43961
Happy hunting! thebugbountyhunter.com hello@thebugbountyhunter.com
Exploiting Vulnerabilities in LLM APIs
https://www.youtube.com/watch?v=FISz_pjhIOg
Sustaining Digital Certificate Security - Entrust Certificate Distrust
http://security.googleblog.com/2024/06/sustaining-digital-certificate-security.html
Live Recon: Hacking A Real Organization (with @Rhynorater)
https://www.youtube.com/watch?v=eUPou21LeEQ
Building Bridges: The Art of Effective Communication Across Teams
https://www.hackerone.com/engineering/cross-team-communication
Postviewer V3 - Racing All The Way To Glory - Eyal D.
https://eyald.com/posts/postviewer-v3-writeup
Rekt - From White Hat to Gray Area
https://rekt.news/whitehat-grayarea/
Bytecode Breakdown: Unraveling Factorio's Lua Security Flaws
https://memorycorruption.net/posts/rce-lua-factorio/
Reddit - Dive into anything
https://www.reddit.com/r/redditsecurity/comments/1dp3td7/reddit_hackerone_bug_bounty_announcement/?rdt=55999
17 vulnerabilities in Sharp Multi-Function Printers - IT Security Research by Pierre
https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html
How to build a top-class cybersecurity team—and when to outsource
https://blog.intigriti.com/2024/06/27/building-a-cybersecurity-team/
Supply Chain Attack Primer - Popping RCE Without an HTTP Request (feat 0xLupin) (Ep. 74)
https://www.youtube.com/watch?v=5bgFIP-3VqI
YesWeHack Hunter Interviews – #8 HakuPiku: “Bug hunting makes me feel like a detective”
https://www.youtube.com/watch?v=5kbHBckDZyI
Vulnerability assessment reporting: A guide for cybersecurity professionals
https://blog.intigriti.com/2024/06/26/vulnerability-assessment-reporting/
A Novel DoS Vulnerability affecting WebRTC Media Servers
https://www.rtcsec.com/article/novel-dos-vulnerability-affecting-webrtc-media-servers/
How Serialized Cookies Led to RCE on a WordPress Website
https://www.hackerone.com/vulnerability-management/wordpress-custom-theme-rce
I SCANNED EVERY BUG BOUNTY PROGRAM
https://www.youtube.com/watch?v=Se_eYMSPMEU
How i’ve found : ( IDOR + XSS ) = all USERS account takeover :) ?
zack0x01_/how-ive-found-idor-xss-all-users-account-takeover-a49d59cf5108" rel="nofollow">https://medium.com/@zack0x01_/how-ive-found-idor-xss-all-users-account-takeover-a49d59cf5108
CVE-2024-27292: docAssembling exploits for RCE
https://tantosec.com/blog/docassemble/
Virtual Escape; Real Reward: Introducing Google’s kvmCTF
http://security.googleblog.com/2024/06/virtual-escape-real-reward-introducing.html
The Only Methodology you need to Know to earn $$$$ in Bug Bounty in your First Day
xdead4f/the-only-methodology-you-need-to-know-to-earn-in-bug-bounty-in-your-first-day-e8a361c89eb5" rel="nofollow">https://medium.com/@xdead4f/the-only-methodology-you-need-to-know-to-earn-in-bug-bounty-in-your-first-day-e8a361c89eb5
Hacking for Defenders: approaches to DARPA’s AI Cyber Challenge
http://security.googleblog.com/2024/06/hacking-for-defenders-approaches-to.html
Live Recon: Live Hacking Bug Bounty Programs (3 DAYS!)
https://www.youtube.com/watch?v=zySJH0lUnNk
GitHub - bjrjk/CVE-2024-29943: A Pwn2Own SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE
https://github.com/bjrjk/CVE-2024-29943
Investing to deliver more
https://portswigger.net/blog/investing-to-deliver-more
A Guide to Get the Most Out of Your One-on-ones
https://www.hackerone.com/engineering/one-on-ones-guide
Fuzzing scripting languages’ interpreters’ native functions using AFL++ to find memory corruption and more
https://joshua.hu/aflplusplus-fuzzing-scripting-languages-natively
Hacking Large Corporations (Recon)
https://www.youtube.com/watch?v=oMTO4hAZPl0
Exploring Authorization and Authentication Vulnerabilities
https://www.redsentry.com/blog/exploring-authorization-and-authentication-vulnerabilities
IDOR: A complete guide to exploiting advanced IDOR vulnerabilities
https://blog.intigriti.com/2024/06/25/idor-a-complete-guide-to-exploiting-advanced-idor-vulnerabilities/
Kubernetes Cluster Security - Nuclei Templates v9.9.0 🎉
https://blog.projectdiscovery.io/kubernetes/