🐝 Hive Five 100 – 2022 OSCP study guide, command-line data-wrangling, and offsec tools

Hi friends,

Greetings from the hive!

I hope you had a wonderful weekend. Did you tune into NahamCon 2022 EU? I sadly missed it, as I'm not in a European-friendly timezone. Nevertheless, I've included several talks in this week's edition as they're always a must-watch.

It has also been getting colder where I live. Although some people may not enjoy the colder weather, I find it invigorating. The crisp, cool air has a soothing and refreshing effect on me, and I love the feeling of it on my skin as I take deep breaths.

Let's take this week by swarm!

🐝 The Bee's Knees

1. Story of an RCE on Apple Through Hot Jarr Swapping by Frans Rosen. more | repo

2. Which XSS payloads get the biggest bounties? A case study of 174 reports. more

3. offsec.tools: A vast collection of security tools. 147 and counting. more

4. A study guide for the OSCP exam 2022. more

5. Command-Line Data-Wrangling by Tomnomnom. more

️💪 Sponsor

Want me to write about your company? Sponsor the Hive Five.

🔥 Buzzworthy

✅ Changelog

1. Rust 1.66.0 was released! As usual, here's a thread with some of the highlights by Mara Bos. more

2. Burp Suite - Professional / Community 2022.12.4 release to the Stable channel. Includes improvements to authenticated scanning, a live crawl view for Burp Scanner, and various new DOM Invader features. more

🎉 Celebrate

1. Jason Haddix qualified for Bugcrowd 's MVP. Congrats! more

2. The first NahamCon2022EU is in the books. Amazing! more

3. rez0 has been killing the AI art game. Keep it up! more

💰 Career

1. Netflix is expanding their Detection Engineering team. more

2. FalconForce is growing and looking for several new amazing European colleagues to join them in making our clients even more secure. more

3. hakluke is on the lookout for a cloud security expert who can write well. more

⚡️ Community

1. Charlie Eriksen gave Github Copilot a try. more

2. shubs spent 189 hours on /r/netsec. more

3. Why do bug bounty programs run promotion over the holiday period? zseano asks. more

4. Mason got some good news and some bad news. more

5. Jonathan Bouman found an unprotected API endpoint at HAwebsso.nl that lead to a data leak of +15k medical doctor usernames & password hashes. more

📰 Read

1. AWS ECR Public Vulnerability. Gafnit discovered a critical AWS Elastic Container Registry Public (ECR Public) vulnerability that allowed external actors to delete, update, and create ECR Public images, layers, and tags in registries and repositories that belong to other AWS Accounts, by abusing undocumented internal ECR Public API actions. more

2. Security Research on Twitter: Before and After Musk’s Takeover. more

3. Unusual Cache Poisoning between Akamai and S3 buckets. more

4. Technical challenges with file formats of old file formats. more

5. IDN is crazy. IDN, International Domain Names, is the concept that lets us register and use international characters in domain names, and by international we of course mean characters outside of the ASCII range. more

📚 Resources

1. Some CTFs with a monetary prize. more

2. Hacker gift ideas thread by Katie. more

3. A SSRF thread. Server-Side Request Forgery vulnerabilities are attacks that allow attackers to send arbitrary requests from the server often resulting in gaining authorized access to data. more

4. learnbyexample/scripting_course: Books, reference guides and resources on Regular Expressions, CLI one-liners, Scripting Languages and Vim. more

5. aaarghhh/awesome_osint_criypto_web3_stuff: A collection of resources useful for OSINT Investigations on Cryptocurrencies and WEB3. more

🎥 Watch

1. 2022 Vegas Bug Bash with Bugcrowd. The worlds top-notch ethical bug hunters travel to Vegas for the 2022 Bugcrowd Bug Bash with two industry leading Bugcrowd customers. Check out their unique stories and what they’ve learned along the way. more

2. The Pivot with Gisela Perez de Acha: Data Privacy Lawyer Ascended Investigative Reporter. Gisela is a a human rights lawyer, an open source researcher at Berkeley Law’s Human Rights Center Investigations Lab, and a trainer at Amnesty International’s Digital Verification Corps, a global network of volunteers who fact-checks social media posts about war crimes and human rights violations. more

3. How g0lden connects his automation to a database. (Automation Series). more

4. LevelUpX - Series 12: Finding Sensitive Data in Android Apps with Nerdwell. In this presentation, Nerdwell reviews common developer assumptions about mobile application security and explores ways in which these assumptions can be invalidated. more

5. Ethical Hacking in 15 Hours - 2023 Edition - Learn to Hack! (Part 2). more

🎵 Listen

1. Darknet Diaries Ep 130: Jason's Pen Test. Jason has done hundreds of penetration tests in his career. He comes on the show today to tell a few stories of things he's done. more

2. Day[0] Bug Bounty Podcast 175 - Pwn2Own Bugs and WAF Bypasses. Is Pwn2Own worth it for bug bounty hunters? A handful of trivial command injections, and some awesome WAF bypasses. more

3. Malicious Life season 3 / episode 198 - Thamar Reservoir. more

4. Risky Business #689 - FBI baulks at Apple's iCloud encryption push. more

5. Smashing Security 302 - Lensa AI, and a dog called Bob. Drug dealers come unstuck while using the Encrochat encrypted-messaging app, and we put the Lensa AI avatar-generation tool under the microscope. more

Subscribe to the Hive Five to read the rest.