Going Further                                                              Chapter 13

            Bugcrowd

            We've already discussed Bugcrowd as a great community and platform for security
            researchers, but their blog is a part of that value as well. Beyond being a useful contact
            point for hearing about new bounty programs, policy changes, and product offerings
            regarding the Bugcrowd platform itself, the company also contributes research to the
            security community, organizing initiatives, such as the vulnerability rating taxonomy to
            better standardize severity classifications, and commissioning white papers, tutorials, and
            other digital resources.


            Darknet

            Darknet (IUUQT   XXX EBSLOFU PSH VL ) has evolved from an IRC channel in 1999 to a
            successful pentesting blog today, with regular updates about new vulnerabilities, tactics,
            and software. Darknet is particularly useful because its articles often feature code snippets
            and scripts you can modify for your own purposes.



            HighOn.Coffee

            The HighOn.Coffee blog (IUUQT   IJHIPO DPGGFF ) is the personal project of the pentester
            !"SS XBZ. His cheat sheets are great references for some of the most common shell
            commands, scripts, and methods for a variety of pentesting and security-related topics.
            Like the Darknet blog, HighOn.Coffee's valuable propensity to include code you can port
            into your own pentesting engagement workflow makes it a worthwhile follow.



            Zero Day Blog

            The Zero Day blog (IUUQT   XXX [EOFU DPN CMPH TFDVSJUZ ) isn't as chock-full of
            walkthroughs and technical breakdowns as some of our other resources, but it is a good
            source for more topical security news















                                                    [ 198 ]