Hive Five 40 – Extreme Ownership

Hi friends,

Greetings from the hive!

I hope you had a wonderful weekend. I ordered some new hardware and am still looking for some more. In particular a keyboard and a monitor.

I also spend some time thinking about the next steps for the Hive community. I narrowed it down to a couple of options. Now, it's time to execute.

Let's take this week by swarm!

🐝 The Bee's Knees

1. Fabio Viggiani & Fredrik Alexandersson - Gone in 45 min, War stories from Incident Response.

2. Introduction to Bash Programming: Bash is one of the most flexible programming languages and it's especially useful for infosec and bug bounty automation.

3. Building a POC for CVE-2021-40438: If you’re blue team and want to know what an exploit for this looks like for filtering purposes they’ve added that information for you in the conclusions section. one-liner.

4. BT’s Metaversal Album Treasure Hunt Solution: The musical artist known as BT recently launched his 14th album as an interactive NFT experience on the Arweave blockchain called Metaversal. Part of this experience was a multiple day long puzzle treasure hunt.

5. SAML Padding Oracle: ArcGIS is a family of software providing geographic information system services. In this blogpost they show how they found and exploited an AES-CBC padding oracle in this flow. (Via PentesterLab)

🙏🏻 Enjoy This Newsletter?

• Get $100 to try DigitalOcean. The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

💌 Want to sponsor an issue?

🔥 Buzzworthy

✅ Changelog

1. Datasette 0.59 is out: adding column descriptions in metadata, a new register_command plugin hook, enhanced --cors support and a bunch of other fixes and documentation improvements.

2. Paul Seekamp's Internal Security Assessment - Field Guide update: Beginner/intermediate's guide has been updated.

3. Burp Suite 2021.9 released: allowing you to manually test hidden HTTP/2, improving scanning of SPAs, and providing a number of updates for Burp Intruder.

4. Rana Khalil updated The Web Security Academy Course: now includes 8 additional videos that cover the Server-Side Request Forgery (SSRF) vulnerability.

5. Sharpener 1.07 released: This extension should add a number of UI and functional features to Burp Suite to make working with it easier.

📅 Upcoming Events

1. Join Ben Sadeghipour for Introduction to Web Application Hacking & Bug Bounty on Nov. 8-10: Participants are given hands-on experience by learning each vulnerability category & completing a series of challenges.

2. Come join the world's first virtual vim conf: Vimmers from all around the world to connect and share their love and passion for all things vim! The current date is tentative! It will most likely change. We will update as it does.

🎉 Weekly Wins

1. Justin Kennedy recommending Agarri's Burp training: Sounds amazing!

2. Katie has an official staff page: Cool!

3. Ozgur Alp is the SRT grand champion: Incredible!

4. Tuan Anh Nguyen got dope swag: Looking good!

5. Shaun is 2nd All Time on Sony VDP: Congrats!

💰 Career Corner

1. Duane Dunston on Cybersecurity degree programs.

2. STÖK on what it would take for you to change employer?

3. Job - Canva is looking for a Vendor Risk Analyst for Security Governance / Risk & Compliance.

4. Job seeker - 4 year exp. security individual: They do web/mobile/network security and source code review.

5. Job - Google experienced red teamer East Coast.

📰 Articles

1. Bachelor's thesis on HTTP Request Smuggling: During the spring of 2021, Mattias Grenfeldt and Asta Olofsson wrote their bachelor's thesis in Computer Science at KTH Royal Institute of Technology in Sweden. They studied HTTP Request Smuggling.

2. How to PoC your Bug Leads: Picture this scenario: you’ve spent the entire day fruitlessly examining smart contract code. And now you’ve stumbled across a snippet of code that makes your Spidey-Senses tingle. You get excited.

3. Bug bounty hunter to working at Microsoft.

4. STEM Methodology: White Oak Security’s unique, custom-crafted Systematic Threat Evaluation Methodology (S.T.E.M.) was built by their founder and CEO, Christopher Emerson.

5. CrowdMatch: Auto-curated crowds for better, faster results.

📚 Resources

1. PimpMyBurp #6 Generate your reports directly in Burp Suite with RIO.

2. Jon Bottarini on Wordpress security.

3. Great resource for Ruby (on Rails) deserialization via deesee.

4. redact.photo: The fastest way to censor sensitive information. (Untested)

5. GitHub Security Lab: Resources related to GitHub Security Lab.

🎥 Video

1. CSRF - Lab #7 CSRF where Referer validation depends on header being present | Long Version.

2. How To Search For CSRF: Learn how to find cross-site request forgery (CSRF) vulnerabilities.

3. How to conduct a basic security code review | Security Simplified: Performing a source code review is one of the best ways to find security issues and vulnerabilities in an application.

4. Overflowing Function Pointers On The Heap: After they found some function pointers they could use for exploitation, they instructed sudo to find their heap locations.

🎵 Audio

1. Application Security Podcast: Security Engineer, @mazen160 joins them to introduce Infrastructure as Code and TerraForm. Interview With the AppSec Podcast: Terraform Security.

2. Jocko Willink - Extreme Ownership (audiobook): provides huge value for leaders at all levels. An inspiring and page-turning read, the leadership lessons are easy to digest and implement.

3. spaceraccoon recommends Nicole Perlroth's "This is how the world ends": I have added it to my to-read list. (book link)

Get $100 to try DigitalOcean - The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Subscribe to Premium to read the rest.