- MonkeHacks
- Posts
- MonkeHacks #35
MonkeHacks #35
Switzerland, Recon Royale, Book Review
MonkeHacks #35
I’m on the road this week. I visited Basel in Switzerland, which was a pretty small but very neat little city. I type this from Freiburg im Breisgau in Germany, where I’ve set up camp for a few days to get some work done.
I spent the past few days working on some tooling for my own use (not public, sorry!) and doing some hacking here and there. I also crammed 100 German flashcards on Anki before coming here and somehow that level of repetition has actually fixed some of my grammar problems. It feels good to be able to speak German in shops and stuff and be understood.
Someone scooting along a street at night in Basel, Switzerland.
Weekly Ideas / Notes
My good friend pomme launched Recon Royale. My view is that this is a great way to figure out how efficient your tooling is, compared to what others are using. Pomme is an honest guy, so I can attest to the fact that he’s not storing the data anywhere. If you’re looking at writing some custom recon tooling, what better way to test it than this?
A few months ago, Liran Tal sent me a copy of his book, Node.js Secure Coding: Mitigate and Weaponize Code Injection Vulnerabilities. Here’s my review:
It has excellent examples of past CVEs and such, which is super useful. The writing is good, well-edited, and I genuinely learned a lot.
The book lacks some examples of how these components may be externally facing. However, from a whitebox standpoint i.e an engineer reviewing their employer’s code, it’s a great resource. For the bug bounty hunter, this is a drawback.
Overall I think it’s an excellent starting point for assessing Node.js security in a whitebox environment. Thank you, Liran!
I’m pretty far down the client-side rabbit hole right now but I think I want to dive even further until I start finding weird zero-days. We’re going into uncharted territory! This does require me to start diving into browser and JS internals, though. I cannot wait, honestly.
Resources
1 Bug, $50K+ in bounties: how Zendesk left a backdoor in hundreds of companies: Zendesk mishandling a very neat bug from hackermondev.
Escaping the Chrome Sandbox through Devtools: An incredibly creative chain in Chrome by ading2210.