Bug bounty

•Download as PPTX, PDF•

2 likes•5,581 views

n|u - The Open Security Community

Vinod Tiwari

Technology

Agenda
•
•
•
•
•
•
•
•

Introduction
Why #BBPs?
Who are they?
Prerequisites
Develop your own approach
Tools
Avoid Duplicates
Finding new #BBPs

Introduction
• Rewards(Not always) & Credits for finding
loopholes
• Bugs in application, Network, product etc.
• Should be Responsible disclosure

Why #BBPs?
• Saves money getting job done by worldwide
researchers
• Different kind of bugs which owner never had
thought of
• Work directly with researchers
• It was all started by Netscape in 1995

Who are they?
•
•
•
•
•
•

Google
Facebook
Mozilla
ATT
Barracuda
List at
– https://bugcrowd.com/list-of-bug-bountyprograms

Prerequisite
• You should read these,
– OWASP Testing Guide V3
– The Web application hacker’s handbook
– RFC 2616 - HTTP /1.1

• Have hands-on with few simulators e.g.
– Mutillidae
– DVWA
– etc.

Approach
• Develop your own
• Understand the Scope
• Gather Information about domain, services,
CMS & structures
• Understand the logic
• Avoid using automated tools
• Have standard template to report

Tools Required
• Proxy: Burp Suite, Fiddler etc.
• Browser extensions & Add-ons (Firefox)
– Live HTTP header
– Firebug/ Web developer tool
– ClickJacking Defense
– Wapplyzer
– User agent Switcher
– Many more

Common Security Flaws
Vulnerabilities

9%

14%

7%

Injection
Session flaws
XSS

12%

16%

IDOR
Security Misconfiguration
Sensitive Data Exposure
CSRF

16%
19%

7%

Other

Avoid Duplicates
• Try on Sub domains
• Standard templates for common bugs can
save time
• Try with business logic flaws
– https://www.owasp.org/index.php/Testing_for_b
usiness_logic_(OWASP-BL-001)

Submission Format
•
•
•
•
•
•
•

Vulnerability Name:
Description:
Impact:
Vulnerable Link/Product:
Environment tested on:
POC (Screenshots, Video):
References if any

Finding New #BBPs
• Google can help
• Approach them
• FUD will always help

References
• http://www.slideshare.net/mehimansu/bugbounty-for-beginners?from_search=1
• http://www.slideshare.net/goldshlager19/nirgoldshlager-killing-a-bug-bounty-programtwice-hack-in-the-box-2012?from_search=9

Questions?

• Thanks!


Twitter: @war_crack
email: nikivin.vinod@gmail.com

What's hot

OWASP Top 10 2021 What's NewMichael Furman

Burp suiteSOURABH DESHMUKH

Web application security & TestingDeepu S Nath

A2 - broken authentication and session management(OWASP thailand chapter Apri...Noppadol Songsakaew

The Game of Bug Bounty Hunting - Money, Drama, Action and FameAbhinav Mishra

Application SecurityReggie Niccolo Santos

Penetration Testing BasicsRick Wanner

Malware analysisPrakashchand Suthar

Bug Bounty Hunter Methodology - Nullcon 2016bugcrowd

MITRE ATT&CK Frameworkn|u - The Open Security Community

Secure Coding principles by example: Build Security In from the start - Carlo...Codemotion

Secure Coding 101 - OWASP University of Ottawa WorkshopPaul Ionescu

Bug Bounty for - BeginnersHimanshu Kumar Das

Vulnerabilities in modern web applicationsNiyas Nazar

Introduction to Web Application Penetration TestingNetsparker

Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...HackerOne

Saying Hello to Bug BountyNull Bhubaneswar

Android Application Penetration Testing - Mohammed AdamMohammed Adam

Bug Bounty Programs For The WebMichael Coates

VAPT PRESENTATION full.pptxDARSHANBHAVSAR14

What's hot (20)

OWASP Top 10 2021 What's New

Burp suite

Web application security & Testing

A2 - broken authentication and session management(OWASP thailand chapter Apri...

The Game of Bug Bounty Hunting - Money, Drama, Action and Fame

Application Security

Penetration Testing Basics

Malware analysis

Bug Bounty Hunter Methodology - Nullcon 2016

MITRE ATT&CK Framework

Secure Coding principles by example: Build Security In from the start - Carlo...

Secure Coding 101 - OWASP University of Ottawa Workshop

Bug Bounty for - Beginners

Vulnerabilities in modern web applications

Introduction to Web Application Penetration Testing

Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...

Saying Hello to Bug Bounty

Android Application Penetration Testing - Mohammed Adam

Bug Bounty Programs For The Web

VAPT PRESENTATION full.pptx

Similar to Bug bounty

Web Application Security And Getting Into Bug Bountieskunwaratul hax0r

Web App Security Presentation by Ryan Holland - 05-31-2017TriNimbus

Recon-Fu @BsidesKyiv 2016Vlad Styran

BSides Lisbon 2013 - All your sites belong to BurpTiago Mendo

Is code review the solution?Tiago Mendo

Nomura UCCSC 2009dnomura

Android lint presentationSinan KOZAK

Prototyping like it is 2022 Michael Yagudaev

Rocket Circus on Code Reviewrocketcircus

Server Side TestingChuan Tang, CSM

Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austinMatt Tesauro

BSides_Charm2015_Info sec hunters_gathersAndrew McNicol

Bug bounties - cén scéal?Ciaran McNally

Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Denim Group

Case studykaran saini

Shiny, Let’s Be Bad Guys: Exploiting and Mitigating the Top 10 Web App Vulner...Michael Pirnat

WordPress Security and Best PracticesRobert Vidal

Manual JavaScript Analysis Is A BugLewis Ardern

CSS 17: NYC - Protecting your Web ApplicationsAlert Logic

Debugging, Monitoring and Profiling in TYPO3AOE

Similar to Bug bounty (20)

Web Application Security And Getting Into Bug Bounties

Web App Security Presentation by Ryan Holland - 05-31-2017

Recon-Fu @BsidesKyiv 2016

BSides Lisbon 2013 - All your sites belong to Burp

Is code review the solution?

Nomura UCCSC 2009

Android lint presentation

Prototyping like it is 2022

Rocket Circus on Code Review

Server Side Testing

Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austin

BSides_Charm2015_Info sec hunters_gathers

Bug bounties - cén scéal?

Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...

Case study

Shiny, Let’s Be Bad Guys: Exploiting and Mitigating the Top 10 Web App Vulner...

WordPress Security and Best Practices

Manual JavaScript Analysis Is A Bug

CSS 17: NYC - Protecting your Web Applications

Debugging, Monitoring and Profiling in TYPO3

Recently uploaded

DevEX - reference for building teams, processes, and platformsSergiu Bodiu

Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3

Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge

DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell

WordPress Websites for Engineers: Elevate Your Brandgvaughan

Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos

DMCC Future of Trade Web3 - Special EditionDubai Multi Commodity Centre

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada

Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi

Take control of your SAP testing with UiPath Test SuiteDianaGray10

Commit 2024 - Secret Management made easyAlfredo García Lavilla

From Family Reminiscence to Scholarly Archive .Alan Dix

CloudStudio User manual (basic edition):comworks

Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays

What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays

Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation

Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University

Recently uploaded (20)

DevEX - reference for building teams, processes, and platforms

Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx

Designing IA for AI - Information Architecture Conference 2024

DSPy a system for AI to Write Prompts and Do Fine Tuning

WordPress Websites for Engineers: Elevate Your Brand

Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)

DMCC Future of Trade Web3 - Special Edition

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024

Vertex AI Gemini Prompt Engineering Tips

Take control of your SAP testing with UiPath Test Suite

Commit 2024 - Secret Management made easy

From Family Reminiscence to Scholarly Archive .

CloudStudio User manual (basic edition):

Unraveling Multimodality with Large Language Models.pdf

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...

What's New in Teams Calling, Meetings and Devices March 2024

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack

Connect Wave/ connectwave Pitch Deck Presentation

Nell’iperspazio con Rocket: il Framework Web di Rust!

Bug bounty

1. Bug Bounty Pawn to Earn Vinod Tiwari @war_crack

2. Agenda • • • • • • • • Introduction Why #BBPs? Who are they? Prerequisites Develop your own approach Tools Avoid Duplicates Finding new #BBPs

3. Introduction • Rewards(Not always) & Credits for finding loopholes • Bugs in application, Network, product etc. • Should be Responsible disclosure

4. Why #BBPs? • Saves money getting job done by worldwide researchers • Different kind of bugs which owner never had thought of • Work directly with researchers • It was all started by Netscape in 1995

5. Who are they? • • • • • • Google Facebook Mozilla ATT Barracuda List at – https://bugcrowd.com/list-of-bug-bountyprograms

6. Prerequisite • You should read these, – OWASP Testing Guide V3 – The Web application hacker’s handbook – RFC 2616 - HTTP /1.1 • Have hands-on with few simulators e.g. – Mutillidae – DVWA – etc.

7. Approach • Develop your own • Understand the Scope • Gather Information about domain, services, CMS & structures • Understand the logic • Avoid using automated tools • Have standard template to report

8. Tools Required • Proxy: Burp Suite, Fiddler etc. • Browser extensions & Add-ons (Firefox) – Live HTTP header – Firebug/ Web developer tool – ClickJacking Defense – Wapplyzer – User agent Switcher – Many more

9. Common Security Flaws Vulnerabilities 9% 14% 7% Injection Session flaws XSS 12% 16% IDOR Security Misconfiguration Sensitive Data Exposure CSRF 16% 19% 7% Other

10. Avoid Duplicates • Try on Sub domains • Standard templates for common bugs can save time • Try with business logic flaws – https://www.owasp.org/index.php/Testing_for_b usiness_logic_(OWASP-BL-001)

11. Submission Format • • • • • • • Vulnerability Name: Description: Impact: Vulnerable Link/Product: Environment tested on: POC (Screenshots, Video): References if any

12. Finding New #BBPs • Google can help • Approach them • FUD will always help

13. References • http://www.slideshare.net/mehimansu/bugbounty-for-beginners?from_search=1 • http://www.slideshare.net/goldshlager19/nirgoldshlager-killing-a-bug-bounty-programtwice-hack-in-the-box-2012?from_search=9

14. Questions? • Thanks!  Twitter: @war_crack email: nikivin.vinod@gmail.com

Bug bounty

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Bug bounty

Similar to Bug bounty (20)

More from n|u - The Open Security Community

More from n|u - The Open Security Community (20)

Recently uploaded

Recently uploaded (20)

Bug bounty