Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Practical Exploitation of DoS in Bug Bounty Programs

DEFCONConference via YouTube

Overview

Learn about identifying and exploiting Denial of Service (DoS) vulnerabilities in bug bounty programs through this DEF CON 32 conference talk. Gain insights into various DoS attack types including N+1 errors, GraphQL crashing, and Cache Poisoning while examining real-world examples of their impacts. Master practical techniques for vulnerability discovery using automated scanning tools and manual testing methods. Explore how N+1 errors create redundant database queries that impact performance, discover methods to craft resource-intensive GraphQL queries that can crash servers, and understand cache poisoning techniques that disrupt service delivery. Study best practices for responsible vulnerability reporting to bug bounty programs, learn from common failures in the process, and understand the importance of staying current with emerging DoS attack vectors and mitigation strategies.

Syllabus

DEF CON 32 - Practical Exploitation of DoS in Bug Bounty - Roni Lupin Carta

Taught by

DEFCONConference

Reviews

Start your review of Practical Exploitation of DoS in Bug Bounty Programs

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.