Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Hunting Bugs In Real Life

Avatar for akshat singhal akshat singhal
September 23, 2020
Technology
0
92

Hunting Bugs In Real Life

Avatar for akshat singhal

akshat singhal

September 23, 2020
Tweet

Other Decks in Technology

See All in Technology
自作LLM Native GORM Pluginで実現する AI Agentバックテスト基盤構築
Avatar for po3rin po3rin
2
230
「AI駆動PO」を考えてみる - 作る速さから価値のスループットへ:検査・適応で未来を開発 / AI-driven product owner. scrummat2025
Avatar for yosuke nagai yosuke_nagai
1
490
GA technologiesでのAI-Readyの取り組み@DataOps Night
Avatar for yuto16 yuto16
0
250
"複雑なデータ処理 × 静的サイト" を両立させる、楽をするRails運用 / A low-effort Rails workflow that combines “Complex Data Processing × Static Sites”
Avatar for hogelog hogelog
3
1.7k
GC25 Recap+: Advancing Go Garbage Collection with Green Tea
Avatar for Takuto Nagami logica0419
1
350
コンテキストエンジニアリングとは? 考え方と応用方法
Avatar for ファインディ株式会社(イベント資料アップ用) findy_eventslides
4
870
AIAgentの限界を超え、 現場を動かすWorkflowAgentの設計と実践
Avatar for Koji Miyata miyatakoji
0
110
非エンジニアのあなたもできる&もうやってる!コンテキストエンジニアリング
Avatar for ファインディ株式会社(イベント資料アップ用) findy_eventslides
3
880
生成AIを活用したZennの取り組み事例
Avatar for igarashi ryosukeigarashi
0
190
OCI Network Firewall 概要
Avatar for oracle4engineer oracle4engineer
PRO
1
7.7k
Why React!?? Next.jsそしてReactを改めてイチから選ぶ
Avatar for ypresto ypresto
10
4.1k
What is BigQuery?
Avatar for Aizack aizack_harks
0
120

Featured

See All Featured
The Illustrated Children's Guide to Kubernetes
Avatar for Chris Short chrisshort
48
51k
How GitHub (no longer) Works
Avatar for Zach Holman holman
315
140k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
Avatar for Dan Newman danielanewman
229
22k
Bash Introduction
Avatar for André Augusto Costa Santos 62gerente
615
210k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
Avatar for soudai sone soudai
PRO
188
55k
GraphQLとの向き合い方2022年版
Avatar for Yosuke Kurami quramy
49
14k
Building a Modern Day 
E-commerce SEO Strategy
Avatar for Aleyda Solis aleyda
43
7.7k
Build your cross-platform service in a week with App Engine
Avatar for Jose L jlugia
231
18k
A designer walks into a library…
Avatar for Paul Jervis Heath pauljervisheath
208
24k
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
431
66k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
Avatar for Marc Duiker marcduiker
32
2.2k
GitHub's CSS Performance
Avatar for Jon Rohan jonrohan
1032
460k

Transcript

  1. None

  2. BUG BOUNTY WEBINAR

  3. HUNTING BUGS IN REAL LIFE Akshat Singhal

  4. Who am I • Bug crowd Top 700 Researcher –

    All Time • Blogger • Bug Bounty Hunter • Speaker • Lifelong learner

  5. @Akshat05623019 @akshat-singhal-90141716b @honeyakshat999 Get In Touch At @AkshatSinghal1 @AkshatSinghal @honeyakshat999

  6. None
  7. None
  8. None

  9. STORED DOM REFLECTED

  10. None
  11. None

  12. SQL injection is a web security vulnerability that allows an

    attacker to interfere with the queries that an application makes to its database.

  13. ▪ admin’—

  14. None
  15. None

  16. TYPES HORIZONTAL VERTICAL

  17. None
  18. None
  19. None

  20.  CSRF + XSS --> Account Takeover  User enum.

    + IDOR --> All users compromise
  21. None

  22.          

  23. None