🐝 Hive Five 117 - Procmon for macOS, Attacking LLM, and MalDev Academy

Hi friends,

Greetings from the hive!

I hope you had a good weekend. I spent mine taking care of a bunch of small children. Very fulfilling but also tiring!

Something I was thinking of this week was happiness and the pursuit thereof. Here are some daily habits of happiness experts that can help.

I should spend more time in nature and start meditating. I also need to hang out with friends outside of professional setting more.

How about you? Let me know by hitting reply.

Let’s take this week by swarm!

🐝 The Bee’s Knees

1. Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research — Mac Monitor is practically the macOS version of the Microsoft Sysinternals tool, Procmon. more | tool

2. MalDev Academy by mr.d0x and NUL0x4C is a comprehensive module-based malware development course providing fundamental to advanced level knowledge. It features 32 Beginner modules, 49 Intermediate modules, 10 Advanced modules, 20 in the works for updates in the next few months, and 65 Custom code samples. more

3. Attacking LLM - Prompt Injection. How will the easy access to powerful APIs like GPT-4 affect the future of IT security? — LiveOverflow also breaks down how LLM’s actually work. more

4. Learn Prompting is a free, open source course on communicating with Artificial Intelligence. more

5. Google announced the deps[.]dev API which contains critical dependency data for secure supply chains. It’s a dataset of security metadata, including dependencies, licenses, advisories, and other critical health and security signals for more than 50 million open source package versions. more | API

️💪 Sponsor

Sponsor the Hive Five and reach a highly engaged community of engineers, security researchers, and ethical hackers who are at the forefront of the industry.

🔥 Buzzworthy

✅ Changelog

1. JSpector 2.4.7 is a simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issue. more

2. Findomain v9.0. is the fastest and complete solution for domain recognition. more

3. DOMPurify 3.0.2 is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. more

4. ReconAIzer v0.4 is a Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more. more

5. Syntax × Sentry MMXXIII. Sentry welcomed Syntax to the family — I think more companies should do this. It’s a win-win. It reminded me of Stripe and Indiehackers. more

📅 Events

1. NahamCon June 15-17: Opening Keynote by geekboy and todayisnew, CTF by John Hammond. Hosted by ippsec and Alh4zr3d with workshops by Jhaddix, Agarri_FR, and 0xTib3rius. more

2. B-Sides Vancouver Island needs volunteers. Sign up to go to the general meeting, on April 27th. more

3. Technical Feud gameshow 4/17 9AM PST. It’s family feud, but with programming memes. more

🎉 Celebrate

1. Nagli claimed the top spot on OpenAI’s new program on Bugcrowd. Let’s go! more | OpenAI bug bounty program

2. lil c became a Twitch Affiliate. Congrats! more

3. mert leads the March Bugcrowd leaderboard. Here’s their breakdown: P1s - SQLi x3, IDOR x2, RCE x2, and info (session) leak x1. more

4. TESS inaugurated first P1 accepted for OpenAI. more

💰 Career

1. Paul’s buddy Derek, a dedicated and experienced infosec pro, is on the job market. They have 10+ years in cloud hosting & infosec, and a diverse skillset in blue team and red team. more

2. Ask a Manager salary 2023 survey — I love transparency. The more the merrier. more | Ask a manager

⚡️ Community

1. Dominik says that ironically, getting laid off has been the best thing to happen to them this year. more

2. RogueSMG is having a blast using Trickest to simplify complex things such as Subdomain brute with HUGE list(s), resolving subs, targeted nuclei scans, run custom scripts/checks, etc. more

3. meg lost 90+ pounds and did a complete body re-comp. Here’s what she eats in a week — I tend to overeat, so this is quite helpful for me to see. more

4. Ambassador Spotlight AWC Edition - remonsec. He helps his community thrive by bringing them together to share skills in Bangladesh. more

📰 Read

1. Mustafa found an interesting endpoint during recon. It was an empty page but there was file associated with malware. more

2. Hijacking Arch Linux Packages by Repo Jacking GitHub Repositories. In this blog post, they discuss how many AUR packages (use GitHub packages that) are vulnerable to repo jacking attacks. more

3. Brief instructions for how to modify and push to someone else’s PR on GitHub. more

4. XSSI (Cross Site Script Inclusion) to Steal AccessToken — Ankit found that the confidential data including the Access Token and UID is sent inside a JSONP response. more

5. The Uninvited Guest - IDORs, Garage Doors, and Stolen Secrets — In late 2022, while conducting independent security research, Sam discovered a series of critical vulnerabilities in Nexx’s smart device product line. more

🙏 Support

Enjoy reading the Hive Five? You can treat me to a coffee!

You can also share the newsletter with your friends.

📚 Resources

1. Summary of GodfatherOrwa’s talk at InfoSecComm’s IWCON 2.0 — Nithin shares key takeaways from the talk, covering subdomain enumeration, port scanning, collecting endpoints, dorking, searching for source/backup files, sensitive dataleaks, PII search, and generic tips. more | talk

2. Using AI to Develop Realistic Sock Puppet Accounts - There has been a lot of buzz over new and innovative ways to implement AI, such as Chat GPT, into our every day OSINT Analysis. more

3. leebaird/discover is a collection of custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing and creating malicious payloads and listeners with Metasploit. more

4. f/awesome-chatgpt-prompts is a collection of prompt examples to be used with the ChatGPT model. more

🎥 Watch

1. Red and Blue Ep 2: Roadmap - Just a red team guy and blue team guy looking at stuff together. more

2. Broken Access Control - Lab #12 Multi-step process with no access control on one step. more

3. HackTheBox - Encoding walkthrough, including topics such as building a webserver in Flask to exploit a SSRF. more

4. “Through the Eyes of a Thief” at DakotaCon 2023. more

5. Cloud Hacking: Common Attacks & Vulnerabilities. more

🎵 Listen

1. Day[0] Binary Exploitation Podcast 204 - Glitching the Wii-U and Integer Overflows. more

2. Day[0] Bug Bounty Podcast 203 - Pentaho Pre-Auth RCE and Theft by CAN Injection. Some fun issues this week as they explore code execution in Synthetics Recorder stemming from a comment in the code. An auth bypass in Pentaho leading to RCE via SSTI, car theft via CAN bus message injection, and how to become a cluster admin from a compromised pod in AWK Elastic Kubernetes Service. more

3. Critical Thinking - Bug Bounty Podcast E15 - The Israeli Million-Dollar Hacker Nagli. more

4. The Privacy, Security, & OSINT Show 293 - Financial Software Considerations. more

5. Latent Space Ep. 7 - Segment Anything Model and the Hard Problems of Computer Vision with Joseph Nelson of Roboflow. Meta open sourced a model, weights, and dataset 400x larger than the previous SOTA. Joseph introduces Computer Vision for developers and what’s next after OCR and Image Segmentation are solved. more

Get $100 to try DigitalOcean. The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Subscribe to the Hive Five to read the rest.