🐝 Hive Five #12 “In three words I can sum up everything I've learned about life: it goes on.” ― Robert Frost

Hi friends,

Greetings from the hive!

I hope you had an awesome week. Mine was pretty sweet, had some good food, and there were several sunny days. I even figured out that light-mode works wonders when working outside in bright weather.

My website received some major improvements (changelog). Most notably, I added a become a supporter section, currently just a buy me a coffee link, and a custom 404 page, with a random bee fact!

Let's take this week by swarm!

Brought to you by

DigitalOcean - Get $100 to try it out: I use their VPS for all of my recon needs. Other things you can do: build apps, host websites, run open source software, learn cloud computing, and more – every cloud resource you need at an affordable price.

🐝 The Bee's Knees

1. Recovering a full PEM Private Key when half of it is redacted: A write-up covering how given a partially redacted PEM, the whole private key can be recovered. The Twitter user, SAXX, shared a partially redacted private RSA key in a tweet about a penetration test where they had recovered a private key.

2. TomNomNom talk about Networking Fundamentals: Let's learn a bit about networking. Slides

3. Hidden OAuth attack vectors: The OAuth2 authorization protocol has been under fire for the past ten years. You've probably already heard about plenty of "return_uri" tricks, token leakages, CSRF-style attacks on clients, and more.

4. Chapter 1 Security Fundamentals - Alice and Bob Learn Application Security: Tanya and guests answer and discuss questions about chapters of her book.

🔥 Buzzworthy

📅 Events

1. Announcing Uber’s Bug Bounty April Promo Event

2. !!Con - Call for Talk Proposals!: !!Con is back for their eighth year of celebrating the joy, excitement, and surprise of computing, and want you to submit a talk proposal.

3. March XSS Challenge - Intigriti: Find a way to execute arbitrary javascript on this page and win Intigriti swag.

🎉 Celebrate

1. Nicolas Grégoire: Company is 10 years old. Congrats!

2. Nathan Cavitt: Has his Bug Bounty Bday. What an amazing year!

3. Prash: Had his last day at @Hacker0x01. Excited for what's next!

4. d0nut 🦀: Is feeling better and tackled a bug in resync, allowing it to run 4x faster. Yeet!

✅ Changelog

1. Burp Suite HTTP logger: Sneak preview of the native HTTP logger that is coming soon to Burp Suite.

2. BBRF v1.1.1 by Pieter: Has been released with a number of cool improvements.

3. OSINT VM: The 2021.1 release of the TraceLabs OSINT VM is out, this is a major release which includes a new menu, default browser change (#Chromium) and a new updater process.

4. Telegram Voice Chats 2.0: Channels, Millions of Listeners, Recorded Chats, Admin Tools: Voice Chats first appeared in December, adding a new dimension of live talk to Telegram groups - now, they are available in channels too.

💰 Jobs

• Huge InfoSec job thread by HΔKLUKΞ: For both job posters and job seekers.

📰 Articles

1. APT Encounters of the Third Kind: A few weeks ago an ordinary security assessment turned into an incident response whirlwind.

2. One day short of a full chain: Part 3 - Chrome renderer RCE: This is the last post of a series in which I exploit three bugs that can be used to form an exploit chain from visiting a malicious website in the beta version of Chrome 86 to gain arbitrary code execution in the Android kernel.,

3. Thoughts on Threat Modeling: Personal views on threat modeling, how I approach threat modeling and what has worked for me (both as a Platform Security Engineer and vulnerability researcher).

📚 Resources

1. Simpsonpt/AppSecEzine: Only just found out about AppSec Ezine and it has been releasing for 7 years!

2. New to bounties? by bugcrowd: They created a page containing links to everything you need to know including free educational resources, researcher docs, how to find bugs, beginner resources, how to get private invites, and more.

3. noraj/OSCP-Exam-Report-Template-Markdown: Now you can be efficient and faster during your exam report redaction.

4. Abusing Data Protection Laws For D0xing & Account Takeovers: A paper on Abusing Data Protection Laws For D0xing & Account Takeovers, leading to over 5 figures in bounties.

5. GraphQL hacking thread by Rami: Awesome collection of GraphQL resources.

🎥 Videos

1. AMA - Bug Bounty with Alex Chapman (Public): Alex Chapman talks about his approach to bug hunting, why he hunts on our platform and about his favorite scene from the movie Hackers.

2. $Echo - Nahamcon 2021 CTF Walkthrough: Optional's method for working through the $Echo challenge for Nahamcon 2021.

3. Function hooking, detours, inline asm & code caves [Game Hacking 101]: What happens if we want to do something which takes up more space than we actually have available to us?

4. The HackerCON: Hacking is NOT a Crime and Red Team Village "The HackerCON" streamed on Saturday, March 27, 2021.

5. SQL Injection - Lab #4 SQL injection UNION attack, finding a column containing text: Rana covering Lab #4 in the SQL injection track of the Web Security Academy.

Get $100 to try DigitalOcean - The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Subscribe to the Hive Five to read the rest.