Overview
Dive into advanced bug bounty hunting and web hacking techniques in this comprehensive conference talk from Bugcrowd's LevelUp 2017. Explore a wide range of topics, including subdomain enumeration with Sublist3r, port scanning, visual identification, platform identification, CVE searching, content discovery, and directory bruting. Learn about various attack vectors such as XSS (Cross-Site Scripting), including blind XSS and XSS polyglots, SSTI (Server-Side Template Injection), SSRF (Server-Side Request Forgery), and code injection. Discover tools like XSSHunter and Backslash Powered Scanner, and gain insights into subdomain takeovers and AWS misconfigurations. Enhance your bug hunting skills with this in-depth methodology presented by Jason Haddix, covering everything from initial reconnaissance to advanced exploitation techniques.
Syllabus
Intro
history && topics
light reading
Sublist3r
Sub Scraping (bespoke)
Sub Bruting
Acquisitions
Port Scanning
Visual Identification
Platform identification and CVE searching
Content Discovery/ Directory Bruting
Parameter Bruting?
XSS (not a lot)
Blind XSS
XSSHunter
XSS Polyglot #4
Jackmasa's
SSTI
SSRF (GET examples)
SSRF Resources
Code Injection.CMD
Backslash Powered Scanner
Subdomain takeover!
Robbing Misconfigured Sh** (AWS)
Taught by
Bugcrowd