🐝 Hive Five 162 – Go Go Bug Bounty Gadgets

Hi friends,

Greetings from the hive!

I can't believe how much of a pain it still is to get a new phone in the year 2024. To be fair, I went into a store, so mileage may vary.

Once that's done, transferring your data and apps, including 2fa and whatnot, can be quite the challenge.

I thought I was prepared but then I ran into Google asking me to confirm access to G-Suite using my old phone or Google Authenticator, neither of which I still had access to.

But...we did it...

Let's take this week by swarm!

🐝 The Bee's Knees

1. In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss the concept of gadgets and how they can be used to escalate the impact of vulnerabilities. They talk through things like HTML injection, image injection, CRLF injection, web cache deception, and more. YOUTUBE

2. This video introduces Fabric—an open-source project for augmenting humans using AI. It provides a modular framework for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere. YOUTUBE

3. Top 10 web hacking techniques of 2023, the 17th edition of the annual community-powered effort to identify the most innovative must-read web security research published last year. PORTSWIGGER

4. A collection of full-stack resources for programmers. The goal of this page is to make you a more proficient developer. You'll find only resources that the curator found truly inspiring, or that have become timeless classics GITHUB

5. Go Go XSS Gadgets: Chaining a DOM Clobbering Exploit in the Wild. The takeaway is to keep track of origins, headers, CSP rules, and JavaScript files in your Burp state when you’re bug bounty hunting. BUER

🍯 From the Hive

🔥 Buzzworthy

✅ Changelog

1. xnl-h4ck3r urless v1.3 release added a new arg -fnp/--fragment-not-param to not treat URL fragments # in the same way as parameters. GITHUB

2. DOMPurify 3.0.9 release is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. GITHUB

3. YesWeHack unveils workflow-friendly revamp of user interface. YESWEHACK

📅 News

1. iOS ARM64 Reversing and Exploitation course by InverseCos and Billy. It has 84 videos, 18 labs, and over 40 hours of content. XINTRA

2. Get ready for the first BSides in Exeter UK. It'll take place in July. TWITTER

3. Monke launched MonkeHacks — a short curation of bug bounty progress, notes, resources, and ideas. TWITTER

4. Canada wants to ban the Flipper Zero. Save Flipper says that Insecure vehicles should be banned, not security tools like the Flipper Zero. SAVEFLIPPER

5. ZAP Professional Services? ZAP is looking for ways to increase the number of people able to work on ZAP full time. ZAPROXY

🎉 Celebrate

1. After 7 months of working on a vulnerability, Bull received a 110k bounty. Persistence pays off! TWITTER

2. Rhynorater and Teknogeek are hosting NahamCon. Let's go! YOUTUBE

3. Tae'lur was in the hospital and her surgery was successful. Feel better! TWITTER

💰 Career

1. Step into the world of a cable technician who became an overseas government contractor making over 170k/yr who returned to the States to multiple GovTech opportunities with Victor Wynn. YOUTUBE

2. Chime is hiring a Senior Security Engineer (REMOTE -US). CHIME

⚡️ Community

1. Sasi running into some issues with the HackerOne platform. TWITTER

2. Ayoub on staying humble and being grateful after meeting a homeless family. TWITTER

3. The Twitterverse shares the major changes that have happened in computer security since 2017. TWITTER

4. Tib3rius left TCM Security due to personal reasons. Hope all is well! TWITTER

5. Jayesh shares his experience with Netlas[.]io to retrieve asset IPs, subdomains, and associated domains. TWITTER

📰 Read

1. Slides of Halver Flake's RingZer0 keynote: Re-visiting 2017: AI and Security. 7 years later - what changed, what endured? GOOGLE

2. Nom for Security: A Proactive Security Review of Nomulus. Google's Information Security Engineering (ISE) team proactively reviews products outside of product design/launch lifecycles. GOOGLE

3. A Chromium bug bounty reports: Attacker Can Execute Arbitrary JavaScript Code in the Highly Privileged "devtools://devtools" Origin. CHROMIUM

4. CSP bypass on PortSwigger.net using Google script resources. JOAXCAR

5. Frycos code audited the software product Tableau Server which turned out to be prone to several vulnerabilities in its latest version. All attacks were conducted on a test trial environment against the Tableau Cloud in January 2024. GITHUB

💡 TIL

1. The browser auto-converts any <image tags to <img tags. TWITTER

2. 12 different pricing psychology tips — I had no idea about the majority of these! TWITTER

3. Wikipedians can get SO sick of people making the same edits over and over that they'll add invisible comments that pop up when you try to make a change. Depths of Wikipedia shares several. TWITTER

4. You can play old games on the Internet Archive. TWITTER

5. There's a command to create temp directories called mktemp. So, you can do cd $(mktemp -d). TWITTER

🍯 Follow

Awesome accounts to follow. Randomly selected from my curated Twitter lists.

1. @ShaanVP | Shaan Puri | Inventor of the 2 hour lunchbreak. started 6 companies, 3 failed, 2 sold, 1 still going.

2. @damian_89_ | Damian Strobel | laravel golang pentesting itsecurity easm bugbountyhunting php webdev websec itsec

3. @cinzinga_ | cinzinga | Security Consultant | Bug Hunter | OSEP, OSCP + some others.

4. @IanColdwater | Ian Coldwater | Kubernetes SIG Security co-chair, container escape artist, goose in the mainframe. They/them. Stay punk.

5. @saamux | Samuel | I’m learning.

🚀 Productivity

1. Raycast plugin Dash Off is the fastest way to dash off a quick email to yourself and others. Inspired by Andrew Wilkinson's tweet. RAYCAST

2. notesGPT generates action items from your notes in seconds. Powered by Convex, Together.ai, and Whisper. GITHUB

3. How Ali Abdaal manages his time using the 5 Skills of Time Management. YOUTUBE

4. A first look at Zed, a fast new code editor written in Rust with AI built in. Learn the pros and cons of this promising new developer tool and compare Zed to VS Code. YOUTUBE

5. How Danny researches in Obsidian. YOUTUBE

Get $200 to try DigitalOcean. Level up your bug bounty game with the ultimate VPS solution. It's my go-to for all recon, automation, and even VPN needs. Get access to a comprehensive range of cloud resources, all at an affordable price.

🌐 Technology

1. JavaScript Bloat in 2024: "Call me old-fashioned, but I firmly believe content should outweigh code size." TONSKY

2. 4 web devs had 4 hours to build a real-time, multiplayer web app that is NOT a chat or drawing app using PartyKit as part of the build. YOUTUBE

3. How to run a local AI chatbot on Windows in 5 min, no cuts, no edits, with Ollama, LMStudio, OpenAI. YOUTUBE

4. Let's build the GPT Tokenizer. The Tokenizer is a necessary and pervasive component of Large Language Models (LLMs), where it translates between strings and tokens (text chunks). YOUTUBE

5. Andrej Karpathy wrote a love letter to Obsidian: "Obsidian is around the state of the art of a philosophy of software and what it could be." TWITTER

🧠 Wisdom

1. Bell Labs colleagues Ken Thompson and Dennis Ritchie developed UNIX, a multi-tasking, multi-user operating system alternative to the batch processing systems then dominating the computer industry. YOUTUBE

2. Cts on the difference between G-suite and a custom stack. TWITTER

3. David says: "To find your voice as a writer... imitate, then innovate." TWITTER

4. David on sharing your work: "If you do quality work, you have a duty to promote it". TWITTER

5. Kelsey says that knowing what he knows now, he would start learning in public as soon as possible. TWITTER

💛 Cross-pollination

1. Redditors share movies they consider 100% perfect. Movies they would watch over and over again for many reasons: actors, scripts, lore, myths, and truths. REDDIT

2. Twitterverse shares their best books with fewer than 100 pages. TWITTER

3. 5. Nathan shares an interesting approach to losing weight while building muscle. He eats the same thing every day in the morning and afternoon, and then he's in such a good spot that it doesn’t matter much what he eats for dinner. TWITTER

4. Dancing has the largest effect of any treatment for depression. TWITTER

5. Des made a thread of exceptional writers, such as Paul Graham, Jason Fried, and others. He says: "the thing all of them have is the ability to consistently build on their previous ideas, connecting them all together, delivering the "meaningful learning" that educators often talk about." TWITTER

🐝 Quote

Subscribe to Premium to read the rest.