Bug Bytes #192 – Post-recon blues, a lesson in Rust and fuzzing open source
By travisintigriti
February 15, 2023
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.
This issue covers the weeks from February 6th to February 12th
Intigriti News
Ubisoft join us with their VDP why not take a look and skill up your game hacking?
From my notebook
Hi everyone! I’m back! I took 2 weeks off while I adjusted to the new semester here. inthe UK, but we’re back so let’s check out this week’s top 5…
CyberSecurity Journey With @HarshBothra | Hacker2Hacker | SSRF
Solving a VM-based CTF challenge without solving it properly
Other Amazing Things
$1mln – Generating ETH from thin air – Aurora rainbow bridge
Why you should try bug bounty hunting with application analysis!
@PatrickAlphaC Web3 Education, Auditing and Advice for New Engineers in Web3
Announcing Nuclei Cloud – SaaS platform built on the top of Nuclei – @emgeekboy
Hey fam, What are some of the best shodan resources you all have seen? – @Jhaddix
Bypassing SameSite=lax cookie restrictions to preform CSRF resulting to a horizontal privilege
Blind Time-based SQL injection vulnerability in an Indian government website
SSRF That Allowed Us to Access Whole Infra Web Services and Many More
How I Was Able to Takeover User Accounts via CSRF on an E-Commerce Website
The truth behind the 3rd argument for exploiting the Webexservice
Finding Treasures in Github and Exploiting AWS for Fun and Profit — Part 1
Does it really helps? Partially redacting account numbers contained in the credit report.
SSRF in redacted.com: How I Found and Reported a Vulnerability
Firefly: a smart black-box fuzzer for web applications testing
S3BucketList – Firefox plugin that lists Amazon S3 Buckets found in requests.
You may also like
October 31, 2025
Intigriti Bug Bytes #229 - October 2025 🚀
Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring: Cool trick to find disclosed secrets in internal web extensions A repository full of WAF bypasses Hacking Intercom misconfigurations Wayback Machine for hackers And so much more! Let’s dive in! October’s
September 12, 2025
Intigriti Bug Bytes #228 - September 2025 🚀
Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring: A common (yet unknown) SSRF attack vector in Next.js Middleware Exploiting PDF processors by generating and uploading malicious PDF payload files A full reconnaissance breakdown on how to approach any target
August 15, 2025
Intigriti Bug Bytes #227 - August 2025 🚀
Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring: Evading WAFs like Cloudflare, Akamai & AWS Cloudfront Creating your complete bug bounty automation system A powerful, targeted backup file scanner Bypassing CSP to achieve XSS via a cool trick with PDF file