Uploaded on

Vinod Tiwari

Vinod Tiwari

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,152
On Slideshare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
31
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Bug Bounty Pawn to Earn Vinod Tiwari @war_crack
  • 2. Agenda • • • • • • • • Introduction Why #BBPs? Who are they? Prerequisites Develop your own approach Tools Avoid Duplicates Finding new #BBPs
  • 3. Introduction • Rewards(Not always) & Credits for finding loopholes • Bugs in application, Network, product etc. • Should be Responsible disclosure
  • 4. Why #BBPs? • Saves money getting job done by worldwide researchers • Different kind of bugs which owner never had thought of • Work directly with researchers • It was all started by Netscape in 1995
  • 5. Who are they? • • • • • • Google Facebook Mozilla ATT Barracuda List at – https://bugcrowd.com/list-of-bug-bountyprograms
  • 6. Prerequisite • You should read these, – OWASP Testing Guide V3 – The Web application hacker’s handbook – RFC 2616 - HTTP /1.1 • Have hands-on with few simulators e.g. – Mutillidae – DVWA – etc.
  • 7. Approach • Develop your own • Understand the Scope • Gather Information about domain, services, CMS & structures • Understand the logic • Avoid using automated tools • Have standard template to report
  • 8. Tools Required • Proxy: Burp Suite, Fiddler etc. • Browser extensions & Add-ons (Firefox) – Live HTTP header – Firebug/ Web developer tool – ClickJacking Defense – Wapplyzer – User agent Switcher – Many more
  • 9. Common Security Flaws Vulnerabilities 9% 14% 7% Injection Session flaws XSS 12% 16% IDOR Security Misconfiguration Sensitive Data Exposure CSRF 16% 19% 7% Other
  • 10. Avoid Duplicates • Try on Sub domains • Standard templates for common bugs can save time • Try with business logic flaws – https://www.owasp.org/index.php/Testing_for_b usiness_logic_(OWASP-BL-001)
  • 11. Submission Format • • • • • • • Vulnerability Name: Description: Impact: Vulnerable Link/Product: Environment tested on: POC (Screenshots, Video): References if any
  • 12. Finding New #BBPs • Google can help • Approach them • FUD will always help
  • 13. References • http://www.slideshare.net/mehimansu/bugbounty-for-beginners?from_search=1 • http://www.slideshare.net/goldshlager19/nirgoldshlager-killing-a-bug-bounty-programtwice-hack-in-the-box-2012?from_search=9
  • 14. Questions? • Thanks!  Twitter: @war_crack email: nikivin.vinod@gmail.com