🐝 Hive Five #31 - DEFCON and friends

Hi friends,

Greetings from the hive!

I hope you had a great week. As you probably noticed, there was no newsletter last Monday as I was at Def Con! What a blast that was. It was a trip of many firsts for me, Vegas, Def Con, and getting to meet many online friends. It was amazing to be able to interact with people from the community.

Let's take this week by swarm!

🐝 The Bee's Knees

1. Recap since last newsletter:

   1. Pwnie Awards

   2. DEF CON 29: The Official Soundtrack

   3. Top Hacks from Black Hat and DEF CON 2021

   4. DEFCON 29 talks

2. How to Hack APIs in 2021: Written by Hakluke and Farah Hawa.

3. Just Gopher It - Escalating a Blind SSRF to RCE for $15k: This was discovered on the main scope of one of Hackerone’s longest-running, largest bug bounty programs.

4. Jan Schaumann talks about TLDs: You know, .com, .org, .net, .gov, .vermögensberatung and .香港 - those.

5. How to Use WPScan With ethicalhack3r: Ever wondered how to properly use WPScan? Well you're in luck! NahamSec had the chance to sit down with WPScan's author, ethicalhack3r, and get a walkthrough during an episode of Live Recon!

🙏🏻 Enjoy This Newsletter?

• Get $100 to try DigitalOcean. The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

💌 Want to sponsor an issue?

🔥 Buzzworthy

✅ Changelog

1. Nmap Nmap 7.92: Global pandemic may keep some of them home from Defcon, but it can't stop their traditional Defcon release!

2. Release DOMPurify 2.3.1 · cure53/DOMPurify.

3. Release ZMap 3.0.0 Major Release (Beta 1): ZMap 3.0.0 represents several years of development and contains more than a hundred small bug fixes from ZMap 2.1.1.

4. reNgine 1.0 release: In a nutshell, a feature-packed major release that will potentially change the way you recon.

📅 Events

1. Pentester Nepal is looking for sponsors: To celebrate their 'PTN 8th Anniversary' by awarding contributors, conducting Cybersecurity awareness event, infosec talks etc.

2. OWASP DevSlop session with Shubham Shah: Join them on August 21 and explore how source code analysis can lead to finding vulnerabilities in large enterprises' codebases.

3. Caido announcement: A high-performance / low memory usage web security auditing tool written in Rust.

4. Apply to be a GitHub Campus Expert: Applications open on August 9 at 7:00 am PT for our August 2021 batch and they are looking for student community leaders from across the globe to join.

5. Corben Leo's mom is fundraising for those experiencing homelessness.

🎉 Celebrate

1. Arth Bajpai bought a vehicle. Congrats!

2. Lilian Féllice is in the top 100 on YesWeHack: Awesome!

3. HolyBugx's new website is live: Love to see it!

4. Daniel Miessler celebrates d0nut: Couldn't agree more!

5. Ian Carroll joined Robinhood's security team: Woohoo!

💰 Career Corner

1. Marcus Carey's 8/12/2021 Cybersecurity Job Thread: Is your organization hiring cybersecurity peeps? Please Reply with open cybersecurity job links & information.

2. Netflix is hiring an engineer on their application security team: They take a software-first approach to scaling security at Netflix - if you love building, tackling hard problems and are interested in security, check out this remote-friendly role!

3. Daniel Miessler is looking to hire a product-management-minded person: Product Management experience, Data wrangling (API pulls, etc.), Data visualization (Tableau, etc) and security knowledge would be a bonus.

4. Companies that are hiring remote repository: This repo is meant to be a list of companies that hire security people full remote.

5. Ubisoft is hiring: You get to work with Jason Haddix - remote available for the right candidates.

📰 Articles

1. From Chokeslams To Pwnage: Phillip Wylie Shares His Journey From Pro Wrestling To Offensive Security: Cybersecurity is a lucrative career, but knowing which path to follow to break into the industry can be daunting for fresh graduates, enthusiasts, and those switching careers.

2. Jackie Singh investigates a phishing email.

3. OSINT Teamwork - How We Won The Trace Labs DEFCON29 Black Badge: Forming a team might be one of the most important aspects of participating in the Trace Labs OSINT Search Party event.

4. Introducing dirtywords - A Targeted Word List Generator: A target-specific word list is a list of words based on company culture, products, commonly used technology, connected assets, and other related data.

5. Stealing Bitcoin with Cross-Site Request Forgery (Ride the Lightning + Umbrel).

📚 Resources

1. Disclosed report - Modify in-flight data to payment provider Smart2Pay.

2. Paul Seekamp's API wordlist: Based on the top 55 mobile apps, extracting relative links/parameters from each file in the apk.

3. Thread about CTFs by Ian Coldwater.

4. Business resources for OSINT investigations.

5. Writeup CTF Intigriti Challenge 0721: The page implements some kind of live HTML editor in which you are able to edit html code live and possible errors are shown in the console.

🎥 Videos

1. Hacker Heroes #9 - RobinZekerNiet (Interview): One of Intigriti's Top 5 hackers in the All-Time leaderboard.

2. Learn with HolyBugx - Demystifying Cookies and Tokens: In this video, Emad Roshan alias HolyBugx discusses his study on cookies and tokens, as well as his recent HackerOne discovery where he was able to accomplish CSRF using XSS.

3. $50k bug bounty on Shopify explained (GitHub access token leaked via electron application): In this video we walk through how a security researcher named Augusto Zanellato was able to discover a GitHub Personal Access Token (PAT) that had read/write access to private Shopify repositories, and earned them a $50,000USD bounty!

4. Hacker Heroes #8 - d0nut (Interview): Nathanial Lattimer is a top notch hacker, previous program manager of the Dropbox bug bounty program and co-founder of an infosec company.

5. Interview with SherlockSecure: #12 hunter on GitHub, has a 1000+ rep on HackerOne and is top 400 on Bugcrowd.

🎵 Audio

1. Osint curious interview with Nicole Beckwith: This conversation was filled with practical advice and tips that you can apply before, during and after an investigation.

2. We Hack Purple Podcast Episode 47 with Deviant Ollam: Host Tanya Janca learns what it’s like to be a physical penetration tester, with guest Deviant Ollam.

3. A Conversation With Certified Pentester, Lily Clark | The Hacker Factory With Phillip Wylie: Lily Clark shares her background of being a kinesiology major with a sales background and how she became a certified pentester.

4. Lex Fridman Podcast - #196 – Yeonmi Park North Korea: Yeonmi Park is a North Korean defector, human rights activist, and author of the book In Order to Live.

Get $100 to try DigitalOcean - The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Subscribe to the Hive Five to read the rest.