IW Weekly #4: BITB Attack, Hackthebox Walkthrough, Twitter Link Takeover, and more.

Hey 👋

Welcome to the fourth edition of Infosec Weekly — the Monday newsletter that brings the best insights in Infosec straight to your inbox.

Hope you’re enjoying the newsletter as much as we’re enjoying curating it. In today’s edition, we’ve handpicked some of the most trending articles of InfoSec Write-ups to help you gain a new and different perspective about what’s possible in the Infosec world.

Sounds fun? Let’s dive in👇

#1 — Burp extensions that could be helpful in penetration testing. https://infosecwriteups.com/burp-suite-extensions-for-web-hunting-44ffc3b655aa

#2 -Learn how you can bypass the rate limit using race condition attack. https://infosecwriteups.com/1000-how-i-could-have-hack-any-account-and-become-a-billionaire-overnight-top-crypto-trading-ff0e25b6013c

#3 — Learn how to make phishing undetectable using the browser in the browser (BITB) attack. https://infosecwriteups.com/bitb-browser-in-the-browser-attack-e2008c405701

#4 — Capstone Tryhackme Walkthrough

https://infosecwriteups.com/vulnerability-capstone-tryhackme-b0e520720dcf

#5 — Learn how to hack a linux system with the rubber ducky

https://infosecwriteups.com/hack-a-linux-desktop-with-the-cheapest-usb-rubber-ducky-and-the-android-terminal-termux-d8ec62ad25ac

#6 — Horizontall Hackthebox Walkthrough

https://infosecwriteups.com/horizontall-from-hackthebox-detailed-walkthrough-f66f7193e70

#7 — Learn how to cache poison via X-Forwarded-Scheme header.

https://infosecwriteups.com/how-i-made-16-500-hacking-cdn-caching-servers-part-3-91f9d836e046

#8 — Learn how a broken twitter link of paytm has been discovered and taken over.

https://infosecwriteups.com/paytm-broken-link-hijacking-11624e4e9eef

That’s all for this week. Hope you enjoyed these incredible finds and learned something new from today’s newsletter.

Videos of the week

Here are the 2 new IWCON2022 recordings of the week:

1. Vandana Verma talked about How to Find New Vulnerabilities and Tackle Them. Watch it here.
2. Hussein Daher shared about the Mindset After 7 years of Bug Bounty. Really interesting talk! Watch it here.

Before we say bye…

If you found this newsletter interesting, and know other people who would too, we’d really appreciate if you could forward it to them 📨

If you have questions, comments, or feedback, just reply to this email or let us know on Twitter @InfoSecComm.

See you again next week.

Lots of love

Editorial team,

Infosec Writeups