Hi friends,

Greetings from the hive!

Happy Holi! I hope you had an awesome week. Mine was pretty good, had some delicious food, and there were several sunny days. I even figured out that light-mode works wonders when working outside in bright weather.

My website received some major improvements (changelog). Most notably, I added a become a supporter section, where you can buy me a coffee, and a custom 404 page, with a random bee fact!

Some changes to the newsletter, as I didn’t like stuffing it to the brim. From now on there’ll be a maximum of 5 links per category, which lines up perfectly with my philosophy and the name, Hive Five. I’ve also added 3 new categories: changelog, people, and outside interests.
​
I have tons more in the works, so bee on the lookout.

Let’s take this week by swarm!

🐝 The Bee’s Knees

1. ​Recovering a full PEM Private Key when half of it is redacted: A write-up covering how given a partially redacted PEM, the whole private key can be recovered. The Twitter user, SAXX, shared a partially redacted private RSA key in a tweet about a penetration test where they had recovered a private key.
2. ​Mining Bitcoin on the Game Boy: In this video, they attempt to mine Bitcoin on the original Game Boy using the Raspberry Pi Pico as a link-cable to USB adapter!
3. ​TomNomNom talk about Networking Fundamentals: In Tom's own words, let’s learn a bit about networking. Slides​
4. ​Hidden OAuth attack vectors: The OAuth2 authorization protocol has been under fire for the past ten years. You’ve probably already heard about plenty of “return_uri” tricks, token leakages, CSRF-style attacks on clients, and more.
5. ​Chapter 1 Security Fundamentals - Alice and Bob Learn Application Security: Tanya and guests answer and discuss questions about chapters of her book (affiliate link).

💌 Sustain-A-Bee

​Get $100 to try DigitalOcean — the go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

🔥 Buzzworthy

📅 Events

1. ​BSides NoVA Security Conference 2021: You still have a few days to submit BSides NoVA. Northern Virginia’s Cyber Security Conference
2. ​Announcing Uber’s Bug Bounty April Promo Event​
3. ​!!Con - Call for Talk Proposals!: !!Con is back for their eighth year of celebrating the joy, excitement, and surprise of computing, and want you to submit a talk proposal.
4. ​March XSS Challenge - Intigriti: Find a way to execute arbitrary javascript on this page and win Intigriti swag.

🎉 Celebrate

1. ​Nicolas Grégoire: Company is 10 years old. Congrats!
2. ​Martijn Luyckx: Won #1 in Cyber Security Challenge Belgium. Amazing! (team: @uhasselt and @HogeschoolPXL - @jorritgerets @FeribHellscream @PinkDraconian)
3. ​Nathan Cavitt: Has his Bug Bounty Bday. What an amazing year!
4. ​Prash: Had his last day at @Hacker0x01. Excited for what’s next!
5. ​d0nut 🦀: Is feeling better and tackled a bug in resync, allowing it to run 4x faster. Yeet!

✅ Changelog

1. ​Burp Suite HTTP logger: Sneak preview of the native HTTP logger that is coming soon to Burp Suite.
2. ​BBRF v1.1.1 by Pieter: Has been released with a number of cool improvements.
3. ​SAML Raider Release 1.4.0: SAML Raider is a Burp Suite extension for testing SAML infrastructures.
4. ​OSINT VM: The 2021.1 release of the TraceLabs OSINT VM is out, this is a major release which includes a new menu, default browser change (#Chromium) and a new updater process.
5. ​Telegram Voice Chats 2.0: Channels, Millions of Listeners, Recorded Chats, Admin Tools: Voice Chats first appeared in December, adding a new dimension of live talk to Telegram groups - now, they are available in channels too.

💰 Jobs

• ​Huge InfoSec job thread by HΔKLUKΞ: For both job posters and job seekers.

📰 Articles

1. ​The Ultimate Guide to Finding and Escalating XSS Bugs: What is XSS, Cross-Site Scripting (XSS) is the most common vulnerability discovered on web applications.
2. ​APT Encounters of the Third Kind: A few weeks ago an ordinary security assessment turned into an incident response whirlwind.
3. ​One day short of a full chain: Part 3 - Chrome renderer RCE: This is the last post of a series in which I exploit three bugs that can be used to form an exploit chain from visiting a malicious website in the beta version of Chrome 86 to gain arbitrary code execution in the Android kernel.,
4. ​Thoughts on Threat Modeling: Personal views on threat modeling, how I approach threat modeling and what has worked for me (both as a Platform Security Engineer and vulnerability researcher).
5. ​Critical netmask networking bug impacts thousands of applications: Popular npm library netmask has a critical networking vulnerability, the component gets over 3 million weekly downloads.

📚 Resources

1. ​Simpsonpt/AppSecEzine: Only just found out about AppSec Ezine and it has been releasing for 7 years!
2. ​New to bounties? by bugcrowd: They created a page containing links to everything you need to know including free educational resources, researcher docs, how to find bugs, beginner resources, how to get private invites, and more.
3. ​noraj/OSCP-Exam-Report-Template-Markdown: Now you can be efficient and faster during your exam report redaction.
4. ​Abusing Data Protection Laws For D0xing & Account Takeovers: A paper on Abusing Data Protection Laws For D0xing & Account Takeovers, leading to over 5 figures in bounties.
5. ​GraphQL hacking thread by Rami: Awesome collection of GraphQL resources.

🎥 Videos

1. ​AMA - Bug Bounty with Alex Chapman (Public): Alex Chapman talks about his approach to bug hunting, why he hunts on our platform and about his favorite scene from the movie Hackers.
2. ​$Echo - Nahamcon 2021 CTF Walkthrough: Optional’s method for working through the $Echo challenge for Nahamcon 2021.
3. ​Function hooking, detours, inline asm & code caves [Game Hacking 101]: What happens if we want to do something which takes up more space than we actually have available to us?
4. ​The HackerCON: Hacking is NOT a Crime and Red Team Village “The HackerCON” streamed on Saturday, March 27, 2021.
5. ​SQL Injection - Lab #4 SQL injection UNION attack, finding a column containing text: Rana covering Lab #4 in the SQL injection track of the Web Security Academy.

🧰 Tools

1. ​cosign: Container Signing, Verification and Storage in an OCI registry.
2. ​Frogy’s Subdomain Enumeraton - It’s not yet another Subdomain Enumeration tool: Using the combination of different subdomain tools it tries to identify more subdomains using combination of bruteforce and other techniques. Warning: This is just a research project. Kindly use it with caution and at your own risk.
3. ​Sponsor kgretzky/pwndrop: pwndrop is a self-deployable file hosting service for sending out red teaming payloads or securely sharing your private files over HTTP and WebDAV.
4. ​ransom - Fraktal’s Ransomware Emulator: Command-line executable that will emulate common ransomware functions for the purpose of testing endpoint detection and response tools.
5. ​americanexpress/earlybird: EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.

💡 Tips

1. ​Хавиж Наффи 🥕: SSRF tip
2. ​Chevy Phillip: Sunday read recommendation: Web Application Security: Exploitation and Countermeasures for Modern Web Applications (affiliate link).
3. ​Rachel Tobac: Sleep Trick Thread, the trick is called Cognitive Shuffling.
4. ​Jason Haddix: Lifting the curtain, most big bug bounty hunters make the most money from their P2s/P3s/P4s at scale.
5. ​Хавиж Наффи 🥕: If you run a bruteforce and notice weird behaviours - like “/admin/” redirecting to / always investigate these.

🍯 People

Part of my #365Bees Twitter series, where I put the spotlight on someone every day.

1. ​Atul: Always sharing knowledge and know-how, active in various Discord communities.
2. ​BanjoCrashland: Demos job hunt tactics/techniques using hacker mindset + OSINT to find jobs viewers want. w/ Jacque_InTheBox
3. ​DanielMiessler: He explores the intersection of security, technology, and society. He posts great content + his podcast is a must-listen. Members get access to Slack and book club.
4. ​todayisnew: Eric crossed $1M in bounties a while ago but you’d never know it. His handle is a great reminder to focus on the gift we are given with each new day. His friendly demeanor, and automation are highly sought after.
5. ​ippsec: One of THE best FREE resources to learn hacking. He mainly covers hack the box videos, but does it in a way that’s easy to follow even for beginners. He also breaks down techniques, it’s where I learned tmux.

✅ Productivity

1. ​A Vim Guide for Advanced Users: Third part of this series aimed to help you unleash a power never seen on Earth using the Almighty Vim.
2. ​Why I’m unreachable and maybe you should be too: You may have noticed it’s practically impossible to send Pieter a message anywhere.
3. ​The next frontier after remote work is async: It’s been almost a decade now that we’ve all been promoting the benefits of remote work and location independent living.
4. ​Get better at programming by learning how things work: Although this is about getting better at programming, this can and should be the way you approach everything.
5. ​Zsh Tricks to Blow your Mind: ZSH is an alternative shell to the well-known Bash shell.

🧠 Outside Interests

1. ​Browse the Louvre’s entire collection online​
2. ​The Solution of the Zodiac Killer’s 340-Character Cipher—Wolfram Blog​
3. ​The Ancient Method That Keeps Afghanistan’s Grapes Fresh All Winter​

🐦 Tweet

🙏🏻 Support

If you enjoy this content, a quick share would be awesome.

Select links are affiliates that I get a kickback from. They must pass curation, no exceptions.​

❤️ Don't bee a stranger

I'd love to hear your thoughts! You can reach me on Twitter, or replying to this email also works.
​
Until next week, take care of yourself and each other,

securibee 🐝

​