Understand Microsoft's in-depth approach to ransomware defense with @jhondarred and team's informative article on best practices and tactics.
Welcome to the #IWWeekly46 - the Monday newsletter that brings the best in Infosec straight to your inbox.
To help you out, we have 5 Articles, 4 Threads, 3 Videos, 2 GitHub Repos and Tools, 1 Job Alert in today’s newsletter. We have also featured a Beginner’s Corner this time.
Read, upskill yourself and spread love to the community 💝
Excited? Let’s jump in 👇
📝 5 Infosec Articles
- Learn about Microsoft's comprehensive approach to ransomware, including best practices and tactics, in this informative article by @jhondarred and team.
- Discover the art of finding sensitive data in Android apps with @TheRealNerdwell in this informative article on Android security.
- The indexing of website endpoints can expose sensitive information. This article by @ArmanSameer95 discusses measures to prevent privacy and security incidents.
- Get inspired by @dhakal_ananda's journey as they crack the challenging OSWE (WEB-300) by Offensive Security and share their review in this must-read article.
- Explore the findings of a month-long hack on GitHub by @Th3Pr0xyB0y and @MrRajputHacker in this revealing article on the vulnerabilities and potential threats in the platform.
🧵4 Trending Threads
- This thread features a story type Q&A Session with Robbe Van Roey (@PinkDraconian) written by @harshbothra_.
- Uncover the secrets of passive recon with Certificate Transparency in this informative thread by @intigriti.
- Learn the best methods for finding IDORs through this informative Twitter thread by @CristiVlad25.
- All the cheatsheets at one place in this amazing thread by @CristiVlad25.
📽️ 3 Insightful Videos
- @Yassineaboukir shares his knowledge on bug bounty hunter mindset in his keynote at BSides Ahmedabad 2022, hosted by @bsidesahmedabad.
- Understand the security flaw in Aurora's Rainbow bridge and the million-dollar bug bounty reward in this educational video by @gregxsunday.
- Find out the next steps after recon with @NahamSec in this helpful video answering one of the most frequently asked questions in bug bounty hunting.
⚒️ 2 GitHub repositories & Tools
- Get your blue team ready with A-poc's comprehensive collection of 50+ essential tools and resources for security professionals on GitHub.
- Echidna is a Haskell program designed for fuzzing/property-based testing of Ethereum smart contracts by @trailofbits.
💰1 Job Alert
📝 3 Infosec Articles
- All the resources to get you started on your hacker journey by @theXSSrat.
- Found API keys while testing? @0xKayala shows us how we could validate the leaked tokens using nuclei.
- Learn about the MITRE ATT&CK framework from this article by @LE0_Hak.
🧵 2 Trending Threads
- A list of google dorks for finding S3 buckets by @roohaa_n.
- Linux for hackers! @0xManan compiles ways to use Linux for penetration testing and ethical hacking.
📽️ 1 Insightful Video
- Did you know that secrets used to sign JWT can be cracked? Learn how to go about exploiting weak JWT implementation from this video by @TCMSecurity.
That’s all for this week. Hope you enjoyed these incredible finds and learned something new from today’s newsletter. Meet you again next week hacker, until then keep pushing 💪
This newsletter would not have been made possible without our amazing ambassadors.
Lots of love