Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Hunting Bugs In Real Life

Avatar for akshat singhal akshat singhal
September 23, 2020
Technology
0
94

Hunting Bugs In Real Life

Avatar for akshat singhal

akshat singhal

September 23, 2020
Tweet

Other Decks in Technology

See All in Technology
Zephyr(RTOS)にEdge AIを組み込んでみた話
Avatar for misoji engineer iotengineer22
1
280
会社を支える Pythonという言語戦略 ~なぜPythonを主要言語にしているのか?~
Avatar for curekoshimizu curekoshimizu
3
610
OCIjp_Oracle AI World_Recap
Avatar for Shinya Omori shinpy
1
170
「タコピーの原罪」から学ぶ間違った”支援” / the bad support of Takopii
Avatar for piyonakajima piyonakajima
0
130
Implementing and Evaluating a High-Level Language with WasmGC and the Wasm Component Model: Scala’s Case
Avatar for Rikito Taniguchi tanishiking
0
170
QA業務を変える(!?)AIを併用した不具合分析の実践
Avatar for ma2ri__ ma2ri
0
120
GraphRAG グラフDBを使ったLLM生成(自作漫画DBを用いた具体例を用いて)
Avatar for sea-turt1e seaturt1e
1
120
Kubernetes self-healing of your workload
Avatar for Hung-Wei Chiu hwchiu
0
430
今この時代に技術とどう向き合うべきか
Avatar for gree_tech gree_tech
PRO
2
2.2k
アウトプットから始めるOSSコントリビューション 〜eslint-plugin-vueの場合〜 #vuefes
Avatar for 弁護士ドットコム bengo4com
3
740
AI時代におけるデータの重要性 ~データマネジメントの第一歩~
Avatar for 太田 涼一 ryoichi_ota
0
710
だいたい分かった気になる 『SREの知識地図』 / introduction-to-sre-knowledge-map-book
Avatar for katsuhisa_ katsuhisa91
PRO
3
1.3k

Featured

See All Featured
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
Avatar for Tammy Everts tammyeverts
10
610
Building a Modern Day 
E-commerce SEO Strategy
Avatar for Aleyda Solis aleyda
44
7.8k
Context Engineering - Making Every Token Count
Avatar for Addy Osmani addyosmani
8
300
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
37
2.6k
VelocityConf: Rendering Performance Case Studies
Avatar for Addy Osmani addyosmani
332
24k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
Avatar for Marc Duiker marcduiker
34
2.3k
The Pragmatic Product Professional
Avatar for Laura Van Doore lauravandoore
36
7k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
Avatar for Aki / @LoveIdahoBurger aki_iinuma
127
54k
Fashionably flexible responsive web design (full day workshop)
Avatar for Andy Clarke malarkey
407
66k
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
16
1.7k
Optimizing for Happiness
Avatar for Tom Preston-Werner mojombo
379
70k
We Have a Design System, Now What?
Avatar for Morgane Peng morganepeng
53
7.8k

Transcript

  1. None

  2. BUG BOUNTY WEBINAR

  3. HUNTING BUGS IN REAL LIFE Akshat Singhal

  4. Who am I • Bug crowd Top 700 Researcher –

    All Time • Blogger • Bug Bounty Hunter • Speaker • Lifelong learner

  5. @Akshat05623019 @akshat-singhal-90141716b @honeyakshat999 Get In Touch At @AkshatSinghal1 @AkshatSinghal @honeyakshat999

  6. None
  7. None
  8. None

  9. STORED DOM REFLECTED

  10. None
  11. None

  12. SQL injection is a web security vulnerability that allows an

    attacker to interfere with the queries that an application makes to its database.

  13. ▪ admin’—

  14. None
  15. None

  16. TYPES HORIZONTAL VERTICAL

  17. None
  18. None
  19. None

  20.  CSRF + XSS --> Account Takeover  User enum.

    + IDOR --> All users compromise
  21. None

  22.          

  23. None