Bug Bytes #192 – Post-recon blues, a lesson in Rust and fuzzing open source
By travisintigriti
February 15, 2023
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.
This issue covers the weeks from February 6th to February 12th
Intigriti News
Ubisoft join us with their VDP why not take a look and skill up your game hacking?
From my notebook
Hi everyone! I’m back! I took 2 weeks off while I adjusted to the new semester here. inthe UK, but we’re back so let’s check out this week’s top 5…
CyberSecurity Journey With @HarshBothra | Hacker2Hacker | SSRF
Solving a VM-based CTF challenge without solving it properly
Other Amazing Things
$1mln – Generating ETH from thin air – Aurora rainbow bridge
Why you should try bug bounty hunting with application analysis!
@PatrickAlphaC Web3 Education, Auditing and Advice for New Engineers in Web3
Announcing Nuclei Cloud – SaaS platform built on the top of Nuclei – @emgeekboy
Hey fam, What are some of the best shodan resources you all have seen? – @Jhaddix
Bypassing SameSite=lax cookie restrictions to preform CSRF resulting to a horizontal privilege
Blind Time-based SQL injection vulnerability in an Indian government website
SSRF That Allowed Us to Access Whole Infra Web Services and Many More
How I Was Able to Takeover User Accounts via CSRF on an E-Commerce Website
The truth behind the 3rd argument for exploiting the Webexservice
Finding Treasures in Github and Exploiting AWS for Fun and Profit — Part 1
Does it really helps? Partially redacting account numbers contained in the credit report.
SSRF in redacted.com: How I Found and Reported a Vulnerability
Firefly: a smart black-box fuzzer for web applications testing
S3BucketList – Firefox plugin that lists Amazon S3 Buckets found in requests.
You may also like
November 21, 2025
Intigriti Bug Bytes #230 - November 2025 🚀
Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring: Finding an RCE using AI in GitHub CORS exploitation cheat sheet Scanning codebases with AI Bypassing paywalls SSTIs in AI models And so much more! Let’s dive in! We are thrilled to announce that Inti
October 31, 2025
Intigriti Bug Bytes #229 - October 2025 🚀
Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring: Cool trick to find disclosed secrets in internal web extensions A repository full of WAF bypasses Hacking Intercom misconfigurations Wayback Machine for hackers And so much more! Let’s dive in! October’s
September 12, 2025
Intigriti Bug Bytes #228 - September 2025 🚀
Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring: A common (yet unknown) SSRF attack vector in Next.js Middleware Exploiting PDF processors by generating and uploading malicious PDF payload files A full reconnaissance breakdown on how to approach any target