🐝 Hive Five 69 – I am. All of us.

Hi friends,

Greetings from the hive!

Happy belated Mother’s Day and world password day! I hope you and yours had a good weekend.

I had a week off from work but worked my butt off at home instead. Although it was taxing, I enjoyed spending time with my family.

I also watched the latest (last?) Ozark season. What a great show.

What did you do last week?

Let's take this week by swarm!

🐝 The Bee's Knees

1. Advanced sqlmap Case Study: Many new bug bounty hunters will blindly rely on the output of tools to magically find them bugs.

2. Solving all Web CTF tasks from NahamCon.

3. CloudFlare Pages, part 1 - The fellowship of the secret: The process of reporting, remediating and validating these problems was undertaken with the utmost professionalism and diligence by all parties.

4. The $16,000 Dev Mistake: This is a writeup on how he located some AWS keys with Recon and was able to leverage it to find out roles and permissions, as well as digging deeper to different services to really solidify the impact.

5. HYS London 2022: 'Skeleton's in the closest and other tales from beyond the grave' is a collection of stories on just some of the vulnerabilities Katie Paxton-Fear has found during her time as an Ethical Hacker. Slides.

🙏🏻 Support the Hive

• Get $100 to try DigitalOcean. The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

• Share the newsletter

• Buy me a coffee

• Follow me on Twitter

Become a sponsor

🔥 Buzzworthy

✅ Changelog

1. Osmedeus v4.1.1: A Workflow Engine for Offensive Security.

📅 Events

1. The hitchhiker's guide to harvesting open source intelligence for offensive security purposes - May 31st @ 6:30pm: Get a glimpse into harvesting credentials/keys/secrets, etc.

2. Joe Grand's Open Lab - YouTube Live AMA #2 - May 14th: The questions keep on coming and what better way to answer them than doing it live?

3. intigriti - LHE Leaderboard 1337UP0522.

🎉 Celebrate

1. NahamCon2022 1st place team is donating their price money: Lovely!

2. Immigration progress for Cassie & team: Let's go!

3. People are posting their NahamCon merch: Cool!

4. shubs reflecting on where he came from: Yes!

5. Vickie started their new job: Have fun!

💰 Career Corner

1. Jake on turbocharging your (infosec) career: "If you want to turbocharge your infosec career, head over to the Harvard MBA reading list. [...]"

2. Job - Senior SIEM/SOAR master: US based, must be a US citizen or have your visa and live in the US. Remote position but HQ is in Cincinnati Ohio.

⚡️ From the Community

1. STÖK asks what educontent is missing in the cybersecurity space.

2. John spinning down NahamCTF infrastructure.

3. Interview with Casey Ellis - Bugcrowd, disclose.io, cybersecurity.

4. Jason is combining forces with Corben: They will be posting their stories to a newsletter.

📰 Articles & Threads

1. Jason's 100 million person data disclosure: That time he hacked a whole country by accident!

2. Jason on not relying too much on automation.

3. Corben on how simple observations can lead to finding huge vulnerabilities.

4. How s3c hacked world wide Tiktok users.

5. Hacking a Bank by Finding a 0day in DotCMS: The CVE for this issue is CVE-2022-26352.

📚 Resources

1. alex sharing their internal penetration test live.

2. Jason's resources cited in the Bug Hunter's Methodology Application analysis v1.

3. A Clipboard is All You Need to Break Into a Building - Darknet Diaries Ep. 22 - Mini-Stories Vol. 1: A penetration test gone horribly ... right?, mysterious system updates at the windfarm, and the delicate art of social engineering. This episode contains three unbelievable true stories from the dark side of the Internet.

🎥 Videos

1. Ippsec takes on HackTheBox - Unicode.

2. Bug Bounty Tools (Advanced) - Extract domains from IPs using SSL Certs: Z-Wink goes over a tool he wrote to loop over IP address ranges and extract common name and subject alternate names from certificates, then check those names to see if they are responsive, extract headers, and write this info out to a file.

3. Interview #2 - Picking a Bug Bounty Program: How Z-wink chooses a bug bounty program.

4. Crafting a Minecraft 0day: In this video he shows off his new XRay mod, go mining, almost die in the Nether and discover a vulnerability in the Minecraft Protocol.

5. HITB2019AMS KEYNOTE 2 - Securing Journalists - Runa Sandvik: Runa Sandvik joined The New York Times in 2016 to build a security program dedicated to the newsroom.

🎵 Audio

1. Bug Bounty Podcast - XSS for NFTs, a VMWare Workspace ONE UEM SSRF, and GitLab CI Container Escape: Some straight forward bugs this week with some interesting discussion around cryptographic protocols (VMWare Workspace), XSS in the Web3 world, and whether container escapes into a low-privileged VM matter. Along with a couple just note-worthy test-cases to keep in mind while bug hunting.

2. Malicious Life - Operation Sundevil and the Birth of the EFF: In May 1990, officials from several law enforcement agencies gathered in Phoenix, Arizona, to announce a nationwide crackdown on illegal computer activity.

3. The Privacy, Security, & OSINT Show #260 - Google's New Policy Change: This week they discuss Google's new data removal policy, the first issue of UNREDACTED Magazine, and numerous privacy & OSINT updates.

4. Smashing Security #273 - Password blips, and who's calling the airport?.

5. Darknet Diaries #116 - Mad Dog: Jim Lawler, aka “Mad Dog”, was a CIA case officer for 25 years. In this episode we hear some of the stories he has and things he did while working in the CIA.

Get $100 to try DigitalOcean - The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Subscribe to the Hive Five to read the rest.