Bug bounty
Download as PPTX, PDF2 likes6,239 views
This document discusses bug bounty programs (BBPs), which reward security researchers for responsibly disclosing software vulnerabilities. It introduces BBPs, noting they save companies money while improving security. Major companies like Google and Facebook run BBPs. The document outlines prerequisites for BBPs like learning security testing techniques. It provides tips for finding vulnerabilities like understanding a site's scope, tools, and avoiding duplicate reports. Common vulnerability types in BBPs include injection flaws and insecure data storage.
Bug bounty
- 1. Bug Bounty Pawn to Earn Vinod Tiwari @war_crack
- 2. Agenda • • • • • • • • Introduction Why #BBPs? Who are they? Prerequisites Develop your own approach Tools Avoid Duplicates Finding new #BBPs
- 3. Introduction • Rewards(Not always) & Credits for finding loopholes • Bugs in application, Network, product etc. • Should be Responsible disclosure
- 4. Why #BBPs? • Saves money getting job done by worldwide researchers • Different kind of bugs which owner never had thought of • Work directly with researchers • It was all started by Netscape in 1995
- 5. Who are they? • • • • • • Google Facebook Mozilla ATT Barracuda List at – https://bugcrowd.com/list-of-bug-bountyprograms
- 6. Prerequisite • You should read these, – OWASP Testing Guide V3 – The Web application hacker’s handbook – RFC 2616 - HTTP /1.1 • Have hands-on with few simulators e.g. – Mutillidae – DVWA – etc.
- 7. Approach • Develop your own • Understand the Scope • Gather Information about domain, services, CMS & structures • Understand the logic • Avoid using automated tools • Have standard template to report
- 8. Tools Required • Proxy: Burp Suite, Fiddler etc. • Browser extensions & Add-ons (Firefox) – Live HTTP header – Firebug/ Web developer tool – ClickJacking Defense – Wapplyzer – User agent Switcher – Many more
- 9. Common Security Flaws Vulnerabilities 9% 14% 7% Injection Session flaws XSS 12% 16% IDOR Security Misconfiguration Sensitive Data Exposure CSRF 16% 19% 7% Other
- 10. Avoid Duplicates • Try on Sub domains • Standard templates for common bugs can save time • Try with business logic flaws – https://www.owasp.org/index.php/Testing_for_b usiness_logic_(OWASP-BL-001)
- 11. Submission Format • • • • • • • Vulnerability Name: Description: Impact: Vulnerable Link/Product: Environment tested on: POC (Screenshots, Video): References if any
- 12. Finding New #BBPs • Google can help • Approach them • FUD will always help
- 14. Questions? • Thanks! Twitter: @war_crack email: nikivin.vinod@gmail.com