Dive into the world of bug bounty hunting with this technical talk from BSidesSF 2016. Explore several intriguing vulnerabilities discovered in Instagram, responsibly disclosed through Facebook's Public Bug Bounty program. Gain insights into advanced Mobile Security attack techniques, including Binary Modification, Dynamic Hooking, and Burp Suite Plugin Development. Learn about hybrid vulnerabilities that combine issues across different environments, such as Web and Mobile. Analyze the root causes of identified issues within the Software Development Life Cycle (SDLC) to understand prevention strategies. Discover the monetary rewards offered by Facebook for each vulnerability and receive valuable advice for aspiring bug bounty hunters.
Overview
Syllabus
BSidesSF 2016 - The Tales of a Bug Bounty Hunter (Arne Swinnen)
Taught by
Security BSides San Francisco
