# Bug Bounty Talks ## 1. Top-Tier Bug Bounty Hunter Mindset - Yassine Aboukir (BSides Ahmedabad 2022) Talk Link: Slides Link: [https://www.yassineaboukir.com//blog/Top-Tier-Bug-bounty-Hunter-Mindset-(BSides-Ahmedadabad-2022-Keynote)/](https://www.yassineaboukir.com/blog/Top-Tier-Bug-bounty-Hunter-Mindset-\(BSides-Ahmedadabad-2022-Keynote\)/)

#### Learning: * Don't be lazy and test everything. * Don't be scared of old programs and number of resolved reports. New code get pushed daily. * Get paid features as not many people do it. * Invest time in analysing JS files. Browse the application as a normal user and after that filter all `.js` files in burp. * No impact no bug. * There are two versions of getting aws metadata from ssrf * Simple get request * Authenticated request, which first needs to obtain a token to request aws metadata CVE monitoring website:

## ## 2. Bug Bounty on steroids - Hussein Daher (BSides Ahmedabad 2022) Talk Link: Slides Link: URL Payload list for fuzzing how application handles different URL patterns. ``` 0xp.cc 0xp.cc/ @0xp.cc \\0xp.cc //0xp.cc .0xp.cc/ .0xp.cc %2f%2f0xp.cc ``` #### Learning: * Don't just start hacking with very first thing you see. Browse the application thoroughly and let burp collect all endpoints. * Understand all features of application. * Get origin IP of server that may lead to WAF bypass. * Shodan can be helpful for that by searching for title. * If it's a big target get all IP ranges and resolve them and get their title and match it against the title you have. ### 3. Bugcrowd GodfatherOrwa recon