open login system (DataHub) to hacking Bluetooth smart locks (Megafeis-palm). more

3. What the Shell? 029 - Bug Bounty Hunting and Streaming with NahamSec. more

4. Critical Thinking - Bug Bounty Podcast S01 E10: The Life of a Full-Time Bug Bounty Hunter + BB News + Reports from Mentees. more

Get $100 to try DigitalOcean. The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Subscribe to Premium to read the rest.