- Hive Five
- 🐝 Hive Five 158 – Is it possible to have privacy in 2024?
🐝 Hive Five 158 – Is it possible to have privacy in 2024?
Rook to XSS, Obsidian 2024 gem winners, CVEmap, and more...
Greetings from the hive!
Sharing an observation that my YouTube recommendations have been suggesting some marvelous videos and channels.
Some, are seemingly unrelated to my interests or search history, but resonating with me nonetheless. I like it!
Speaking of YouTube, I went ahead and blocked shorts using last week's uBlock tutorial by ippsec.
Let's take this week by swarm!
🐝 The Bee's Knees
Rook to XSS: How Jake hacked chess.com with a rookie exploit. SKII
Obsidian 2023 Gems of the year winners. It has been nearly four years since the first line of code of Obsidian was written on January 31st, 2020. OBSIDIAN
Multiple vulnerabilities on GestSup 3.2.44, an application used for ticketing purposes and device management. SYNACKTIV
Failing Upwards (or not) by Andy Gill: "If you find yourself on the path of leading a team, make sure you set critical baselines with your team. Always do what is best for your team and set them up for success." PART ONE | PART TWO
ProjectDiscovery released their latest tool CVEMap to navigate the Common Vulnerabilities and Exposures jungle with ease. It's a CLI tool designed to provide a structured and easily navigable interface to various vulnerability databases. PROJECTDISCOVERY
Which Bee's Knees was your favorite? Reply with the number (#1, #2, #3, #4, or #5)!
Obsidian asked its users what to prioritize in 2024 and the first item they'll attack is making mobile faster and better. I'm a power user and don't even notice any mobile friction, but..I've got a need for speed. TWITTER
Vote on the Top 10 web hacking techniques of 2023. Closing time: 31 January 2024 00:00:00 (UTC). PORTSWIGGER
Tanya received the SANS Difference Makers Award for Mentor of the Year. Congrats! YOUTUBE
An interesting job posting for a Windows 3.11 Administrator?! Required skills include MS DOS. Young teen me would kill this. GULP
From $12,000/mo FAANG Intern to Snapchat Security Engineering Lead at 25. YOUTUBE
Ask HN: Those making $500/month on side projects in 2024 show and tell. YCOMBINATOR
Salary negotiation in 30 seconds. Rule nr. 1: Don’t ever tell them your current salary. CRITTER
Trash Puppy was overwhelmed with the generosity of strangers on the internet. This is what I love to see! TWITTER
Did you know that TomNomNom has a guitar channel called StrumNumNum? TWITTER
Patrik shares what's on his ThinkCentre M910q Tiny self-hosted bug bounty box: XSSHunter, Portainer, Adguard, and more... TWITTER
Atlassian Confluence: Remote Code Execution (CVE-2023-22527). A critical vulnerability within Atlassian's Confluence Server and Data Center. This vulnerability has the potential to permit unauthenticated attackers to inject OGNL expressions into the Confluence Instance, thereby enabling the execution of arbitrary code and system commands. PROJECTDISCOVERY
Hunting for Prototype Pollution gadgets in jQuery (intigriti 0124 challenge). The challenge ran for one week in January 2024. The intended solution was not found by anyone during the timeframe of the challenge, while multiple participants found an unintended solution using the jQuery attr() function. JOAXCAR
The Certification Industrial Complex and other Cyber Education Embarrassments. Graham questions the overreliance on certifications and advocates for a shift towards personalized learning plans and unique demonstrations of competence. GRAHAMHELTON
I’m Not A Pentester (And You Might Not Want To Be One Either). An article written by assume-breach: "We all want to get paid to pwn. The problem is that the business of hacking is much different than OffSec Proving Grounds or HackTheBox Certified Whatever networks." MEDIUM | RESPONSE BY ALEX
A one-liner to find out what your most used CLI command is. Mine are ls and cat... both (bad) habits. TWITTER
Awesome accounts to follow. Randomly selected from my curated Twitter lists.
@jasonfried | Jason Fried | Founder & CEO at 37signals (makers of Basecamp and HEY). Non-serial entrepreneur, serial author. No DMs.
Dr. K talks Meaning, Purpose, and Motivation. YOUTUBE
Highlight what you hear. It sounds nice but I haven't found a good way to do so yet. This solution works if you use Overcast. PODHIGHLIGHTER
Danny used Opal to overcome his Twitter addiction by blocking all social apps and websites for 24h per day. Whenever you open one of the apps, you need to open Opal first to "snooze" the block for 5 minutes. TWITTER
Extreme brainstorming questions to trigger new, better ideas. ASMARTBEAR
The Knowledge Economy Is Over. Welcome to the Allocation Economy. EVERY
Get $200 to try DigitalOcean. Level up your bug bounty game with the ultimate VPS solution. It's my go-to for all recon, automation, and even VPN needs. Get access to a comprehensive range of cloud resources, all at an affordable price.
Learn by Doing: How LLMs Should Reshape Education. The path toward hands-on autonomous learning is through large language models (LLMs). Jon Udell shows how the EdTech sector can use AI. THENEWSTACK
Self-Rewarding Language Models. They argue that to achieve superhuman agents, future models require superhuman feedback in order to provide an adequate training signal. Skynet is that you? ARXIV
Alternatives to Ahrefs for SEO. Some suggestions are Mangool and LowFruits. TWITTER
Nightshade is a tool that protects artists' images online by poisoning AI, making them learn unexpected things from the pictures. UCHICAGO
jub0bs created a Go course for beginners. GITHUB
Daniel shared a paradox, if you need something done very well, you often have to do it yourself and not hire a pro. Pros will often choose efficiency over quality. TWITTER
11 biggest takeaways from meeting Tony Robbins. Number one is that most give in order to get. The goal is to transcend that, give no matter what you get back. GOOGLE
"I had a teacher that didn't like me and I didn't like him. At the end of the year he decided to fail me. The ironic thing is that the topic was chemistry. I have the distinction of being the only chemistry laureate who failed the topic in high school!" — Nobel Prize winner Tomas Lindahl. Don't let anyone define your story. TWITTER
"Creating your own opportunities, is so much more efficient than waiting for them." — Dr. Gurner TWITTER
Watching Sopranos content led to the following YouTube recommendation: inside Michael Imperioli's History-Filled New York Home. YOUTUBE
Another YouTube recommendation is Goldberg's Garage walkaround. Although I'm not a car enthusiast, WWE was part of my childhood. YOUTUBE
NearbyWiki is a map you can use to find places nearby that have their own Wikipedia page. NEARBYWIKI
teachyourselfmath brings you good math problems that are hidden inside textbooks and online documents. TEACHYOURSELFMATH
“People are more adept at working against things than oftentimes we give them credit for. We often think of people working for things, but they often work against things. They work against poverty. They work against their upbringing. They work against some of these things just as much as they’re working for them. Some people are very fear-driven. We talk about fear as being very negative, but it also can be very positive.”
— Dr. Julie Gurner
👇 Join the Hive! Upgrade to a membership and unlock exclusive content below, featuring valuable tools, essential resources, and must-watch/listen recommendations.
Subscribe to the Hive Five to read the rest.
Become a paying subscriber of the Hive Five to get access to this post and other subscriber-only content.
Already a paying subscriber? Sign In