Bug Bytes #206 – Citrix more like Crit-trix amiright?
By travisintigriti
July 5, 2023
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.
This issue covers the week from June 26th – July 2nd.
Intigriti News
From my notebook
Reversing Citrix Gateway for XSS and Advisory: Citrix Gateway Open Redirect and XSS (CVE-2023-24488) – You’ve likely already seen this as it’s hit social media over the weekend but just in case you missed it!
Scale Your Cloud Infrastructure (Hosting CTFs) – Really interesting look to what goes into running a CTF event!
The Power of Bug Bounty Automation with Nenad Zaric – The founder of Trickest talks about workflows, recon and data for bug bounty hunters!
Episode 25: 2xMVH & Multi-million dollar hacker Inhibitor181 – There’s some great strategy/how to approach a target information in this episode with Inhibitor181, definitely a must listen!
Testing GraphQL APIs | Web Security Academy – Portswigger add some GraphQL labs to their free Web Security Academy
Road to Most Valuable Hacker and working while travelling the world
How Hackers Use netsh.exe For Persistence & Code Execution (Sliver C2)
The most common vulnerabilities found in Bug Bounty! (shorts)
MOVEit Transfer Exploitation (my API presentation recording)
The Evolution of Offensive Security: Insights from Dave Mayer
Rachel Giacobozzi on the Art of Threat Intelligence Storytelling
NO. 388 — Context Reflections, Critical Thinking, China’s Decline, and NFC
Email From Bounty Program About (New Target Added) 4-5 min later => P1 for a Auth Bypass….
I got lucky and won the first place in Meta Bug Bounty Researcher Conference
The best time to start bug bounty was 10 years ago. The second best time is now.
I made a simple but super efficient tool to create these kinds of permutations used for fuzzing.
Beginner
Intermediate
Bug Bounty Hunter — Understanding SAML vulnerabilities (XSW Attacks)
Setup an Android Pen Testing Lab with Frida-Tools, Objection, Frida Server, and Bypass SSL Pinning
How improper OTP implementation could lead to Account Take Over (Part 4)
Unmasking Server IPs Protected by WAF: Unveiling Hidden Information with CloudBunny
Advanced
Security Research
Hacking Auto-GPT and escaping its docker container | Positive Security
Finding Gadgets for CPU Side-Channels with Static Analysis Tools
CVE-2023-26258 – Remote Code Execution in ArcServe UDP Backup – MDSec
Process Mockingjay: Echoing RWX In Userland To Achieve Code Execution
Using an Unimpressive Bug in EDK II to Do Some Fun Exploitation
zCamera, 100M+ installation app, from remote compromise to data leaks
Bugs
How i got more than 100 vulnerabilities in just one site? (zseano-challenge)
How i was able to get Account Takeover via Insecure Data Storage and WebView With Exported Activity
Inside the Invite Function: Uncovering a Potential Vulnerability of Invite User
How I get 1000$ bounty for Discovering Account Takeover in Android Application
Unveiling Hidden Treasures: How I Earned my First Information Disclosure Bounty Reward
How BAC(Broken Access Control) got me a Pre Account Takeover
[ BUG BOUNTY ] How I Get 2580$ USD From Blind SQL Injection [Indonesian]
Account Takeover: Unraveling IDOR + Stored XSS Flaws in an NFT Marketplace
My first two valid and rewarded Web Cache Deceptions, earning $2250
CTF challenges
GitHub – AdvDebug/NoMoreCookies: Browser Protector against various stealers, written in C# & C/C++.
Artemis – A Modular Web Reconnaissance Tool And Vulnerability Scanner
You may also like
Intigriti Bug Bytes #219 - December 2024 🎅
December 13, 2024
Bug Bytes #218 – Advent of Cyber, RCEs and hacking poems
December 6, 2023