🐝 Hive Five 96 – How to build a cloud hacking lab, the return of NahamSec, and remediation archeology

Hi friends,

Greetings from the hive!

Change can be good, but in this case, I'm still figuring out how I feel about it. So what am I talking about? The new GitHub search.

When something changes that's so iconic, I always have mixed feelings. Is it generally worse, or am I just experiencing friction due to change?

Let me know what you think 🙏

PS: You can also find me on Mastodon.

Let's take this week by swarm!

🐝 The Bee's Knees

1. Jack Cable finished his fellowship in the Senate via @congressfellows. He worked for the Homeland Security and Governmental Affairs Committee under Senator Gary Peters. more

2. How much money Grzegorz made in his 1st year of bug bounty? Bounty vlog #4. more

3. How to Build a Cloud Hacking Lab - How easy is it to build your own cloud hacking lab? more

4. XMPP Stanza Smuggling or How I Hacked Zoom (talk) - XMPP is a popular instant messaging protocol based on XML that is used in messengers, online games and other applications. more | Black Hat USA 2022 | Black Hat Europe 2022 | Black Hat Asia 2022

5. Security concerns with the e-Tugra certificate authority. Certificate authorities (CAs) are a critical backbone of internet security; when they are compromised, users lose the ability to securely connect to websites without fear of interception. Websites cannot insulate themselves against a fully-compromised CA, even if they normally use other CAs. more

️💪 Sponsor

Want me to write about your company? Sponsor the Hive Five.

🔥 Buzzworthy

✅ Changelog

1. Osmedeus v4.1.4 has been released with a new shortcut for storing modules, allowing you to run it much more efficiently. more

2. Deno 1.28: Featuring 1.3 Million New Modules. more

3. Cloudflare launches the automation of an isolated browser instance with just a few lines of code. more

📅 Events

1. DC44161 is having their first event on January 10th after two years of doing nothing at all with DEFCON Manchester! more

2. Rana Khalil will b e presenting at the BsidesOttawa conference on November 29th at 10:15 AM. more

3. 10 more sleeps before our PentesterLab's black Friday special! more

4. Free Microsoft Security Skills Bootcamp, with 20 interactive sessions led by Microsoft and industry experts. (28 November – 1 December 2022) more

🎉 Celebrate

1. Ali Tütüncü finished first at 1337UP1122. Congrats! more

2. PwnFunction joined Project Discovery. Let's go! more

3. Azeria submitted all her book chapters. Exciting! more

4. Sharik Khan reached a new milestone, 6601 Points @Bugcrowd , #41 Rank, with 99.3% Accuracy. Amazing! more

5. renniepak was having an insane week....and found 5 RCEs. Yahoo! more

💰 Career

1. Paul on being stuck in a job due to H1B visa, e.g. Twitter. "Hiring someone with a H1B is trivial, last I heard it cost $6K and took two weeks." more

2. 5 things to do when preparing for an interview Antonio by head of Finance at Google. more

3. Top tips for standing out as a candidate. more

4. Pick the company you work for based on the company you want to start. more

5. Jesse D'Aguanno has an opening on their team for a Senior or Principle Security Researcher. more

⚡️ Community

1. Tom decided to build out their own subdomain enum tool, inspired by G0LDEN_infosec. more

2. zseano is taking a bug bounty break and returns to dev work. more

3. Julien asks: "To all you binary fuzzers out there: what does your fuzzing infrastructure look like?" more

4. Corben is looking for insight on where do cybersecurity budgets go?! more | survey

5. NahamSec is returning to streaming, making content, and hacking full time. December 1st is going to be his last day at Hadrian. more

📰 Read

1. A few scenarios that are real threats to the integrity of Twitter over the coming weeks. more

2. Making Cobalt Strike harder for threat actors to abuse. more

3. Techniques In Email Forensic Analysis - E-mail has emerged as one of the most important applications on Internet for communication of messages, delivery of documents and carrying out of transactions and is used not only from computers but many other electronic gadgets like mobile phones. more

4. Hacking Salesforce-backed WebApps - Salesforce is a cloud-based customer relationship management (CRM) platform used by thousands of companies. more

5. SEETF 2022 Smart Contract Write-Up. more

📚 Resources

1. the-xentropy/samlistsSamlists: Free, libre, effective, and data-driven wordlists for all. more

2. nathanlesage/academics-on-mastodon: This repository contains a collection of various lists of academics on Mastodon. more

3. cipher387/OSINT-and-Cybersecurity-accounts-in-Mastodon. This repository brings together tool creators, bloggers, speakers, book authors, and other interesting Mastodon accounts. more

4. Flare-On 2022 - This directory contains write-ups with my solutions for Flare-On 2022 that was hosted by FireEye from September 30 to November 11 2022. more

5. Micah made a made a tool called SMART (Start Me Aggregated Resource Tool). It grabs data from all the OSINT-focused start.me sites and puts them in one place. more | tool

🎥 Watch

1. Firefox privacy and security hardening guide (2022 revised edition). more

2. Taggart is trying out Caido, a new web proxy. more

3. Bounty Hacker Walkthrough - TryHackMe. more

4. Certificates of Authority: Do you really understand how SSL / TLS works? more

5. Kernel Exploitation on HEVD #5: Use-After-Free. more | blog post

🎵 Listen

1. Day[0] 167 - Bypassing Pixel Lock Screens and Checkmk RCE - A Pixel Lockscreen bypass and some discussion about dupes in bug bounty, then a long RCE chain, and a look at client-side path traversals. more

2. A new podcast called 404 Security Not Found. Join security experts Travis McPeak, Anna Westelius, William Bengtson and Leif Dreizler as they talk all things cybersecurity. more

3. Darknet Diaries Ep. 128: Gollumfun Part 1 - Beanie Babies Were the Gateway to a Life of Cyber Crime. more

4. The Privacy, Security, & OSINT Show 284 - Password Managers & 2FA Revisited - This week I revisit the importance of password managers and 2FA, and offer new Bitwarden strategies for daily usage. more

5. Risky Business #685 - Australia releases the hounds, and it might just work. more

Get $100 to try DigitalOcean. The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have **every cloud resource you need** at an affordable price.

Subscribe to the Hive Five to read the rest.