🐝 Hive Five 65 – Nahomies

Hi friends,

Greetings from the hive!

I hope you had a wonderful weekend. It was the return of Sunday Live Recon. Good vibes.

Let's take this week by swarm!

🐝 The Bee's Knees

1. The Nahomies are back: Excited to watch another season of Live Recon. This time it's co-hosted by @Jhaddix + @stokfredrik. First guest was none other than @ippsec!

2. ComfyCon AU 2022: ComfyCon AU was originally constructed as a conference in March 2020 as a response to the cancellation of Cyber Security conferences due to the COVID-19 pandemic.

3. soXSS - writeup: The challenge consisted of two components: Text input for HTML notes. Rendered HTML page from textarea, rendered inside an iframe. The embedded iframe was within the same origin, but data sent to it was sanitized by DOMPurify.

4. Minecraft, But It's Reverse Engineered...: In this episode we learn how Minecraft servers are implemented by looking at PaperMC and tracing the dependencies. Turns out the custom Minecraft servers rely on decompiling the server source code! It's insane what this Minecraft community has created.

5. Jason Haddix's infamous Xmind Hunt Template: He gets asked a lot for his XMIND mindmap template which he uses and fills out as he hunts.

🙏🏻 Support the Hive

• Get $100 to try DigitalOcean. The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

• TCM Security Academy - courses, bundles, gift certs, and access passes. Cybersecurity Training That Doesn't Break the Bank. Don't overspend on your education!

• Privacy.com - Protect Yourself Online. Create virtual cards, set a spend limit on each transaction, and track your spend. Take back control of your payments.

Become a sponsor

🔥 Buzzworthy

✅ Changelog

1. ffuf v.1.5.0: This release adds huge improvements for automation use cases in the form of autocalibration rewrite.

2. Osmedeus v4.1.0: A new update command and some big refactoring in the codebase to make it faster and cleaner.

3. Arjun v2.1.5.

4. ReconFTW v2.2.2: reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities.

5. Burp Suite Pro v2022.2.3: Burp Scanner's crawler is between 6x - 9x faster when used against static or stateless sites.

📅 Events

1. The Diana Initiative's CFP is open: Come to Las Vegas August 10th & 11th to share your knowledge. Round 1 ends April 25th.

🎉 Celebrate

1. Leo Rac celebrating his birthday and more: Many congrats!

2. Masonhck357 reorganized his methodology and is ready to crush it: Let's go!

3. Social Engineering Community's new website is live: Looking good!

4. Z-winK is bringing back their video series: Can't wait!

⚡️ From the Community

1. 0xGradius on how long to wait after you quit before hunting on their bug bounty program.

2. ramsexy will be traveling around the USA around the summer.

📰 Articles

1. Stealing checks worth millions & pwning a bank: Another long (hacker) story when Jason was once contracted to do a penetration test on a bank.

2. Bypassing CDN WAF’s with Alternate Domain Routing: Content Distribution Networks (CDNs), such as CloudFront and CloudFlare, are often used to improve the performance and security of public-facing websites.

3. Monocle - How Chime creates a proactive security & engineering culture (Part 1).

4. Gophish Setup, Gandi – Part 2: Please review the Gophish – Part 1 blog to ensure you are ready to proceed with configuring Gophish with Gandi before proceeding with the following blog post below.

5. NoSQL Injection in Plain Sight: This article is about their recent discovery on Synack Red Team which was a NoSQL injection.

📚 Resources

1. Corben Leo on how he gained admin access to a Trans-Atlantic cable: "In 2010, WikiLeaks released a classified document. [...]"

2. Personal Security Checklist: A curated checklist of 300+ tips for protecting digital security and privacy in 2022.

3. Stefan Rows visualized Jason Haddix's Bug Hunter Methodology v4.

4. hakluke sharing 5 great cybersecurity news outlets.

5. Jason Haddix on how he completely compromised a password manager company: "I was given the project to pentest a password manager company. [...]"

🎥 Videos

1. IppSec taking on the HackTheBox - Overflow.

2. Dangerous code hidden in plain sight for 12 years: This episode explores a local privilege escalation vulnerability in polkit's pkexec.

3. How to find a bug, from invite to bounty w/ InsiderPhD: How to find a bug, from invite to bounty.

4. Bypassing a WAF by Finding the Origin IP.

5. Insomni'hack 2022 videos.

🎵 Audio

1. Spring4Shell, PEAR Bugs, and GitLab's Hardcoded Passwords [Bug Bounty Podcast]: This week they had some fun with some bugs that really shouldn't have passed code-review.

2. Smashing Security #269 - Trezor Deep Throat, a CCTV stalker, and Amazon's list of banned words: Kolide is a SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.

3. Art of Network Engineering #89 – SheNetworks: In this episode, they interview SheNetworks, aka Serena.

4. Darknet Diaries #114 - HD: HD Moore invented a hacking tool called Metasploit.

Get $100 to try DigitalOcean - The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Subscribe to the Hive Five to read the rest.