🐝 Hive Five 168 - They Want Your Data? EFF That.

Hi friends,

Greetings from the hive!

Some personal news, I’m going to touch grass. Starting next week, I'm taking two weeks off. In these last three years, I believe I've only missed one week of creating the newsletter.

Also, to no surprise, I can't recall the last time I took a vacation. So, it's finally time to rest and recharge a bit.

Let's take this week by swarm!

🐝 The Bee's Knees

1. HTTP Toolkit is a beautiful & open-source tool for debugging, testing and building with HTTP(S) on Windows, Linux & Mac. MORE

2. Reverse engineering Bandcamp authentication protocol: Did you know that the albums you purchase on Bandcamp can disappear from your collection without notice? MORE

3. Learning in public with Personal Knowledge Management. Make what you learn observable and exposing your process, rather than your result, early and often. MORE

4. 60 Hacking Commands You Need to Know: Discover essential hacking commands and techniques. MORE

5. Jack Rhysider emphasizes that privacy is worth rebelling over, underscoring the importance of maintaining digital rights and freedoms. MORE

🍯 My work

🔥 Buzzworthy

➡️ Continue reading online to avoid email cutoff

✅ Changelog

1. Nuclei Templates v9.8.0 introduces the new JS protocol. This makes it simpler to incorporate network checks through the newly introduced JS modules. MORE

2. Arjun 2.2.5 release: Skip scanning of non-webpage urls and various bug fixes. MORE

3. xnlinkfinder v6.0 release with various fixes and improvements. MORE

📅 News

1. Kagi announced the launch of Kagi Small Web, promoting the non-commercial part of the web, crafted by individuals to express themselves or share knowledge without seeking any financial gain. MORE

2. Google introduces Jpegli: A New JPEG Coding Library. It offers enhanced capabilities and a 35% compression ratio improvement at high quality compression settings. MORE

3. The Youth Challenge program at DEF CON is designed to provide a memorable learning and networking experience for young attendees. MORE

4. Swyx suggests that the AI music platform Suno is just the beginning of this year's advancements in the field, hinting at more exciting developments to come. MORE

5. Monke introduces Burp2Caido, a tool to migrate Burpsuite HTTP history to Caido, providing a useful resource for security professionals. MORE

🎉 Celebrate

1. g0lden's first affiliate stream on Twitch. Congrats! MORE

2. Shubs shares his impressive 8-year journey navigating Uber's bug bounty program, a testament to his dedication and skill! MORE

3. Congratulations to all the winners of the YesWeHack Hack Me I'm Famous 2 event. MORE

4. HackerOne has released the 2024 Brand Ambassadors. Exciting! MORE

💰 Career

1. Vermeer is hiring a Cybersecurity Risk and Compliance Manager. MORE

2. What to do when you've been reorg'd. Jacob shares their experience being through close to a dozen reorgs. MORE

3. An open position for a Cybersecurity Specialist at the Department of Homeland Security. MORE

4. A product marketing manager in Spain created an outstanding video to stand out in the job market, breaking LinkedIn in the process. MORE

5. Learn effective strategies for negotiating your salary, including insights from Chloe's personal experience. MORE

➡️ Continue reading online to avoid email cutoff

⚡️ Community

1. Monke had some amazing days in Tokyo and shares their love for the city. MORE

2. Paul has found a way to use Nuclei to audit Chrome Extensions, demonstrating the tool's versatility and potential applications. MORE

3. Paul on the potential of the ffufw tool, praising its capabilities and suggesting the community could enhance its functionality. MORE

4. Blaklis enjoyed the latest YesWeHack Live Hacking Event, indicating the value of such community-driven initiatives. MORE

5. Damian has found his new tech stack for the year, consistent of Laravel, SingleStore, and MS Garnet. MORE

📰 Read

1. The journey of how Compass Security attended Pwn2Own Toronto 2023 and what they've learned. MORE

2. Bypassing DOMPurify with good old XML. MORE

3. Joseph believes AI Agents will outhack humans, as there's a finite number of known attack vectors to use when hacking something. MORE

4. Ryan shares three behaviors that help engineers reach the Staff level: an ownership mindset, focusing on impact, and ensuring project success. MORE

💡 Tips

1. TIL that GitHub Support can unfork a repo for you. MORE

2. A thread offers beginner questions and veteran advice for those interested in getting into cybersecurity, providing a valuable resource for aspiring professionals. MORE

3. Mason emphasizes that N/A's, dupes, VDP findings, or lower payouts can still be considered progress in the bug bounty journey. MORE

4. A thought-provoking tweet by Jordan emphasizes the importance of acting on acquired knowledge to avoid being complicit in one's own demise. MORE

➡️ Continue reading online to avoid email cutoff

💛 Follow

Awesome accounts to follow. Randomly selected from my curated Twitter lists.

1. @garethheyes | JavaScript for hackers: Learn to think like a hacker.

2. @leeren | Leeren | CTO / Product dopamine | Ex @google.

3. @brxxnh1 | brxxn (security) | views and opinions are those of a wild ostrich on the loose.

4. @ryancdotorg | Ryan Castellucci | Hacker of binaries. Technically sophisticated antics. Conference speaker.

5. @yongfook | Jon Yongfook | SaaS entrepreneur | Image Automation | Browser Automation.

🚀 Productivity

1. Discover how to use ChatGPT to quickly structure and outline a powerful presentation. MORE

2. GmailShortcutBlocker is a Chrome Extension by swyx that blocks clicks on Gmail elements that have keyboard shortcuts and shows the shortcut in a tooltip. MORE

3. Process Over Goals is a workshop geared towards professionals to develop workflows to accomplish more in less time, and build strategies to push through when motivation is low. MORE

4. People share simple yet delightful workflow tips, highlighting the value of small, practical innovations. MORE

5. An infographic showcasing 15 methods to improve time management. MORE

Get $200 to try DigitalOcean. Level up your bug bounty game with the ultimate VPS solution. It's my go-to for all recon, automation, and even VPN needs. Get access to a comprehensive range of cloud resources, all at an affordable price.

🌐 Technology

1. (Almost) Every infrastructure decision Jack endorses or regrets after 4 years running infrastructure at a startup. MORE

2. Google Is Killing Retro Dodo and Other Independent Sites by changes to their algorithm, ads, presenting (stolen) content, and more. MORE

3. WhatTheDuck is an open-source web application built on DuckDB, designed to allow users to upload CSV files, store them in tables, and perform SQL queries on the uploaded data. MORE

4. Why Mat Doesn't Like Git More. MORE

5. HackerNews answers what the current gold standard of running an LLM locally is. The top comment recommends going to the /r/LocalLLaMA subreddit, as they usually have a "best current local model" thread pinned. MORE

🧠 Wisdom

1. Anne-Laure offers great advice on turning learning into something new for deeper understanding and better memory, a valuable tip for personal growth. MORE

2. One Important Lesson From A Zen Master: How your inner world creates your outer world. MORE

3. Is it still worth it to learn to code? TJ explores the value and viability of learning to code in the current landscape. MORE

4. Mark Manson emphasizes the importance of action over just intellectual understanding, as the latter can create a false sense of progress without actual change. MORE

5. Surveillance you didn't know about: The truth about Bank Privacy. Naomi walks you through how we built a financial surveillance system that no one really understands the extent of. MORE

💛 Cross-pollination

1. In honor of 404 Day, people shared their favorite 404 error pages. MORE

2. Domino's 🍕 as a GitHub Action. MORE

3. Why Tynan Quit Chipotle and What He Eats Instead — Although this may come over as petty, I understand. MORE

4. How Nick learned to stop hating and love museums. MORE

5. Dive into the fascinating network of Wikipedia, uncovering the most interesting, bizarre, and unique articles on the platform. MORE

💭 Quote

Get $200 to try DigitalOcean. Level up your bug bounty game with the ultimate VPS solution. It's my go-to for all recon, automation, and even VPN needs. Get access to a comprehensive range of cloud resources, all at an affordable price.

🔥 Now, let’s get into the good stuff. I cover the latest tools, in-depth resources, and the best things I've watched and listened to this week.

Subscribe to Premium to read the rest.