Hacking on Bug Bounties for Five Years

Hacking on Bug Bounties for Five Years

HackerOne via YouTube Direct link

Intro

1 of 33

1 of 33

Intro

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Hacking on Bug Bounties for Five Years

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Working at Hungry Jacks
  3. 3 PayPal's Bug Bounty
  4. 4 The First Critical Bug (SSRF)
  5. 5 My Background
  6. 6 How I got started
  7. 7 My First Unrated bug
  8. 8 Before You Start Hunting
  9. 9 Writing High Quality Reports
  10. 10 Getting Into Bounties
  11. 11 Exposed HAProxy Statistics ($500)
  12. 12 Open Administration Interface owned by Scompany (Ansible Tower) ($500)
  13. 13 Trying To Be Cheeky
  14. 14 Low Risk Bugs
  15. 15 N/A Bugs
  16. 16 Full Time vs Part Time
  17. 17 Focus on Techniques
  18. 18 Multiple Steps To Victory
  19. 19 Second Order Takeovers
  20. 20 Expanding The Scope
  21. 21 Targeting Country Specific Assets
  22. 22 Dirty box...
  23. 23 Testing Scripts
  24. 24 Debug Endpoints
  25. 25 Transport.Co Dox'd
  26. 26 Third Party Platforms
  27. 27 Dangling IP Subdomain Takeover
  28. 28 Defining Recon
  29. 29 Performing Recon
  30. 30 IDORS: A Systemic Problem
  31. 31 Automation
  32. 32 Retrospective
  33. 33 Further Reading

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.