Bug Bounty
Pawn to Earn

Vinod Tiwari
@war_crack
Agenda
•
•
•
•
•
•
•
•

Introduction
Why #BBPs?
Who are they?
Prerequisites
Develop your own approach
Tools
Avoid Duplicat...
Introduction
• Rewards(Not always) & Credits for finding
loopholes
• Bugs in application, Network, product etc.
• Should b...
Why #BBPs?
• Saves money getting job done by worldwide
researchers
• Different kind of bugs which owner never had
thought ...
Who are they?
•
•
•
•
•
•

Google
Facebook
Mozilla
ATT
Barracuda
List at
– https://bugcrowd.com/list-of-bug-bountyprograms
Prerequisite
• You should read these,
– OWASP Testing Guide V3
– The Web application hacker’s handbook
– RFC 2616 - HTTP /...
Approach
• Develop your own
• Understand the Scope
• Gather Information about domain, services,
CMS & structures
• Underst...
Tools Required
• Proxy: Burp Suite, Fiddler etc.
• Browser extensions & Add-ons (Firefox)
– Live HTTP header
– Firebug/ We...
Common Security Flaws
Vulnerabilities

9%

14%

7%

Injection
Session flaws
XSS

12%

16%

IDOR
Security Misconfiguration
...
Avoid Duplicates
• Try on Sub domains
• Standard templates for common bugs can
save time
• Try with business logic flaws
–...
Submission Format
•
•
•
•
•
•
•

Vulnerability Name:
Description:
Impact:
Vulnerable Link/Product:
Environment tested on:
...
Finding New #BBPs
• Google can help
• Approach them
• FUD will always help
References
• http://www.slideshare.net/mehimansu/bugbounty-for-beginners?from_search=1
• http://www.slideshare.net/goldshl...
Questions?

• Thanks!


Twitter: @war_crack
email: nikivin.vinod@gmail.com
Upcoming SlideShare
Loading in...5
×

Bug bounty

1,578

Published on

Vinod Tiwari

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,578
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
46
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Bug bounty

  1. 1. Bug Bounty Pawn to Earn Vinod Tiwari @war_crack
  2. 2. Agenda • • • • • • • • Introduction Why #BBPs? Who are they? Prerequisites Develop your own approach Tools Avoid Duplicates Finding new #BBPs
  3. 3. Introduction • Rewards(Not always) & Credits for finding loopholes • Bugs in application, Network, product etc. • Should be Responsible disclosure
  4. 4. Why #BBPs? • Saves money getting job done by worldwide researchers • Different kind of bugs which owner never had thought of • Work directly with researchers • It was all started by Netscape in 1995
  5. 5. Who are they? • • • • • • Google Facebook Mozilla ATT Barracuda List at – https://bugcrowd.com/list-of-bug-bountyprograms
  6. 6. Prerequisite • You should read these, – OWASP Testing Guide V3 – The Web application hacker’s handbook – RFC 2616 - HTTP /1.1 • Have hands-on with few simulators e.g. – Mutillidae – DVWA – etc.
  7. 7. Approach • Develop your own • Understand the Scope • Gather Information about domain, services, CMS & structures • Understand the logic • Avoid using automated tools • Have standard template to report
  8. 8. Tools Required • Proxy: Burp Suite, Fiddler etc. • Browser extensions & Add-ons (Firefox) – Live HTTP header – Firebug/ Web developer tool – ClickJacking Defense – Wapplyzer – User agent Switcher – Many more
  9. 9. Common Security Flaws Vulnerabilities 9% 14% 7% Injection Session flaws XSS 12% 16% IDOR Security Misconfiguration Sensitive Data Exposure CSRF 16% 19% 7% Other
  10. 10. Avoid Duplicates • Try on Sub domains • Standard templates for common bugs can save time • Try with business logic flaws – https://www.owasp.org/index.php/Testing_for_b usiness_logic_(OWASP-BL-001)
  11. 11. Submission Format • • • • • • • Vulnerability Name: Description: Impact: Vulnerable Link/Product: Environment tested on: POC (Screenshots, Video): References if any
  12. 12. Finding New #BBPs • Google can help • Approach them • FUD will always help
  13. 13. References • http://www.slideshare.net/mehimansu/bugbounty-for-beginners?from_search=1 • http://www.slideshare.net/goldshlager19/nirgoldshlager-killing-a-bug-bounty-programtwice-hack-in-the-box-2012?from_search=9
  14. 14. Questions? • Thanks!  Twitter: @war_crack email: nikivin.vinod@gmail.com
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×