🐝 Hive Five 53 – Can't Hurt Me

Hi friends,

Greetings from the hive!

I hope you are doing well. For those that have a long weekend, enjoy!

On Wednesday, I finally decided to get the book Can't Hurt Me: Master Your Mind and Defy the Odds by David Goggins, and boy did it not disappoint. It arrived on Friday, and I'm already almost finished.

A must-read for anyone. What are you reading?

Let's take this week by swarm!

🐝 The Bee's Knees

1. SSRF - Lab #7 Blind SSRF with Shellshock exploitation: This video covers Lab #7 in the SSRF module of the Web Security Academy. The site uses analytics software which fetches the URL specified in the Referer header when a product page is loaded.

2. Open-Source Intelligence in 5 Hours: 5 hours of free Open-Source Intelligence (OSINT) Training.

3. Dissecting NTLM EPA with love & building a MitM proxy: Have you ever come across a website using NTLM as the authentication mechanism but could not authenticate with your browser or Burp even though you had valid credentials?

4. RCE in Adobe Acrobat Reader for Android (CVE-2021-40724): While testing Adobe Acrobat reader app , the app has a feature which allows user to open pdfs directly from http/https url.

5. 120 Days of High Frequency Hunting: kuldeep and caffeinevulns took inspiration from @infosec_au’s blog about high-frequency bug hunting and how he found 120 bugs in 120 days. After going through the blog, they decided to try to find 120 bugs in 120 days.

🙏🏻 Support the Hive

• Get $100 to try DigitalOcean. The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Become a sponsor

🔥 Buzzworthy

✅ Changelog

1. PentesterLab h2 RCE challenge: On how to gain code execution when the h2-console is exposed.

2. Burp Suite 2021.12.1 release: with multi-host Intruder attacks, customizable Inspector panel, and a dedicated version for Mac M1 machines.

3. BBRF v1.3.0: A new command bbrf remove, and more.

4. Burp Suite roadmap for 2022: Take a look at the powerful new Burp Suite features they'll be working on in 2022 - as well as updating you on what they added during 2021.

📅 Current Events

1. Women's Cyberjutsu - Calling all first-time and experienced speakers: They're looking for some amazing submissions for topics on technical hands-on sessions, career and core skill subjects, and advanced cybersecurity presentations for the CyberjutsuCon2022. Coming in June.

2. Cybersecurity conferences 2022 - A rundown of online, in person, and ‘hybrid’ events: With many events choosing to retain virtual elements forced on them by the pandemic, there’s still an abundance of online content to choose from Last year saw a partial return to normality for infosec conferences amid the global rollout of Covid-19 vaccines as many events returned to an in-person.

3. Pwn2Own Vancouver Returns for the 15th Anniversary of the Contest: Starting in 2007, Pwn2Own has grown from a small, browser-focused event to become one of the most well-known security contests in the industry.

4. The January 2022 Security Update Review.

🎉 Celebrate

1. Florian shared their 2021 bug bounty stats: Awesome!

2. Julien found his first RCE of 2022: Let's go!

3. d0nut had a blast collaborating with iustinBB: Love to see it!

4. Mustafa received his hackerthrone: Well deserved!

5. STÖK celebrated his year at Truesec: Amazing!

💰 Career Corner

1. Bugcrowd is looking for a mid-level/senior blue teamer: It's an opportunity to work with great minds like @codingo_ , @caseyjohnellis , @dooktwit , @h4sh5, @vortexau, @drunkrhin0, @evildaemond , and many many more! US timezone, full remote. Bugcrowd is also hiring a Technical Pentest Manager.

2. Netflix security team is hiring.

3. Awesome Cybersecurity internships: A list of cybersecurity internships, designed to help students identify teams and opportunities.

📰 Articles

1. Recon Weekly #2 - GitHub Code Search Preview (for Hackers): You might be wondering, why does GitHub need a new way to search the world's code anyway?

2. Some ways DNS can break.

3. Why erbbysam broke your subdomain recon pipeline last night: https://tls.bufferover.run/ is moving to a freemium model as he's identified numerous businesses profiting off of his non-commercial free service.

4. From Pool Cleaner to Penetration Tester: It all began in the summer of 2017, when he was 29 years old: he’d had yet another disastrous day of cleaning pools, and his wife was tired of hearing about it.

5. Lessons learned from Steve's 10 year open source project: For the past ten years, he's been building an Open Source Intelligence (OSINT) tool called SpiderFoot, which is used to automate the collection and analysis of OSINT for attack surface management and threat intelligence.

📚 Resources

1. Hacktoria – Story Based OSINT Capture The Flag Challenges: The topics included are meant to help anyone advance their OSINT skillset and are beginner friendly.

2. Twitter thread on social engineering: "I wonder if leaders in the SE industry like @AletheDenis and @RachelTobac are aided in some way by their being women?"

3. A thread all about common Vulnerabilities in E-Commerce Website.

4. Free labs to learn cloud pentesting.

5. Collection of open source Malware Techniques distributed online.

🎥 Videos

1. IppSec solving HackTheBox - Developer.

2. 2022 Cybersecurity roadmap - How to get started: John Hammond shows us the way.

3. SecuriTEA & Crumpets - Episode 6 - Gareth Heyes - Hackvertor: SecuriTEA & Crumpets is a series where security professionals come together to talk about their background, research, and interesting topics.

4. Buffer Overflows Made Easy (2022 Edition).

5. Creating The First Sudoedit Exploit: In this video we were able to control the loading of a malicious library.

🎵 Audio

1. The Privacy, Security, & OSINT Show 246 - Android Sanitization: This week he discusses Android sanitization without custom ROMs, unlocked boot-loaders, or rooted devices.

2. Risky Business #650 - USG drops Russia advisory as Ukraine tensions mount: Marc Rogers is the executive director of cybersecurity there and he’s joining us this week to talk about the log4j bug and some adjacent issues.

3. Smashing Security 257 - Pokemon-hunting cops and the Spine Collector scammer.

4. How to fix the internet - Algorithms for a Just Future: Modern life means leaving digital traces wherever we go. But those digital footprints can translate to real-world harms: the websites you visit can impact the mortgage offers, car loans and job options you see advertised.

5. Darknet Diaries EP 108 - Marq: This is the story of Marq. Which involves passwords, the dark web, and police.

Get $100 to try DigitalOcean - The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Subscribe to the Hive Five to read the rest.