#hack100days Day44: Chapter 13 of _Bug Bounty Bootcamp_ done. #infosec #cososec

#hack100days Day43: Read chapters 11 & 12 of _Bug Bounty Bootcamp_. Tomorrow is travel day. #infosec #cososec

#hack100days Day42: Read chapter 10 of _Bug Bounty Bootcamp_. #infosec #cososec

#hack100days Day41: Read chapter 9 of _Bug Bounty Bootcamp_. #infosec #cososec

#hack100days Day40: Still vacationing. Read Chapter 8 of _Bug Bounty Bootcamp_. (Also watched _Dr. Strange and the Multiverse of Madness_.) #infosec #cososec #movienight

#hack100days Day39: Vacation! Reading chapter 7 of _Bug Bounty Bootcamp_. #infosec #cosocec

#hack100days Day38: Vacation! Which is going to cramp my activities. Reading chapter 6 of _Bug Bounty Bootcamp_. #infosec #cososec

#hack100days Day37-ish: Feroxbuster was hung. Killed it off, pulled state file and output log back for additional analysis. Gave to face discussions with a netsec vendor about netflow analysis, which dovetailed with risky.biz podcast I listened today. They talked w/Gigamon on the same topic. #infosec #cososec

#hack100days Day36: Tried out feroxbuster. Seems like it's hung, so I'll give it some more time. Took another look at the code repository's search function to see if I could find more 'stuff'. No joy there. Need to read some more. Might be time to look at another host in the VDP. #infosec #cososec #enumallthethings

#hack100days Day35: Scan is done and the results are thin. I did feed it too much, but the results suggest I may have misused the tool. Shrinking the target and trying another tool. Some of the URLs in the spider results have queries, so checking for sqli test candidates. ZAP continues trying to choke down the analysis of the spidering. #infosec #cososec #enumallthethings

#hack100days Day34 (1/3rd of the way!): A scan is still going, but it's NAT is likely sinkholed. Will wait until scan is done to confirm. Spider results from ZAP are still getting chewed on. So, in the meantime, read ahead on _Bug Bounty Bootcamp_. #infosec #cososec

#hack100days Day33: More enum. Found a new tld to chew on. Started poking at an apparent code repository, but it's pretty thin. Need to do some reading on the product. Another host is H U G E, relatively speaking, and is running Wordpress. Managed to get my IP baninated spidering the site. Getting acquainted with axiom now. #infosec #cososec #enumallthethings

#hack100days Day32: More enumeration of VDP scope. A host/subdomain I initially picked off looks to be an orphaned DNS name. Will keep an eye out for calls to it from other assets. Maybe the glb/waf is looking for something "magical". Found a doc spelling out a policy that may help. #infosec #cososec #enumallthethings

#hack100days Day31: Diving back into _Bug Bounty Bootcamp_ by Vickie Li (@vickieli7/twitter). Skimmed/refreshed chapters 1-4. Slowed down on chapter 5 and started blindly applying examples to the VDP I picked last night. Finding hosts and subdomains. #infosec #cososec #bugbounty #enumallthethings

#hack100days Day30: Finished _Hacking APIs_ last night. Will review and finish labs tomorrow. Spent a couple of hours looking at a VDP/Bug Bounty program with a really big scope. Started nailing down and documenting some of the detailed scope—DNS domains, net blocks, websites, etc. #infosec #cososec #bugbounty

#hack100days Day29: Time to read chapter 14 of _Hacking APIs_. Tomorrow, labs for 12, 13, & 14. #infosec #cososec

#hack100days Day28: Time to read chapters 12 and 13 of _Hacking APIs_. Busy day. #infosec #cososec

#hack100days Day27: Tried out the exercise at the end of chapter 10. Read chapter 11 of _Hacking APIs_. #infosec #cososec

#hack100days Day26: Continued reviewing results of running script for 3 scenarios--got a couple of more I could try, but I want to tweak the output. Read chapter 10 of _Hacking APIs_, in the past I've failed to consider the the real signal in an HTTP 405. Do better! #infosec #cososec

#hack100days Day25: Continued tinkering with script and postman to refine enumeration process on crAPI. Still bash über alles! I *think* I'm finding different version of APIs, so need to work through how to confirm and then, once confirmed, how to exploit. #infosec #cososec