Like most home Internet connections, my Internet service provider doesn’t give me a public IP address on which I could expose anything to the Internet. When I need to, I’m using a VPS. Pretty much the only reason I’m paying for it is because a few times a month, I...
Articles by Issue
Recon – tools for wildcard scope vs open scope
In the survey I mentioned in the intro, a lot of you said that you struggle with recon and you’d like more tips about that. Here is a great article by Golden where he wrote down concrete tools that he uses for recon. What I like about it is how he divided which ones...
3 cool bugs from 0xLupin’s H@cktivitycon talk
Roni Carta presented a few vulnerabilities on Hacktivitycon during the H1-702 Live Hacking Event in Las Vegas. I think it not only has great bugs in it but also it’s a fantastic example of how to make a technical presentation that’s also engaging and funny. Here are...
Excellent bug bounty tips from @Rhynorater
Justin Gardner recently wrote Twitter threads with excellent tips, some of them very uncommon. The first one was about a couple of things that he always checks when looking at a web application . The whole thread is really good but two things caught my attention: The...
How to avoid being overwhelmed when reviewing the code?
The beginning of a new project can be very overwhelming - you don’t know what your target does, what technologies they use and you have no idea what bugs you should expect. The source code, although generally helps, can sometimes be even more confusing. Especially if,...
SSRF – Case study of 124 bug bounty reports
In theory, SSRF is a really simple vulnerability class - you can make requests to arbitrary locations. In practice, however, it’s often more complex. Where to look for SSRFs? What parameters are most likely to be vulnerable? Do we actually need all those complex...
HACKING GOOGLE
HACKING GOOGLE is a video series on YouTube from Google about Google’s security - what teams they have, what are they doing, and what are their responsibilities. It’s really nicely filmed and edited - without a question, by a professional filmmaker. Don’t, however,...
Preparing a resume
Shawn Thomas, Director of Forensics and IR at Yahoo!, created a thread about preparing a resume. Among other tips, he recommends you to put things like labs, side projects, CTFs, and similar if you have no practical experience relevant to the job. I believe that’s one...
A tool for Nginx bugs and misconfigs
Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities. I’m happy to see it because I’m quite bad with all the bugs having to do with reverse proxies and Nginx is one of most popular ones. https://github.com/stark0de/nginxpwner
Submitting High Quality Bug Bounty Reports – Tips from Behind the Curtain
Roy Davis is a security researcher and engineer with 20 years of pentesting and programming experience. He’s now managing Zoom’s bug bounty program and has some things to share with us about the bug bounty report lifecycle in a talk called “Submitting High Quality Bug...