Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.

This issue covers the week from 17 to 24 of January.

Our favorite 5 hacking items

1. Conference of the week

This is a talk I’ve been impatiently waiting for since it was announced. @fransrosen shares his methodology for breaking Web apps/APIs by using fuzzing and information disclosure.

He uses an imaginary app to show practical examples of building custom API wordlists, finding hidden endpoints, etc. An absolute must watch if you’ve ever come accross tips on Web app fuzzing and did not know how to apply them in practice.

2. Writeup of the week

This writeup shows two instances where an app seemed safe but was actually vulnerable to IDOR.

In one case, trying to access another account’s info returned an error but the information was displayed in a different location.

The second example seems weird. It involves many steps, so I am not going to try to sum it up in a sentence. But it is definitely something I will start testing for.

3. Video of the week

This is a cool interview with @Jhaddix. Watch if you want to know how he increased his bug bounty payouts and how he deals with companies that silently fix bugs as soon as they detect that he found them. He transformed an N/A report into a 15K bounty using reporting wizardry😱

4. Tools of the week

Sourcemapper is a Bash script that reconstructs JavaScript from a sourcemap. It is a reliable and fast way to retrieve JS files for further analysis (using tools like LinkFinder).

The recon pipeline is an awesome example of recon automation using Python. The tutorials are fantastic for anyone who want not only a recon tool, but mostly how to build your own.

5. Resources of the week

These are cool examples of leveraging markdown to save recon results in a Git repository and to create a testing checklist (in any Markdown note-taking app like Joplin).

It seems so obvious now but when I started using Markdown, I did not think that it could help with these two situations.

In both cases, markdown allows you to take notes that are easy to backup and are displayed in a human-friendly format.

Other amazing things we stumbled upon this week

Videos

Podcasts

Webinars & Webcasts

Conferences

Slides only

Tutorials

Medium to advanced

Beginners corner

Writeups

Challenge writeups

Pentest writeups

Responsible(ish) disclosure writeups

Bug bounty writeups

See more writeups on The list of bug bounty writeups.

If you don’t have time

ccrawlen: Python script that uses the CommonCrawl dataset API (petabytes of data!) to extrat subdomains and crawl the data to get interesting endpoints and js files

Top-Port-Slicer: Python script to give you subsets of the nmap “top-ports”. For example, I want the 10th to 100th most common TCP ports. Spits out a comma separated list you can copy into -p arg for nmap or masscan

Playwright: Node library to automate Chromium, Firefox and WebKit browsers

Rusty Hogs: A suite of secret scanners built in Rust for performance. Based on TruffleHog (https://github.com/dxa4481/truffleHog) which is written in Python

Scanner/Poc for CVE-2020-0609 & CVE-2020-0610 (BlueGate): by @MalwareTechBlog & by @ollypwn

Naabu: A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

Peirates: Kubernetes Penetration Testing tool

S3 Bucket Scraper: A tool for scraping S3 buckets on AWS

Blinder: A python library to automate time-based blind SQL injection

Pullit: Find leaked credentials on Github

ApplicationInspector: A source code analyzer by Microsoft for almost any modern language

Satellite & Introduction: A Payload and Proxy Service for Red Team Operations

SharpCookieMonster & Introduction: C# tool that dumps cookies from Chrome for all sites, even those with httpOnly/secure/session flags

Pcapinator: A tool for processing a lot of pcaps using tshark

TAS: Framework for easily manipulating the tty and creating fake binaries. Useful as a post-exploitation technique to perform privilege escalation and information gathering

Grouper2: Find vulnerabilities in AD Group Policy

Red_Team: Some scripts useful for red team activities

Zipper: A CobaltStrike file and folder compression utility

Misc. pentest & bug bounty resources

Challenges

Articles & Papers

News

Bug bounty & Pentest news

Reports

Vulnerabilities

Breaches & Attacks

Other news

Non technical

Tweeted this week

We created a collection of our favorite pentest & bug bounty related tweets shared this past week. You’re welcome to read them directly on Twitter: Tweets from 01/17/2020 to 01/24/2020.

The views and opinions expressed in this article are those of the curators and do not necessarily reflect the position of intigriti. Curated by Pentester Land & Sponsored by Intigriti

Share this: Twitter

Facebook

LinkedIn

Reddit

Telegram

WhatsApp

Email

