3 min read

👩‍💻$6000 from Microsoft, WAF Bypass, Manual Exploitation, Nuclei Guide, Admin Panel and much more...

👩‍💻$6000 from Microsoft, WAF Bypass, Manual Exploitation, Nuclei Guide, Admin Panel and much more...

This CRLF to XSS bug chain resulted in a $6000 bounty from Microsoft.

Hey 👋

Welcome to the #IWWeekly29 - the Monday newsletter that brings the best in Infosec straight to your inbox.

Before we dive in, we’re curious to know if you checked out the speaker line up of IWCON - the world's largest virtual cybersecurity conference and networking event 😍🙌

The dates are 17th-18th December, 2022, and it’s going to be even bigger than the last time🔥

Click here to check out the event details and book your seats before they’re gone! (You really don’t want to miss out)

Coming back to today's NL, here are our top picks for this week: 7 articles, 6 Threads, 5 videos, 2 GitHub repos and tools, 2 job alerts to help you maximize the benefit from this newsletter and take a massive jump ahead in your career.

Excited? Let’s jump in👇

📝 7 Infosec Articles (5+ 2 beginner-friendly)

#1 Automated tools miss a lot of bugs. Checkout how @c0nqr0r uses manual exploitation which leads to an error based SQLi with WAF bypass.

#2 postMessage() bugs can lead to some serious bounties, @Rhynorater shares some tips and tools on exploiting postMessages.

#3 Read this well crafted article by @Kostastsale that demonstrates how threat emulation can be used for threat hunting.

#4 Web application firewalls might be the last thing in your way from getting a completely working exploit. Checkout this article by @yeswehack on how to bypass WAFs.

#5 Read to understand how @thecyberneh found a CRLF to XSS bug chain which resulted in a $6000 bounty from Microsoft.

Beginner-friendly -

#1 The ultimate guide to finding bugs with nuclei, a detailed blog post by the @pdiscoveryio team.

#2 @cowdex shares his methodology to learn web vulnerabilities effectively.


#1 @_zwink shares his manual approach on a recently reflected XSS he found on a mature target.

#2 @0xmahmoudJo0 sums up some simple tricks that he used to get access to an admin panel in this thread.

#3 A thread by @AppSecEngineer on how customizability and flexibility in Nuclei sets it apart from other vulnerability scanners.

#4 Some live hacking event tips from @Rhynorater who has ranked in the top 5 in his last 5 HackerOne live events.


Beginner-friendly -

#1 A list of recon methodologies compiled into a thread by @Mah3Sec_

#2 Application DOS through unfinished image contents by @shrekysec


📽️ 5 Insightful Videos (3 + 2 beginner-friendly)

#1 Learn how to submit high quality bug bounty reports from @Hack_All_Things, lead security engineer and bug bounty program manager at Zoom.

#2 Think UUIDs don’t follow a pattern? Watch @0xLupin’s talk on how he was able to guess a user’s UUID to perform full account takeover and other quirky bugs.

#3 Watch the demo of PHP EAR to SQLi, an SQLi that @kuldeepdotexe found on Synack Red team client.

Beginner-friendly -

#1 @hackersden_ talks about hacking and securing iOS applications for beginners.

#2 @Farah_Hawaa takes us through the experience of attending the the @bsidesahmedabad conference.


⚒️ 2 GitHub repositories & Tools

#1 Kyuubi is a telegram bot written in golang that can be used in the recon process by @R007_BR34K3R

#2 Nuclei template for CVE-2022-40684 which grants SSH access without any interaction to vulnerable FortiOS instances by @naglinagli



💰2 Job Alerts

#1 Job opening for the role of Security Engineer at BugBase.

#2 Apply for the role of Security engineer and Security Analyst at Zomato, take a look at this tweet for job responsibilities.  

💸Advertise with us💸

We are looking to partner with amazing infosec, pen testing, and ethical hacking teams, brands, and companies from all over the world. If this sounds like you, click here to partner with us.

—----------------------------------------------------------------------------------


That’s all for this week. Hope you enjoyed these incredible finds and learned something new from today’s newsletter.

Before we say bye…

If you found this newsletter interesting, and know other people who would too, we'd really appreciate if you could forward it to them 📨

If you have questions, comments, or feedback, just reply to this email or let us know on Twitter @InfoSecComm.

See you again next week.

Lots of love

Editorial team,

Infosec Writeups

This newsletter has been created in collaboration with our amazing ambassadors.

Resource contribution by: Ayush Singh, Bimal K. Sahoo, Manikesh Singh, Mohit Khemchandani, Nikhil Memane, Tuhin Bose and Vinay Kumar.

Newsletter formatting by: Nithin R, Hardik Singh, Vinay Kumar, and Siddharth.