👩🏽‍💻IW Weekly #9: Web3 Hacking, Leveraging Google Dorks, Python Flaws, and more…
Hey đź‘‹
Welcome to the ninth edition of Infosec Weekly - the Monday newsletter that brings the best trends in Infosec straight to your inbox.
Today’s edition is special!
We've teamed up with Nithin R, a world-class cybersecurity researcher and our past IWCON speaker, to bring you the best in Infosec. Together, we've handpicked some of the most trending articles of InfoSec Write-ups, Tweet Threads and YouTube videos, to give you a glimpse of what’s new and interesting happening in the Infosec world lately.
Sounds good? Let’s dive in👇
#1 - Intergalactic Chase of Cyber Apocalypse CTF Write up.
#Web
#2 - Want to learn about web3 hacking? Here are a few vulnerabilities and how to exploit them.
#Web3
#3 - Find how you can leverage google dorks to find sensitive information.
#Web
#4 - Learn how you can use GrayHatWarfare to find sensitive buckets and files.
#Cloud
#5 - Read this to learn about how Kerberos authentication is done in Active directory.
#ActiveDirectory
#6- Want to learn source code review? Here is part 1 about flaws that affect python.
#CodeReview
#7 - Ever wondered how an open redirection could lead to account takeover? Read this!
#Web
đź‘ľCurious Pick
In this section, you’ll find interesting Tweet Threads, articles and YouTube videos in Infosec space that caught our attention this week.
- Read this interesting Tweet Thread on how to exploit DirtyPipe on Android.
- Checkout this well constructed PoC by Horizon3 Attack Team on VMWare Authentication Bypass.
- Checkout this very cool @nahamsec’s talk titled “Would I even be here if it wasn't for the Internet? here.
That’s all for this week. Hope you enjoyed these incredible finds and learned something new from today’s newsletter.
Before we say bye…
If you found this newsletter interesting, and know other people who would too, we'd really appreciate if you could forward it to them 📨
If you have questions, comments, or feedback, just reply to this email or let us know on Twitter @InfoSecComm.
See you again next week.
Lots of love
Editorial team,