Bug Bytes #192 – Post-recon blues, a lesson in Rust and fuzzing open source
By travisintigriti
February 15, 2023
Last updated on March 6, 2025
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.
This issue covers the weeks from February 6th to February 12th
Intigriti News
Ubisoft join us with their VDP why not take a look and skill up your game hacking?
From my notebook
Hi everyone! I’m back! I took 2 weeks off while I adjusted to the new semester here. inthe UK, but we’re back so let’s check out this week’s top 5…
CyberSecurity Journey With @HarshBothra | Hacker2Hacker | SSRF
Solving a VM-based CTF challenge without solving it properly
Other Amazing Things
$1mln – Generating ETH from thin air – Aurora rainbow bridge
Why you should try bug bounty hunting with application analysis!
@PatrickAlphaC Web3 Education, Auditing and Advice for New Engineers in Web3
Announcing Nuclei Cloud – SaaS platform built on the top of Nuclei – @emgeekboy
Hey fam, What are some of the best shodan resources you all have seen? – @Jhaddix
Bypassing SameSite=lax cookie restrictions to preform CSRF resulting to a horizontal privilege
Blind Time-based SQL injection vulnerability in an Indian government website
SSRF That Allowed Us to Access Whole Infra Web Services and Many More
How I Was Able to Takeover User Accounts via CSRF on an E-Commerce Website
The truth behind the 3rd argument for exploiting the Webexservice
Finding Treasures in Github and Exploiting AWS for Fun and Profit — Part 1
Does it really helps? Partially redacting account numbers contained in the credit report.
SSRF in redacted.com: How I Found and Reported a Vulnerability
Firefly: a smart black-box fuzzer for web applications testing
S3BucketList – Firefox plugin that lists Amazon S3 Buckets found in requests.
You may also like
May 30, 2026
Intigriti Bug Bytes #236 - May 2026 🚀
Welcome to the latest edition of Bug Bytes! In this month's issue, we'll be featuring: Earning $148K via RCE in Google Cloud How public Google API keys became Gemini credentials Our first official Burp Suite extension Two new bypasses for Chrome's Sanitizer API One-click account takeover from a
April 24, 2026
Intigriti Bug Bytes #235 - April 2026 🚀
Welcome to the latest edition of Bug Bytes! In this month's issue, we'll be featuring: Compromising an NPM package with 40M weekly downloads Bypassing Cloudflare WAF for a full ATO 20-part series on exploiting JWT vulnerabilities First Intigriti Bug Bounty Meetup And so much more! Let's dive
March 27, 2026
Intigriti Bug Bytes #234 - March 2026 🚀
Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring: Earning $180K via SSRFs Free Burp Suite Pro licenses for top hackers Bypassing tricky file upload restrictions Injecting malicious code into AI coding assistants And so much more! Let’s dive in! We've team