🐝 Hive Five 116 - Creating with Git, CodeQL zero to hero, and Websocket are a pain

Hi friends,

Greetings from the hive!

Happy Easter to those who celebrate. I hope you had a good weekend.

I found out that you can use Apple Shortcuts to create automation for when your battery runs low. Pretty cool!

What have you automated lately?

Let’s take this week by swarm!

🐝 The Bee’s Knees

1. Creating with Git: Launch to success - a free course on Git fundamentals offered through The Taggart Institute. more

2. CodeQL zero to hero part 1: the fundamentals of static analysis for vulnerability research. Static analysis (static code analysis or static program analysis) is a process that allows you to analyze an application’s code for potential errors without executing the code itself. The technique can be used to perform various checks, verification, and to highlight issues in the code. more

3. Rule Writing for CodeQL and Semgrep. One common perception is that it is easier to write rules for Semgrep than CodeQL. Spaceraccoon shares his thoughts. more

4. WebSockets are a Pain: A Journey in Learning and Leveraging. more

5. InsiderPhD’s Hacking Setup and How to Use It (Firefox/Burp Community). This is probably one of the most common question she gets asked about Bug Bounty, right next to “do you take mentors” and “how to find a bug”. more

Sponsor the Hive Five and reach a highly engaged community of engineers, security researchers, and ethical hackers who are at the forefront of the industry.

🔥 Buzzworthy

✅ Changelog

1. Octavian implemented a cool Axiom feature for DigitalOcean users: round-robin region distribution with automatic image transfers. more

2. Corben is starting a mattress company. more

3. s0md3v/uro 1.0.0-beta declutters url lists for crawling/pentesting. more

4. JSpector 2.4.6 is a simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues. more

📅 Events

1. BSides Nashville 2023: Saturday, April 15 (8am - 5pm CDT). more

🎉 Celebrate

1. Corgi is down nearly 30lbs in 6 months. LFG! more

2. Farah is starting a new role and moving countries. Exciting! more

3. Krishna Sharma is 3rd on the Bugcrowd leaderboard in march. Nice one! more

4. TESS’s squad won the Bugcrowd Hacker Cup. Congrats! more

💰 Career

1. AppSec co-op student and intern hiring thread. more

2. Matt is looking for a Sr. Security Engineer. You would be working on their detections, threat hunting, automation, siem/soar, etc. more

3. Resume tip for 2023: use a word cloud to identify most-used words. more

4. Actionable advice on what to do when you get laid off from a high-paying job and you used all of your money as a down payment for a home. more

⚡️ Community

1. Jason is bringing his big bag of stickers for BSidesSF and RSA. more

2. Corben was able to edit the website of a company with over 50M+ customers. more

3. Jason is looking for a better bookmarking and read it later workflow. I personally use Pocket and consume it in the CLI using its API. more

4. Soatok has written a lot on their blog over the past three years. They want you to keep in mind that they’re just some guy that does it for fun. more

📰 Read

1. Full Account Takeover on unibet[.]com due to crossdomain.xml and AkamaiPlayer loaderContext. more

2. 69 Ways to F*** Up Your Deploy. We hear about all the ways to make your deploys so glorious that your pipelines poop rainbows and services saunter off into the sunset together. But what we don’t see as much is folklore of how to make your deploys suffer. more

3. Privilege escalation in AWS Elastic Kubernetes Service (EKS). The team at Calif Inc recently encountered an interesting scenario where they were trying to escalate privileges from a compromised pod in AWS Elastic Kubernetes Service (EKS) and struggled with NodeRestriction, a security mechanism enabled by default on all EKS versions. more

4. Pentah0wnage: Pre-Auth RCE in Pentaho Business Analytics Server. Pentaho Business Analytics Server is a business intelligence and data analytics platform written in Java. It’s used across a wide range of industries, including education, government and healthcare. more

5. How to Bring Down a Kubernetes Control Plane with a Single YAML. Kubernetes is a popular container orchestration platform used by developers to manage large-scale applications. more

🙏 Support

Enjoy reading the Hive Five? You can treat me to a coffee! You can also share the newsletter with your friends.

📚 Resources

1. THC’s favourite tips, tricks & hacks (Cheat Sheet). more

2. dair-ai/Prompt-Engineering-Guide contains guides, papers, lecture, notebooks and resources for prompt engineering. more

3. Google/fuzzing contains Tutorials, examples, discussions, research proposals, and other resources related to fuzzing. more

4. A huge list of OSINT resources. more

5. InfoSecMap maps out the best InfoSec events & groups. more

🎥 Watch

1. Broken Access Control - Lab #11 Insecure direct object references. more

2. HackTheBox - BroScience walkthrough. Featuring nmap, vulnerable-looking parameters, and more. more

3. We Hack Purple Streams: Digital Self-Defence Post-Roe World, with guest Abigail Dubiniecki. Covid lockdowns ushered in a rapid digital transformation as our lives moved online, and with it came a growing awareness of and unease with the copious amounts of personal data being captured, traded and re-purposed. more

4. HackerOne Hacker Interviews: Miguel (Fisher). Hear from Miguel on his experience at HackerOne’s live hacking event in Barcelona H1-3439. more

5. Cloud Hacking: Web3.0 Approach. more

🎵 Listen

1. Jack is back! Darknet Diaries Ep. 132: Sam the Vendor - Sam Bent, a.k.a. DoingFedTime. A story of Sam’s time making connections and money running drugs on darknet markets. more

2. Critical Thinking - Bug Bounty Podcast Episode 14: Mobile Hacking Dynamic Analysis w/ Frida + Random Hacker Stuff. They talk about Dynamic Analysis within Mobile Hacking and a bunch of random hacker stuff. more

3. Day[0] Bug Bounty Podcast 201 - Bamboozling Bing and a Curl Gotcha. A curl quirk that it might be useful to be aware of, Azure Pipelines vulnerability abusing attacker controlled logging, and more. more

4. Path to Citus Con: Working in public - The topic was “Working in public on open source”, and Citus developer (and pg-cron creator) Marco Slot and myself were interviewed by Claire Giordano and Pino de Candia. The full hour-long audio conversation is now available on YouTube. more

5. Securing Containers, First Steps in Docker and Kubernetes. Bret goes through his top recommendations for securing container images, Docker containers and Kubernetes pods. more

Get $100 to try DigitalOcean. The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Subscribe to the Hive Five to read the rest.