🐝 Hive Five #14 "Don't think or judge, just listen." ― Sarah Dessen

Hi friends,

Greetings from the hive!

I hope you had a wonderful week. As per usual, I have several things in the pipeline. I'm designing for someone I admire. Added donate/support links to all of your favorite people and organizations mentioned in my 🐝 lists.

I'm also in the process of moving to a different newsletter platform. You can already preview the new design. What do you think?

On the resync front, here is d0nut taking down Apple's /8 down in 44 seconds.

Let's take this week by swarm!

🐝 The Bee's Knees

1. Contextual Content Discovery: You've forgotten about the API endpoints: Presented at BSides Canberra 2021, slides available: PDF & Keynote (with videos). For the longest of times, content discovery has been focused on finding files and folders. While this approach is effective for legacy web servers that host static files or respond with 3xx’s upon a partial path, it is no longer effective for modern web applications, specifically APIs. Enter Kiterunner.

2. Breaking GitHub Private Pages for $35k: This was actually the first report that paid out for me on HackerOne. At $35,000, it’s also the highest bounty I’ve received so far from HackerOne (and I believe the highest GitHub has paid out to date). A lot of bugs seem to be a mix of both luck and intuition.,

3. Embrace the Grind: There’s this card trick Jacob saw that he still think about all the time. It’s a simple presentation (which he's further simplified here for clarity): a volunteer chooses a card and seals the card in an envelope. Then the magician invites the volunteer to choose some tea.

4. Mentoring the Upcoming Generation of Bug Bounty Hunters with Hakluke: find out more about his story, how he got into cybersecurity, the importance of fostering keen minds in the industry, the right hacker mindset, interesting tidbits from his work with Bugcrowd, and much more.

5. I Built a TV That Plays All of Your Private YouTube Videos: Due to the lack of CSRF protection, a malicious website can play any video/playlist on a YouTube TV via the lounge API in the name of the victim.

🔥 Buzzworthy

✅ Changelog

1. Release v1.0.5 · projectdiscovery/httpx

2. bbrf client v1.1.7: allows you to run advanced jq queries on your data, like list urls that you haven't scanned yet.

📅 Events

1. Kevin Thomas - Live RE demo: Monday 04/12 6:30pm EST the DC 540 Raspberry Pi Pico Hacking Reverse Engineering Demo 1 will be LIVE on VIDEO where we RE a simple app starting with Dynamic Reverse Engineering in GDB and Static RE in R2 @radareorg.

2. Are you an independent journalist looking for advanced digital security guidance? Apply here for a free eight week course.

3. security@ 2021 call for speakers is open: HackerOne’s global Security@ conference is back for its fifth year on September 20, 2021. The CFP for the virtual 2021 Security@ closes May 15, 2021 at 11:59 PM PT.

🎉 Celebrate

1. bend theory: just disclosed their first real report on Hackerone!

2. Zero Day Initiative: And the Master of Pwn is..... A tie! Congrats to all.

3. Mustafa Can İPEKÇİ: passed 100k$ earning as of this week on @SynackRedTeam since I start hunting at the end of July. Amazing!

4. TomNomNom: hit 10k rep on HackerOne. Love it!

5. Mustafa Can İPEKÇİ: passed 100k$ earning as of this week on @SynackRedTeam since I start hunting at the end of July. Amazing!

6. TomNomNom: hit 10k rep on HackerOne. Love it!

7. Akash Hamal: finally bought m1 macbook air, special thanks to HackerOne for their platform. Congrats!

💰 Jobs

1. SpiderSec is hiring

2. Paris Xavier Pinkney - Accelerate program applications: Are you a recent grad or junior developer interested in learning the ins and outs of engineering at @apple?

3. Atlassian is hiring: for multiple security engineers at different levels to help secure the Atlassian Ecosystem.

4. Remote Senior Front End Engineer at Rumble: Rumble brings together the best of IT, security and networking technology to deliver amazing network discovery and asset inventory capabilities for modern enterprises.

📰 Articles

1. Commenting vs. making: The biggest change in my professional maturity came when they became actually responsible for things.

2. How to Succeed in Bug Bounties as a Pentester: TL;DR: As a pentester, when Luke first started bug bounties, it was hard.

3. Vulnerability NFTs and the $ziot Eco System: Now that the $ziot project has launched and the vulnerability app has been created, they move forward with minting the first set of vulnerability NFTs.

4. An Apology to COBOL: Maybe Old Technology Isn’t the Real Problem: In April 2020, New Jersey’s governor, Phil Murphy, stepped up to a microphone and told journalists that he was amazed the state still ran its unemployment system on COBOL — a 60-year-old programming language.

5. Screw it, I’ll host it myself: It’s all fun and games until someone loses an eye - likewise, it’s all fun and games until someone loses access to their private and/or business data because they trusted it to someone else.

📚 Resources

1. What is your favorite conference talk that can be watched online and why? by dade

2. Vulnerability disclosures of the Android Partner Vulnerability Initiative (APVI)

3. From Recon to Optimizing RCE Results — Simple Story with One of the Biggest ICT Company in the…: An older write-up that I've previously overlooked. It's about how YoKo Kho finally got into an internal network by using various vulnerabilities.

4. Stored XSS on the DuckDuckGo search results page: This XSS was accidental, for whatever reason, they were messing about with the search bar.

5. Ultimate List of Nmap NSE Scripts (Interactive Spreadsheet): If you are looking to explore the world of NSE (Nmap Scripting Language) scripts, this page will hopefully help you find what you are looking for, quickly and effectively.

🎥 Videos

1. Harsh Bothra: Learning Thursdays by @RedTeamVillage_ on Exploiting Misconfigured JIRA Instances for $ - slides

2. $31,337 Google Cloud blind SSRF + HANDS-ON labs: Access hands-on labs where you can write your own script to exploit this bug.

3. SQL Injection - Lab #6 SQL injection UNION attack, retrieving multiple values in a single column: In this video, they cover Lab #6 in the SQL injection track of the Web Security Academy.

4. Putting your mind to it: bug bounties for 12 months - ZSeano's NahamCon Talk: zseano will give a basic run-down and tips on how to succeed in bug bounties in just 12 months.

5. Finding vulnerabilities with automation (the SAST way): See how you can build on automation to find vulnerabilities before they are reaching production code using a SAST.

6. $60,000 STOLEN in Bitcoin/Ethereum - JScript Malware Analysis

🎵 Audio

1. The Tim Ferriss Show #506: Balaji Srinivasan on The Future of Bitcoin and Ethereum, How to Become Noncancelable, the Path to Personal Freedom and Wealth in a New World.

2. Indie Hackers #199: The Future of Teaching with Darrell Silver of Thinkful and Quincy Larson of freeCodeCamp.

Get $100 to try DigitalOcean - The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Subscribe to Premium to read the rest.