🐝 Hive Five 71 – First Times

Hi friends,

Greetings from the hive!

I hope you're doing splendidly. I'm still progressing in the Power of Now book by Eckhart Tolle, whose work surprisingly showed up in Kendrick Lamar's latest album.

What are you reading/listening to lately? Let me know!

Let's take this week by swarm!

🐝 The Bee's Knees

1. NahamCon2022 - infosec_au - Finding 0days in Enterprise Web Applications.

2. Bug Bounty Redacted #3 - Hacking APIs & XSS, SQLi, WAF Bypass in a regional web application: It's shubs again with his series called Bug Bounty Redacted.

3. How masscan works: Masscan is a fast port scanner capable of scanning the entire IPv4 internet in under five minutes. To achieve maximum speed, it requires a stable 10 Gigabit link and a custom network driver for Linux. In comparison, it can take weeks or even months for the naive implementation of port scanners.

4. How I could exploit the CVE-2022-1388, F5 BIG IP iControl Authentication bypass to RCE: In a cyber security world there are a lots of CVEs discovered and coming out daily. Many of CVEs don’t have a corresponding exploit code.

5. What a CTF on IRC looks like — IRCPuzzles AFPC 2022: IRCPuzzles is an IRC-based puzzle game hosted every year on April 1st. The event lasts for several days. The answers are keys to channels and contestants progress from the first level to the final level. The levels usually get progressively harder.

🙏🏻 Support the Hive

• Get $100 to try DigitalOcean. The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

• Share the newsletter

• Buy me a coffee

• Follow me on Twitter

• Become a sponsor

🔥 Buzzworthy

✅ Changelog

1. Mara's highlights of the Rust 1.61 release.

2. Simon released shot-scaper 0.14: The latest version of my CLI tool for automating screenshots of web pages.

3. Ffuf v1.5.0: Fast web fuzzer written in Go. Do autocalibration for full path, choose between 'and' and 'or' matching and filtering, ac rewrite.

📅 Events

1. Blackhoodie at ReCon 2022: Guess what, they’re back! COVID had them cancel a number of events in 2020, and they needed to go virtual for 2020 and 2021.

2. Security Fest 2022 - JUNE 2nd & 3rd 2022: IT security conference - learn. inspire. connect.

🎉 Celebrate

1. Ben's defcon training was accepted AND he's crushing it at the gym: Let's go champ!

2. renniepak officially starting full-time hunting: You got this!

3. hakluke's hakrawler has been added to Kali Linux 2022.2: Awesome!

4. Farah's trip of many first times: Yes!

💰 Career Corner

1. 5/18/2022 Cybersecurity Job Thread by Marcus.

2. Austin is hiring Virtual US Support at AWS: Help him run the Bug Bounty program over at AWS. He's looking for an experienced TPM and Security Engineer.

3. Jessica Rose on anti-perks in tech jobs: What perks sound good but are a hard no from you?

4. Hiring & Getting Hired in Cybersecurity.

⚡️ From the Community

1. HackerOne wrapped up H1303. Relive the event via Nagli and Farah. Also, big congrats to Yassine for being the 1st place winner and MVH.

2. The DOJ effectively endorsed good-faith security research.

3. hakluke is trying out a more loose work schedule: "[...] I think it will force me to be more productive in the time that I do work, and allow me to enjoy life more. I'll let you know how it goes."

4. renniepak et al are having a meetup: "Finally meeting some long time hacker friends/legends. [...]"

5. Lady asks all about conference swag: "What conference swag do you love & what is overdone? Also, what's the weirdest con swag you've ever gotten?"

📰 Articles & Tweets

1. What was the first malicious code you ever looked at? asks Yuu: What did it do? How did you examine it?

2. Andrea discovered a HTTP Header Smuggling affecting AWS ELB Cache mechanism: The Brave team helped triage it, AWS fixed the issue.

3. Hacking Swagger-UI - from XSS to account takeovers: Swagger UI is a really common library used to display API specifications in a nice-looking UI used by almost every company.

4. How to get Private Invites on the Bugcrowd Platform: Private invites are a great way to earn some serious rewards, up-skill yourself, and become an active participant in the hacker community. But you may ask yourself, “how do I get private invites?”

5. How To Hack Web Applications in 2022 - Part 1: TL/DR: Web applications can be exploited to gain unauthorized access to sensitive data and web servers. Threats include SQL Injection, Code Injection, XSS, Defacement, and Cookie poisoning.

📚 Resources

1. Smart Contract Security Best Practices: A guide to smart contract security best practices.

2. Bug bounty changelogs: A list of changelog pages for public bug bounty programs.

3. A repository of breaches of AWS customers: Security is an exercise in managing risk.

4. Intigriti legends: This Google sheet checks the Intigriti top 20 of every quarter of the years in B1 and B2. Made by Stefan.

5. awesome-flipperzero: A collection of awesome resources for the Flipper Zero device.

🎥 Videos

1. Ippsec takes on HackTheBox - Pandora.

2. OffensiveCon22 Watch Party: Covering two talks "Mark Brand and Sergei Glazunov - Data Only Sandbox Escapes" and "Simon Scannell, Niklas Breitfeld and Carl Smith - Counter-Strike: Global Offsets".

3. LevelUpX - Series 1 - Salesforce Object Recon with B3nac: The first speaker in the series is researcher, Kyle Benac (B3nac). In this half-hour talk, Kyle will be speaking on Salesforce Object Recon and there'll be a short Q&A following his presentation!

4. Bug Bounty 101 #18 - Approaching a Public Target (Pinterest): In this 30 minute bug bounty video, Z-Wink goes over his approach to a new or public target and give you a window into how he works.

5. Anti-Griefing Squad: LiveOverflow wants to show you another Minecraft related project of his. He tried to scan the whole internet for servers. For what? Well.... you will see.

🎵 Audio

1. Breaking into Adversarial Emulation / Pen Testing by Dahvid et al.

2. Bug Bounty Podcast - Deleting Rubygems, BIG-IP Auth Bypass, and a Priceline Account Takeover: A lot of cool little bugs this week with some solid impact, Facebook and Priceline account takeovers, F5 iControl Authentication Bypass, and a couple other logic bugs.

3. Smashing Security #275 - Jail for Bing, and mental health apps may not be good for you.

4. Malicious Life S03E168 - Operation CuckooBees [ML B-Side]: Assaf Dahan, Threat Research Lead at Cybereason's Nocturnus team, describes a recently discovered cyber-espionage campaign targeting the Defense, Energy, Aerospace, Biotech and Pharma industries conducted by APT 41, AKA Winnti Group - a Chinese state-sponsored APT group known for its stealth and sophistication.

5. Darknet Diaries #117 - Daniel the Paladin: Daniel Kelly was equal parts mischievousness and clever when it came to computers. Until the day his mischief overtook his cleverness.

Get $100 to try DigitalOcean - The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Subscribe to Premium to read the rest.