Explore a unique approach to ethical hacking through zseano's VirSecCon talk. Discover favorite findings and learn the thought processes behind uncovering critical vulnerabilities. Gain insights into identifying IDORs, exploiting lack of verification, and leveraging new features for bug discovery. Understand the importance of simplicity in hacking and learn how to effectively use API documentation. This 27-minute presentation offers valuable perspectives for both novice and experienced security researchers.
Unique Mindset - Hacking Techniques and Favorite Findings
Overview
Syllabus
Intro
WHOAMI?
Two pieces to the puzzle: Critical IDOR in front of you
No verification means i'm you
New features for revenue generation = bugs ?? :
Developers love to verify things.. right?
Just keep it simple!
API Docs are friends
Taught by
zseano
Related Courses
-
Owning Cody's First Blog - RCE on Hacker101 and Hacking on FFH from BugBountyNotes.com - IDOR
-
Bugcrowd University - Broken Access Control Testing
-
Insecure Direct Object Reference (IDOR) Explained - How to Bug Bounty
-
Beginner Bug Bounty Course - Web Application Hacking
-
2024 Guide to Hacking APIs
-
Bug Hunting
3.0
