43961
Happy hunting! thebugbountyhunter.com hello@thebugbountyhunter.com
5 Lessons That Made Me $1M Since 2022
https://www.youtube.com/watch?v=AR_FbrSy5hc
HackerOne’s Commitment to Learning and Development
https://www.hackerone.com/culture-and-talent/hackerones-commitment-learning-and-development
AWS Pentesting: IAM Privilege Escalation via Rollback Policy
https://rodelllemit.medium.com/aws-pentesting-iam-privilege-escalation-via-rollback-policy-62bc8ba6be51
Sensitive Data Exposure in a Moodle Config File
mrcix/sensitive-data-exposure-in-a-moodle-config-file-648ca3d54676" rel="nofollow">https://medium.com/@mrcix/sensitive-data-exposure-in-a-moodle-config-file-648ca3d54676
Intigriti CTF 2024 - 1337 UP - Live Hacking Talks [5f336e6a30795f]
https://www.youtube.com/watch?v=BKXfrNwrcqQ
Unpatched Remote Code Execution in Gogs
https://fysac.github.io/posts/2024/11/unpatched-remote-code-execution-in-gogs/
Pentesting for iOS Mobile Applications
https://www.hackerone.com/penetration-testing/ios-mobile-applications
Hop-Skip-FortiJump-FortiJump-Higher - Fortinet FortiManager CVE-2024-47575
https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/
Safer with Google: New intelligent, real-time protections on Android to keep you safe
http://security.googleblog.com/2024/11/new-real-time-protections-on-Android.html
Fault Injection - Down the Rabbit Hole - hn security
https://security.humanativaspa.it/fault-injection-down-the-rabbit-hole/
Visionaries Have Democratised Remote Network Access - Citrix Virtual Apps and Desktops (CVE Unknown)
https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/
How Hai Facilitates Clear and Effective Communication
https://www.hackerone.com/ai/hai-facilitates-effective-communication
Do This For Your First $100,000 in Bounties
https://www.youtube.com/watch?v=QEQ8JENCnNM
Bypass GuardDuty Pentest Findings for the AWS CLI - Hacking The Cloud
https://hackingthe.cloud/aws/avoiding-detection/guardduty-pentest/
Submission retesting is here
https://blog.intigriti.com/changelog/submission-retesting-is-here
Research Case Study: Supply Chain Security at Scale – Insights into NPM Account Takeovers - Laburity
https://laburity.com/research-npm-account-takeovers/
Exploring the DOMPurify library: Bypasses and Fixes. Tags:Article - Article - Web - mXSS
https://mizu.re/post/exploring-the-dompurify-library-bypasses-and-fixes
How I hacked 100 hackers
corneacristian/how-i-hacked-100-hackers-5c3c313e8a1a" rel="nofollow">https://medium.com/@corneacristian/how-i-hacked-100-hackers-5c3c313e8a1a
These Two Tools Helped Me Earn $40K in Bounties
alwalxed/these-two-tools-helped-me-earn-40k-in-bounties-8c688b9deccd" rel="nofollow">https://medium.com/@alwalxed/these-two-tools-helped-me-earn-40k-in-bounties-8c688b9deccd
Retrofitting spatial safety to hundreds of millions of lines of C++
http://security.googleblog.com/2024/11/retrofitting-spatial-safety-to-hundreds.html
A beginner's roadmap for playing CTFs: 10 practical tips for beginners
https://blog.intigriti.com/hacking-tools/a-beginner-s-roadmap-for-playing-ctfs-10-practical-tips-for-beginners
When IoT hacking meets Indiana Jones!
https://www.youtube.com/watch?v=0E85Y5_9m4U
The cyber threat landscape part 1: Enhancing cybersecurity strategies
https://blog.intigriti.com/business-insights/the-cyber-threat-landscape-part-1-enhancing-cybersecurity-strategies
The Problem with IoT Cloud-Connectivity and How it Exposed All OvrC Devices to Hijacking
https://claroty.com/team82/research/the-problem-with-iot-cloud-connectivity-and-how-it-exposed-all-ovrc-devices-to-hijacking
Ruby SAML CVE-2024-45409: As bad as it gets and hiding in plain sight — WorkOS
https://workos.com/blog/ruby-saml-cve-2024-45409
Top 4 new attack vectors in web application targets
https://blog.intigriti.com/hacking-tools/top-4-new-attack-vectors-in-web-application-targets
262 - Static Analysis, LLMs, and In-The-Wild Exploit Chains
https://dayzerosec.com/podcast/262.html
Google dorking for beginners: how to find more vulnerabilities using Google search
https://blog.intigriti.com/hacking-tools/google-dorking-for-beginners-how-to-find-more-vulnerabilities-using-google-search
Tales of the Crimson Foes
https://therealunicornsecurity.github.io/CrimsonFoes/
Parrot Anafi Drone Reverse Engineering | HardBreak
https://www.hardbreak.wiki/network-analysis/protocols/application-layer/proprietary-protocols/parrot-anafi-drone-reverse-engineering