Bug Bounty Talks
Listen to the wise one.
Last updated
Listen to the wise one.
Last updated
Talk Link: https://www.youtube.com/watch?v=QhpqBnu5MXo&t=161s
Slides Link: https://www.yassineaboukir.com//blog/Top-Tier-Bug-bounty-Hunter-Mindset-(BSides-Ahmedadabad-2022-Keynote)/
Don't be lazy and test everything.
Don't be scared of old programs and number of resolved reports. New code get pushed daily.
Get paid features as not many people do it.
Invest time in analysing JS files. Browse the application as a normal user and after that filter all .js files in burp.
No impact no bug.
There are two versions of getting aws metadata from ssrf
Simple get request
Authenticated request, which first needs to obtain a token to request aws metadata
CVE monitoring website: https://attackerkb.com/
Talk Link: https://www.youtube.com/watch?v=xnx0IQMQD3o
Slides Link: https://pr0xy.cc/bsides.pdf
URL Payload list for fuzzing how application handles different URL patterns.
Don't just start hacking with very first thing you see. Browse the application thoroughly and let burp collect all endpoints.
Understand all features of application.
Get origin IP of server that may lead to WAF bypass.
Shodan can be helpful for that by searching for title.
If it's a big target get all IP ranges and resolve them and get their title and match it against the title you have.
