🐝 Hive Five 118 - Easiest beginner bugs, the Anatomy of Autonomy, and BrokenSesame

Hi friends,

Greetings from the hive!

Lately, I’ve been thinking about community and curation. The importance of making everything your own and being authentic.

What’s been on your mind? Reply to this email and let me know.

Let’s take this week by swarm!

🐝 The Bee’s Knees

1. Hacker Interviews: ArchAngelDDay. His approach to finding bugs in applications involves looking for every place where the application denies a user’s request and then finding ways to bypass those restrictions to find vulnerabilities. more

2. “Easiest” Beginner Bugs? Access Control and IDORs. Whenever someone asks what bug they should look for InsiderPhD always gives the same answer: IDORs and access control issues. more | what is access control

3. Stealing GitHub staff’s access token via GitHub Actions. more

4. BrokenSesame: Accidental ‘write’ permissions to private registry allowed potential RCE to Alibaba Cloud Database Services. Wiz Research has discovered a chain of critical vulnerabilities in two of Alibaba Cloud’s popular services, ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL. more

5. The Anatomy of Autonomy: Why Agents are the next AI Killer App after ChatGPT. Auto-GPT/BabyAGI Executive Summary, a Brief History of Autonomous Agentic AI, and Predictions for Autonomous Future. more

️💪 Sponsor

Sponsor the Hive Five and reach a highly engaged community of engineers, security researchers, and ethical hackers who are at the forefront of the industry.

🔥 Buzzworthy

✅ Changelog

1. hisxo/JSpector 2.4.8 - A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues. more

2. j3ssie/osmedeus v4.4.1 - A Workflow Engine for Offensive Security. more

📅 Events

1. shubs will be doing a talk about hacking EPP servers and the EPP protocol with Sam Curry later this year. more

🎉 Celebrate

1. rez0 and rhynorater are offering security assessments and pentests for AI-powered services. Exciting! more

2. ca$s:e cage’s first three weeks at her new job have been going really well. LFG! more

3. Corben Leo submitted his first critical vuln to @kucoincom on HackenProof. Nice one! more

4. hipotermia et al are on to the next round in HackerOne’s Ambassador World Cup. Congrats! more

💰 Career

1. CrowdStrike Red Team is hiring. more

2. If anyone in the UK is looking for a pentesting role sent Mantis a DM. more

3. The Electronic Frontier Foundation (EFF) is hiring a Public Interest Technology Director to lead their Public Interest Technology team. more

4. For any aspiring entrepreneurs, this definitive list of questions from Unusual Ventures is a great “gut check” to test if you’re ready to turn an idea into something concrete. more

5. Ian Coldwater is looking for work, they’re open to security architect, threat modeling, and security research roles. more

⚡️ Community

1. Osirys is looking for a Burp bapp that will hide cookies from HTTP requests. more

2. Jason shares a funny story involving HackerOne and Bugcrowd. more

3. Katie is ready for Con season. more

4. 0x52 shares their first year stats auditing 115 codebases. They found ~140 high risk vulnerabilities and ~250 medium by spending ~1300 hours reviewing code. more

5. How many monitors does it take to be a hacker? For me personally, the sweet spot is one monitor. I currently use a 27”. more

📰 Read

1. The story of Chetan Nayak and Brute Ratel. more

2. Weblogic CVE-2023-21931 vulnerability exploration technique: post-deserialization exploitation. more

3. Multiple Critical Vulnerabilities in Strapi Versions <=4.7.1 - Strapi had multiple critical vulnerabilities that could be chained together to gain Unauthenticated Remote Code Execution. more

4. How To Bypass Cloudflare in 2022 - With an estimated 40% of websites using Cloudflares Content Delivery Network (CDN), bypassing Cloudflare’s anti-bot protection system has become a thing. more

5. Making TruffleHog faster with Aho Corasick. They used keyword optimization leveraging the Aho-Corasick algorithm. In total, this led to a 2x speedup on average in the overall scanner. more

📚 Resources

1. HackSpaceCon Workshops & Talks Slides. more

2. A 44-part Golang curriculum by Matt KØDVB. more | slides

3. OffcierCia/non-typical-OSINT-guide is the most unusual OSINT guide you’ve ever seen. more

4. awesome-foss/awesome-sysadmin is a curated list of amazingly awesome open source sysadmin resources. more

5. Though a bit late, here’s a Beginner’s Guide To BSidesSF. more

🎥 Watch

1. The Official OSCP course (PEN-200: Penetration Testing with Kali Linux) recently got updated. This is an interview with Jeremy Miller from OffSec about the changes.

2. Broken Access Control - Lab # 13 Referer-based access control. more

3. HackTheBox - Investigation walkthrough. more

4. Your first three Linux IR commands if you’re compromised. more

5. JavaScript for Hackers, Pt. 3 - reimplementing the app in React. more

🎵 Listen

1. Latent Space Ep. 8 - AI-powered Search for the Enterprise — with Deedy Das of Glean. The Hard Problems in Building an AI Search Unicorn, Google vs ChatGPT, Doing AI Infra Math, Detecting Generated Text, and why enterprises will need much more than Document QA. more

2. The Privacy, Security, & OSINT Show 294 - Preparing for Home Disaster. This week they discuss preparation for home disaster along with the latest Privacy, Security, and OSINT news. more

3. Critical Thinking - Bug Bounty Podcast E16: The Hacker’s Toolkit. Joel and Justin talk about their VPS setup, go-to hacking tools, most often used Linux commands, and the ways they duct tape all of these together for the big hacks. more

4. Songs to get you hyped in the morning. Get after it! more

Get $100 to try DigitalOcean. The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Subscribe to the Hive Five to read the rest.