Reward your researchers fairly - try our bug bounty calculator today!

Try our bug bounty calculator

Bug Bytes #211 – Hacking Casinos, Microsoft’s Key Mishap, Read the Docs and ImageMagick Strikes Again

By travisintigriti

September 13, 2023

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.

This issue covers the week from September 5th to September 10th

Click here to subscribe

Intigriti News

From my notebook

  1. Bug Bounty Stories (EP1): Hacking An Online Casino – Slightly different format of video, but a really interesting look into NahamSec’s process

  2. Results of Major Technical Investigations for Storm-0558 Key Acquisition – Oops from Microsoft

  3. API Security Testing using AI in Postman – Really good guide on using Postman for API hacking, instead of or with Burp

  4. Tricky Unauthenticated RCE on WordPress Media Library Assistant Plugin using a good old Imagick – Oh ImageMagick my old friend what you have you done this time

  5. Episode 35: King of Collaboration: Douglas Day – ArchAngelDDay talks about how he finds bugs, his approach and auth testing