👩‍💻Thick Client Pentest, Out-of-band XXE, Bug Hunting Resources, RDP, LogonTypes, PowerShell Commands, and many more…

10 tricks and fun facts about Active Directory shared by @simondotsh.

Hey 👋

Welcome to the #IWWeekly24 - the Monday newsletter that brings the best in Infosec straight to your inbox.

This week’s NL is brought to you by RE:HACK.

Here's a word from our sponsor:

RE:HACK is a Malaysian cybersecurity company dedicated to providing high quality services and research. To learn more about us, visit here.

Coming back to today's NL, we have added some beginner-friendly resources as well. Let us know if you like them or have some suggestions. Here are our top picks for this week: 7 articles, 6 Threads, 5 videos, 2 Github repos and tools, 1 job alert to help you maximize the benefit from this newsletter and take a massive jump ahead in your career.

Excited? Let’s dive in👇

📝 7 Infosec Articles (5+ 2 beginner-friendly)

#1 Read about this beautiful art of escalation of your bug’s impact from p4 straight to p2 or p1 in @Mahmoud Youssef’s blog where he escalated the bug and exploited Out-of-band XXE.

#2 If research is poorly explained or under-hyped, you can sometimes have major success simply by applying it. @James Kettle shares great tips in a case study on how to turn security research into profit?

#3 Read about Thick Client and its pentesting in this new blog where @Viraj Mota provides a security test case and a set of tools that we require while performing Thick Client Pentest.

#4 This detailed android security blog by @Redhuntlabs shows the security posture of the apps we scanned and how the implications may impact developers and end users by highlighting our approach, findings, and conclusions.

#5 A new attack technique called ‘GIFShell’ that allows threat actors to abuse Microsoft Teams for novel phishing attacks and covertly executing commands to steal data using GIFs shared by @Lawrence Abrams.

Beginner-friendly -

#6 Are you a beginner bug hunter? @Mohsin Khan, an active full time bug hunter shared some great tips and answered the most asked question: What would I do if I start bug hunting from 0 again?

#7 Fuzzing: A great technique for finding numerous vulnerabilities. Read about how you can fully utilize Fuzzing’s power and hit bugs effectively in Fuzzing 101 by @Samarth.

🧵6 Trending Threads (4 + 2 beginner-friendly)

#1 10 tricks and fun facts about Active Directory shared by @simondotsh that you’d find useful.

#2 Congrats to @Johan Carlsson for his great achievements on hunting at Gitlab, and so he happily shared some tips for the bughunters out there looking for how and from where to start.

#3 @Dray Agha shares his valuable findings about RDP, Network Layer Authentication, LogonTypes and brute forcing.

#4 Hunt for suspicious #Powershell in your environment! A Thread about encoded PowerShell commands. Various Threat Actors use this to obfuscate their activities by @BurtJanCyber.

Beginner-friendly -

#5 Polyglot files leading to RCE? A great thread by @Nithin R where he shares about when a server is attempting to prevent Content-Type/Extension bypasses, you can upload a polyglot file to get RCE.

#6 Confused picking up programs to hunt on? @Z-wink shares how he picked up the programs to start working on for bug hunting.

📽️ 5 Insightful Videos (3 + 2 beginner-friendly)

#1 @gregxsunday has made a detailed video explaining the new research by @albinowax on client-side desync vulnerabilities.

#2 @0xdf’s new video provides a list of instructions which show how two inputs are combined with one of several operations to make an output. The video challenge is to find the value at a given output.

#3 Python Flask Web Servers’s Debug mode, if left opened or unconfigured by developers can be dangerous which can lead to application being compromised. A great explanation by @John Hammond.

Beginner-friendly -

#4 Second video in the smart contract series by @Nahamsec in collaboration with @HalbornSecurity where we learn the basics of creating and deploying smart contracts and NFTs.

#5 If you're looking to get your career started in cybersecurity, this guide should walk you through the 2022 roadmap to an entry-level cyber security job by @Zach.

⚒️ 2 GitHub Repositories & Tools

#1 @quillaudits has a GitHub repository that lays out the roadmap to becoming a Smart contract auditor.

#2 The latest release of Arjun, a tool that can find query parameters for URL endpoints by @s0md3v.

💰1 Job Alert

#1 Bugcrowd has a job opening for the manager of security operations.

Experience required: 2-3 years

Job location: Remote

💸Advertise with us💸

We are looking to partner with amazing infosec, pen testing, and ethical hacking teams, brands, and companies from all over the world. If this sounds like you, click here to partner with us.

—----------------------------------------------------------------------------------

That’s all for this week. Hope you enjoyed these incredible finds and learned something new from today’s newsletter.

Before we say bye…

If you found this newsletter interesting, and know other people who would too, we'd really appreciate if you could forward it to them 📨

If you have questions, comments, or feedback, just reply to this email or let us know on Twitter @InfoSecComm.

See you again next week.

Lots of love

Editorial team,

Infosec Writeups

This newsletter has been created in collaboration with our amazing ambassadors.

Resource contribution by: Ayush Singh, Bimal K. Sahoo, Vinay Kumar, Manikesh Singh, Pramod Kumar Pradhan, Nikhil Memane, and Mohit Khemchandani.

Newsletter formatting by: Hardik Singh, Siddharth, and Ayush Singh.