- Hive Five
- Posts
- π Hive Five #33 β Live life
π Hive Five #33 β Live life

Photo by JOSHUA COLEMAN / Unsplash
Hi friend,
Greetings from the hive!
I hope you had a great weekend. Mine was unexpectedly intense. There was a medical emergency in my family but thankfully all turned out well.
This event further emphasized a recurring thought I've been having, to live life to the fullest. Long-term goals are fine and all but make sure you're making the most out of every day. Let your loved ones know you care and don't forget to be silly once in a while!
In lighter news, I've recently purchased AfterShokz Aeropex, open-ear bone conducted headphones, to accompany me on my daily runs. So far I'm liking them a lot!
Let's take this week by swarm!
π The Bee's Knees
How MarkMonitor left >60,000 domains for the taking: Thanks to Nagli and d0xing for helping figure out what was happening with this issue.
How does cryptography ACTUALLY work?: In this video they attempt to introduce you to some of the maths behind modern cryptography, which is in a sense how the world around us works now.
AutoRecon v2 (Introduction + Plugin Development): The reveal of AutoRecon v2.
Zoom RCE from Pwn2Own 2021: On April 7 2021, Thijs Alkemade and Daan Keuper demonstrated a zero-click remote code execution exploit in the Zoom video client during Pwn2Own 2021.
Rana Khalil's Web Security Academy Series: This course is based on a Youtube series called the Web Security Academy Series.
Join the Hive community! You can reach me on Twitter, or replying to this email also works.
π Want to sponsor an issue?
Get $100 to try DigitalOcean. The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.
π₯ Buzzworthy
β Changelog
ProjectDiscovery Notify v1.0.0: New Features, more Providers.
π Events
Six2dez is releasing ReconFTW v2.0: during their talk at @DragonJARCon 2021, 09/01.
Bugcrowd releases friends feature: Platform Collaboration in 5 Easy Steps.
π Celebrate
Hack The Box reached 700k platform members: Huge congrats!
Nagli reached the HackerOne top 10 on the 90 day leaderbord: Awesome!
d0nut is moving soon. Have fun!
shenetworks started a YouTube channel: Go subscribe!
π° Career Corner
π° Articles
Oauth client secret leak and possible IDOR leading to PII Disclosure.
How to Inspect Network Traffic: Weed out the noise to drill down to what your systems are doing and what could be a true threat.
How to set up Docker for Varnish HTTP/2 request smuggling: Alfred Berg, Security Researcher at Detectify, shows you how to set up an environment to test out HTTP/2 request smuggling.
Attack Surface Management. Youβre (probably) doing it wrong..
π Resources
π₯ Videos
Decentralizing Git Workflows with Abbey Titcomb of Radicle: Radicle is a new kind of code collaboration network built entirely on open protocols.
Cross-Site Request Forgery (CSRF) | Complete Guide: Covering the theory behind Cross-Site Request Forgery (CSRF) vulnerabilities, how to find these types of vulnerabilities from both a white box and black box perspective, how to exploit them and how to prevent them.
"You Changed My Life" with John Hammond (Hacker Heroes #11).
Prototype pollution in Google Analytics?! Solution to August '21 XSS Challenge.
π΅ Audio
Bug Bounty Reports Discussed 01: Finding bugs in Google VPR without recon - David SchΓΌtz.
042: Cherie Hu - The Math Behind Water & Music, and a Successful Newsletter.
The InfoSec & OSINT Show 65 - Martina Dove PhD & The Psychology of Scams.
Not Investment Advice - Lumber Trader Explains What's Going On With Lumber (Bonus Episode).
Get $100 to try DigitalOcean - The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.
Become a Premium member to read the rest.
Become a paying supporter of Hive Five gets you access to this post and other premium-only content.
Already a paying subscriber? Sign In.
Premium perks:
- β’ Join a private Discord COMMUNITY: Engage in chat, uplift one another, grow together, and explore shared interests.
- β’ Access to COMPLETE HIVE ARCHIVE: Unlock a treasure trove of tools, resources, videos, and audio, catering to all your needs.
- β’ EXCLUSIVE & BONUS content: Delve into hundreds of curated links that didn't make it into the newsletter.
- β’ MEMBER-ONLY events: Take part in digital meetups, focus sessions, and more.
- β’ Deep DISCOUNTS on paid content.
- β’ Experience continuously added NEW BENEFITS.