- Hive Five
- Posts
- π Hive Five 86 β Mental Hacking, Fast-Foodification, and Firefox OOB to RCE
π Hive Five 86 β Mental Hacking, Fast-Foodification, and Firefox OOB to RCE
Photo by Jonathan Borba / Unsplash
Hi friends,
Greetings from the hive!
Sorry, Iβm late! I wasnβt feeling well on Sunday, when I usually craft the newsletter.
I hope you had a wonderful weekend. Mine was once again quite physically intense. Last time, I left it as a bit of a mystery, but I've been participating in a volunteer firefighting training program.
Let's take this week by swarm!
π The Bee's Knees
Hugh D'Andrade artwork to celebrate the life of Peter Eckersley: "[...] It's on a CC-By license, please feel free to use with attribution for any purpose! More pixels available on request."
A practical guide of how Johan Carlsson made it into GitLab bug bounty top 5.
Mental Hacking Ep 1 - How to Improve in Bug Bounty / Web Security?.
HOW DID THIS HAPPEN!? (13370822 LHE VLOG): It's been 2+ years since STΓK participated in a live hacking event and made a vlog about it.
Client-side desync vulnerabilities - a breakthrough in request smuggling techniques.
π Support the Hive
Enjoy reading the Hive Five? Consider sponsoring the next edition.
You can also follow me on Twitter.
π₯ Buzzworthy
β Changelog
Arjun 2.2.1: HTTP parameter discovery suite.
reconftw v2.4: reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities.
π Events
Grab your change to participate in Visma's live hacking event: Anyone can apply for the last 3 seats. Apply before Sept 19.
Pay What You Can for SOC Core Skills 12-15 Sept: "Yes, $0 is an option. Let's break some gates down and get more cool people in the industry."
π Celebrate
π° Career Corner
β‘οΈ From the Community
Frans can't make it to THREAT CON: He'll still be doing a virtual talk and do some Q/A after.
Inti found an interesting way to track location of cars: He'll be revealing more details early this week.
π° Articles, Discussions & Threads
Context-Aware Content Discovery with Chameleon: While there's already a handful of great directory bruteforce tools, the key to uncovering hidden files / endpoints will always be a good wordlist. A common approach they noticed being used by bug bounty hunters is using the same, huge, wordlist every time.
Browser Exploitation: Firefox OOB to RCE: In this post, they will exploit Midenios, a good introductory browser exploitation challenge that was originally used for the HackTheBox Business-CTF.
How dogwhohacks leant on browser defaults and a timing attack to obtain an XSS on a target.
What would Mohsin do if they started bug hunting from 0 again?.
HTTP://HTTP://HTTP://@HTTP://HTTP://?HTTP://#HTTP://: A surprisingly large number of people thought it reminded them of the old buffalo buffalo thing.
π Resources
What would you do to ensure hackers are happy?: If you were in charge of the vulnerability disclosure team at a huge company - assuming you had full control.
six2dez's obsidian-pentesting-vault: Sample Obsidian's vault for web pentesting.
Default Credentials Cheat Sheet: One place for all the default credentials to assist the pentesters during an engagement, this document has a several products default credentials that are gathered from several sources. You can turn the cheat sheet into a cli command and perform search queries for a specific product.
OWASP Firmware Security Testing Methodology: Whether network connected or standalone, firmware is the center of controlling any embedded device. As such, it is crucial to understand how firmware can be manipulated to perform unauthorized functions and potentially cripple the supporting ecosystemβs security.
π₯ Videos
WiFi Hacking with Airgeddon, Kismet and Kody's favourite hacking tools: Kody shares his favourite wifi hacking tools with us. Kody covers a range of tools from the cheap esp8266 to using Panda WiFi adapters with a Raspberry Pi and hacking Wifi using tools as Airgeddon and Kismet.
Combining AD Honey Pot Accounts with Canaries to Detect Password Sprays and Kerberoasting for free!.
Smart Contract Series - Episode 3 - Auditing Smart Contracts.
HackTheBox - Scanned - Escaping and Exploiting Chroot Based Jails via Unprotected File Descriptor.
π΅ Audio
Risky Business #677 - A day late and a dollar short - China doxxes NSA op.
Smashing Security #288 - Chiquita banana, dumb criminals, and detecting ring binders: Students learn a valuable lesson when it comes to AI detecting guns on campus, SIM swappers are surprisingly stupid, and romance scammers get scammed by someone (or some thing?) calling themselves Chiquita Banana.
Darknet Diaries #123 - Newswires: Investing in the stock market can be very profitable. Especially if you can see into the future. This is a story of how a group of traders and hackers got together to figure out a way to see into the future and make a lot of money from that.
Malicious Life - Hacking Language Models: Language models are everywhere today. Can these models be hacked to gain access to the sensitive information they learned from their training data?
Get $100 to try DigitalOcean. The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have **every cloud resource you need** at an affordable price.
Subscribe to Premium to read the rest.
Become a paying subscriber of Premium to get access to this post and other subscriber-only content.
Already a paying subscriber? Sign In.
A subscription gets you:
- β’ Join a private Discord COMMUNITY: Engage in chat, uplift one another, grow together, and explore shared interests.
- β’ Access to COMPLETE HIVE ARCHIVE: Unlock a treasure trove of tools, resources, videos, and audio, catering to all your needs.
- β’ EXCLUSIVE & BONUS content: Delve into hundreds of curated links that didn't make it into the newsletter.
- β’ MEMBER-ONLY events: Take part in digital meetups, focus sessions, and more.
- β’ Deep DISCOUNTS on paid content.
- β’ Experience continuously added NEW BENEFITS.