Bug Bytes #218 – Advent of Cyber, RCEs and hacking poems
By travisintigriti
December 6, 2023
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.
This issue covers the weeks from November 19th to December 3rd
Intigriti News
Few spots left for our next ONSITE Meetup and last of 2023 in our amazing London Offices.
We’ve launched the teaser videos for the Knights of Elektron live hacking event, a groundbreaking collaboration between IntelSecurity ProjectCircuitBreaker & Intigriti, volume one and volume two
From my notebook
TryHackMe! Advent of Cyber 2023 Kick-Off – Advent of Cyber is a free daily security challenge and walkthrough every day through December in collaboration with a ton of cyber security content creators, but we start off with John Hammond!
Where are all the RCEs? RCE case study – Another indepth case study by Bug Bounty Reports Explained, he dives deep into RCEs, I love his data driven approach
My Confusion Over Local File Inclusion – This write up is presented as a poem, it’s fun and creative
Autonomous Hacking of PHP Web Applications at the Bytecode Level – Very interesting unique look at PHP by looking at the Bytecode
Episode 403 – Does the government banning apps work? – No but it does prompt an interesting discussion around threat modelling!
Hacking PyJWT for Algorithm Confusion Attack [HackTheBox CyberMonday]
A Random $10,000 bug #bugbounty #bugbountytips #bugbountyhunter (shorts)
What is a Container Escape? (shorts)
Time spent on a target feat. @rhynorater #bugbounty #bugbountytips #bugbountyhunter (shorts)
Monitoring JS files to know first about new features feat. @rhynorater #bugbounty #bugbountytips (shorts)
Everything about full-time bug bounty – Justin “rhynorater” Gardner from @criticalthinkingpodcast
At 17, He Made $10K a Month Printing Fake IDs, But Paid a Much Higher Price🎙Ep. 104: Arya
Katie Paxton-Fear: The Importance of Content Creation in Cybersecurity Careers
The Secret Message Hackers Left Deep Inside Their Malware🎙Darknet Diaries Ep. 103: Cloud Hopper
Maxie Reynolds: From hacker to underwater data center entrepeneur
Episode 47: CSP Research, Iframe Hopping, and Client-side Shenanigans
EP150 Taming the AI Beast: Threat Modeling for Modern AI Systems with Gary McGraw
Ransomware gang reports its own crime, and what happened at OpenAI?
Beginner
Intermediate
Advanced
Security Research
Bugs
How I Found My First Website Vulnerability as a Web Pentester
Default Credentials, P1 with $$$$ Reward in a Bug Bounty Program
Google dorking is one of the best method | Hall of fame from XXX.gov
How I found a vulnerability in a Trillion Dollar Company, Amazon!
Vulnerability Exploiting Privilege Escalation Discovered in WordPress [CVE-2023–32243]
CTF challenges