43247
Happy hunting! thebugbountyhunter.com hello@thebugbountyhunter.com
⏳ Time is ticking! Black Friday is your chance to get Burp Bounty Pro for just €79/year – save €40.
🎯Advanced customization, faster audits, and the power to detect vulnerabilities with less effort.
🔗Don’t wait! https://bountysecurity.ai/pages/burp-bounty
Hack My Career: Harley Kimball’s Journey to DEFCON
https://www.hackerone.com/culture-and-talent/hack-my-career-harley-kimballs-journey-defcon
How the Great Firewall of China Uses DNS Poisoning
https://www.youtube.com/watch?v=BUbCkUVaFFY
SSD Advisory - ksthunk.sys Integer Overflow (PE) - SSD Secure Disclosure
https://ssd-disclosure.com/ssd-advisory-ksthunk-sys-integer-overflow-pe/
Crafting your bug bounty methodology: A complete guide for beginners
https://blog.intigriti.com/hacking-tools/crafting-your-bug-bounty-methodology-a-complete-guide-for-beginners
Extending Burp Suite for fun and profit – The Montoya way – Part 8 - hn security
https://security.humanativaspa.it/extending-burp-suite-for-fun-and-profit-the-montoya-way-part-8/
REverse Tactics
https://www.reversetactics.com/publications/2024_conf_grehack_virtualbox/
264 - Linux Is Still a Mess and Vaultwarden Auth Issues
https://dayzerosec.com/podcast/264.html
Reversing an Insecure 2FA Generation Algorithm - "Secure Bank" [INTIGRITI 1337UP CTF 2024]
https://www.youtube.com/watch?v=d7fdWoYOGaw
Ruby 3.4 Universal RCE Deserialization Gadget Chain / nastystereo.com
https://nastystereo.com/security/ruby-3.4-deserialization.html
PentesterLab Blog: How JWT Libraries Block Algorithm Confusion: Key Lessons for Code Review
https://pentesterlab.com/blog/jwt-algorithm-confusion-code-review-lessons
The OAuth Oversight: When Configuration Errors Turn into Account Hijacks
nightcoders0/the-oauth-oversight-when-configuration-errors-turn-into-account-hijacks-5ed1f9c83d16" rel="nofollow">https://medium.com/@nightcoders0/the-oauth-oversight-when-configuration-errors-turn-into-account-hijacks-5ed1f9c83d16
The cyber threat landscape part 3: Evolving attack techniques and tactics
https://blog.intigriti.com/business-insights/the-cyber-threat-landscape-part-3-evolving-attack-techniques-and-tactics
Prototype Pollution in NASAs Open MCT CVE-2023-45282
https://visionspace.com/prototype-pollution-in-nasas-open-mct-cve-2023-45282/
Navigating the Leap: My Journey from Software Engineering to Offensive Security | OffSec
https://www.offsec.com/blog/navigating-the-leap-my-journey-from-software-engineering-to-offensive-security/
The cyber threat landscape part 4: Emerging technologies and their security implications
https://blog.intigriti.com/business-insights/the-cyber-threat-landscape-part-4-emerging-technologies-and-their-security-implic
Android's CVE-2020-0238 (AccountTypePreferenceLoader)
https://pwner.gg/blog/Android's-CVE-2020-0238
Introduction to Fuzzing Android Native Components
https://blog.convisoappsec.com/en/introduction-to-fuzzing-android-native-components/
DEF CON 32 - Gotta Cache ‘em all bending the rules of web cache exploitation - Martin Doyhenard
https://m.youtube.com/watch?v=70yyOMFylUA
Brainstorm Tool Release: Optimizing Web Fuzzing With Local LLMs
https://www.invicti.com/blog/security-labs/brainstorm-tool-release-optimizing-web-fuzzing-with-local-llms/
Brainstorm Tool Release: Optimizing Web Fuzzing With Local LLMs
https://www.invicti.com/blog/security-labs/brainstorm-tool-release-optimizing-web-fuzzing-with-local-llms/
Capital One Launches Public Bug Bounty Program with HackerOne
https://www.hackerone.com/customer-stories/capital-one-public-bug-bounty
At Patchstack we launched a Black Friday special #bounty event 🛒
📅 When: 26 Nov to 08 Dev
🛍️ What: WooCommerce and alternatives, payment gateways, and plugins extending eCommerce functionality
🔒 CVSS: 6.4+
📈 Installs: 50+ active installs
Learn more patchstack.com/bug-bounty/
The Blueprint to Your First $1,000+ Bounty
https://www.youtube.com/watch?v=8DnphDtFt3Y
🔥 Black Friday is here! Get Burp Bounty Pro for just €79/year – save €40!
Optimize your web vulnerability scans with advanced customization and faster audits.
⏳Offer valid until Cyber Monday! https://bountysecurity.ai/pages/burp-bounty
From Prospect to Partner: Jon Stone Shares HackerOne Career Story
https://www.hackerone.com/culture-and-talent/prospect-partner-jon-stone-shares-hackerone-career-story
Breaking out of VRChat using a Unity bug
https://khang06.github.io/vrcescape/
Robots.txt, Hash Cracking and Path Traversal - "Pizza Paradise" [INTIGRITI 1337UP CTF 2024]
https://www.youtube.com/watch?v=qPxKyYrf9p4
Complete guide to finding more vulnerabilities with Shodan and Censys
https://blog.intigriti.com/hacking-tools/complete-guide-to-finding-more-vulnerabilities-with-shodan-and-censys
Wiz observes CVE-2024-0012 and CVE-2024-9474 exploitation | Wiz Blog
https://www.wiz.io/blog/cve-2024-0012-pan-os-vulnerability-exploited-in-the-wild