This guide might not be for everyone and might not work for everyone, but it is what worked for me. Some of the dependencies listed may not be required, but I went ahead and added them anyway, since there are quite a few tools that require them.
I'll be using Nahamsec's lazy recon setup for this, as he has got a really great setup with most of the tools needed for recon. Plus he already has a bash profile and install script ready to go on his github.
I opted for Debian on my droplet, but the commands will also work for Ubuntu. It's possible, however, that some of the dependencies may not be needed on Ubuntu.…
Looks like we are having issues with the image hosting service, doesn't it? We'll get things sorted out here soon enough when we settle on a better image host!
In the meantime, please look out for more blogs coming soon!
B-Sides came and went. It was an awesome experience, to say the least. I know I'm getting around to writing about it pretty late in the month, but things happen.
Right away it I had a good feeling about the talks, and I wasn't even in the door yet. I decided to show up early for this one so that I could attend some interesting talks. Arriving early also meant that I could pick up all the neat swag for registering.
Network Tap Badge
After collecting the loot I checked the awesome map they had in their pamphlet to figure out where to go next. Unfortunately I wasn't able to clone myself to be able to attend…
CVE-2018-4407 is a kernel RCE caused by a heap buffer overflow affecting multiple apple devices. A patch has been released by Apple, so be sure to update before it is too late. This exploit could potentially allow attackers to run arbitraty code in the kernel. As a proof of concept, Kevin Backhouse, who initially found the vulnerability, has written up a proof-of-concept to show how you can reboot Apple devices without any user interaction. Here is the video:
Link: Bugbounty Cheatsheet
Bugbounty Cheatsheep repository is a collection of resources for new or current bug bounty hunters. Resources are seperated in to two categories; References and Vulnerabilities.
In the references column, you will find resources such as books, tools, platforms, and tips.
In the vulnerabilities column, you will see various code snippets for common vulnerabilities along with their respective applications that are affected by said vulnerabilities. You might also get some external links to blogs, write-ups, or proof of concenpts to better understand the vulnerability and how it can be implemented.
Anyone looking to get a foot in the door for bug bounty hunting, but even seasoned vets might find this repository useful. Sometimes…
Showing 1 - 5 of 16 articles.