How to Differentiate Yourself as a Bug Bounty Hunter - Mathias Karlsson @avlidienbrunn

  Рет қаралды 33,585

OWASP Stockholm

OWASP Stockholm

5 жыл бұрын

There are a lot of illusions and misconceptions around the bug bounty industry. Is it too late to join? Are all the vulnerabilities already found? Is everything automated nowadays so there's no way to be late to the party?
Frans and Mathias have been in the mythical world of bounties for a few years and will share their thoughts and ideas on how to actually approach it technically, methodologically and mentally. And also, how to use bug bounties for your own advantage, to improve your career and to increase your pentesting and vulnerability hunting skills.
OWASP Stockholm:
www.owasp.org/index.php/Stock...
Mathias Karlsson:
/ avlidienbrunn

Пікірлер: 13
@andreslauga
@andreslauga 3 жыл бұрын
Great! This helped me a lot! Thanks Mathias :)
@Gray3ther
@Gray3ther 3 ай бұрын
Was that Gollum in his incognito voice near the end of the Q&A? Good to hear he's out of his cave! 😂 Great talk. Awesome guy!
@jxkz3
@jxkz3 3 ай бұрын
Great videos
@yodapaw9750
@yodapaw9750 5 жыл бұрын
it should be " Bugs found / ( risk of duplicate * time taken) = BBE" @2:44
@h4kster182
@h4kster182 5 жыл бұрын
What about : ( bugs found * probability of not duplicate ) / time taken 🤷🏽‍♂️
@leisureclub_
@leisureclub_ 5 жыл бұрын
Assetnote has been removed from the official source.. Is there anyone who have link ? Thanks..
@benjaminmcewan6753
@benjaminmcewan6753 5 жыл бұрын
Www.github.com/benmcewan1 but couldn't get it working since the dependencies based ON flask updated. If you get it working let me know
@benjaminmcewan6753
@benjaminmcewan6753 5 жыл бұрын
There's other tools I've yet to look at eg sublert I think is one. Let me know how you get on
@DavidPerez-dt9nb
@DavidPerez-dt9nb 4 жыл бұрын
But somehow experience should be considered against time taken, since time taken by someone like me who is a total noob cant be compared to the time taken for more experienced bounty hunters
@ashminniraula1193
@ashminniraula1193 3 жыл бұрын
I hope you're good at it by now
@ronnyj4179
@ronnyj4179 4 жыл бұрын
0 days? lol thats not "oh". it's zero days.
@abdurrafeh6000
@abdurrafeh6000 2 жыл бұрын
It’s pronounced both ways. I’ve heard Jason Haddix pronounce it like him.
@lmfao69420
@lmfao69420 9 ай бұрын
If you're reading out a number (such as a phone number or zip code), it's common to read out the "0" as an oh. So I don't think it seems too weird to pronounce zero day as "oh" day.
Eliminating False Assumptions in Bug Bounties - Frans Rosén @fransrosen
26:15
Eliminating False Assumptions in Bug Bounties - Frans Rosén @fransrosen
OWASP Stockholm
Рет қаралды 30 М.
Demystifying Bug Bounties: Insights from a Decade of Experience - Yassine Aboukir
1:09:05
Demystifying Bug Bounties: Insights from a Decade of Experience - Yassine Aboukir
BSides Prishtina
Рет қаралды 7 М.
When You Get Ran Over By A Car...
00:15
When You Get Ran Over By A Car...
Jojo Sim
Рет қаралды 28 МЛН
小偷捂晕妈妈强行闯入室内,写作业的小朋友灵机一动用两个橙子成功吓跑小偷!#儿童安全教育 #防拐 #儿童安全#儿童自救
00:59
小偷捂晕妈妈强行闯入室内,写作业的小朋友灵机一动用两个橙子成功吓跑小偷!#儿童安全教育 #防拐 #儿童安全#儿童自救
疯狂导演刘浩影
Рет қаралды 20 МЛН
LOVE LETTER - POPPY PLAYTIME CHAPTER 3 | GH'S ANIMATION
00:15
LOVE LETTER - POPPY PLAYTIME CHAPTER 3 | GH'S ANIMATION
GH'S
Рет қаралды 57 МЛН
KINDNESS ALWAYS COME BACK
00:59
KINDNESS ALWAYS COME BACK
dednahype
Рет қаралды 150 МЛН
Inside the Mind of a Hacker: Mathias Karlsson (Full Interview)
5:55
Inside the Mind of a Hacker: Mathias Karlsson (Full Interview)
Bugcrowd
Рет қаралды 13 М.
MY BUG BOUNTY JOURNEY!
5:27
MY BUG BOUNTY JOURNEY!
Farah Hawa
Рет қаралды 237 М.
Hunting IDOR with Z-winK (Part 2)
32:47
Hunting IDOR with Z-winK (Part 2)
Bugcrowd
Рет қаралды 27 М.
Hacker Tweets Explained
13:47
Hacker Tweets Explained
LiveOverflow
Рет қаралды 158 М.
Bug Bounties With Bash - VirSecCon2020 Talk
54:13
Bug Bounties With Bash - VirSecCon2020 Talk
TomNomNom
Рет қаралды 50 М.
Top-Tier Bug Bounty Hunter Mindset - Yassine Aboukir KEYNOTE at BSides Ahmedabad 2022
1:06:07
Top-Tier Bug Bounty Hunter Mindset - Yassine Aboukir KEYNOTE at BSides Ahmedabad 2022
BSides Ahmedabad
Рет қаралды 35 М.
Bug Bounty Hunting - Tools I Use
15:45
Bug Bounty Hunting - Tools I Use
HackerSploit
Рет қаралды 399 М.
API hacking for the Actually Pretty Inexperienced hacker with Katie Paxton-Fear - OWASP DevSlop
1:16:55
API hacking for the Actually Pretty Inexperienced hacker with Katie Paxton-Fear - OWASP DevSlop
OWASP DevSlop
Рет қаралды 99 М.
Giving Back to the Bug Bounty Community - ZSeano, Bugcrowd's LevelUp 2017
45:52
Giving Back to the Bug Bounty Community - ZSeano, Bugcrowd's LevelUp 2017
Bugcrowd
Рет қаралды 24 М.
The Bug Hunter's Methodology - Application Analysis | Jason Haddix
47:21
The Bug Hunter's Methodology - Application Analysis | Jason Haddix
HackerOne
Рет қаралды 86 М.
Clicks чехол-клавиатура для iPhone ⌨️
0:59
Clicks чехол-клавиатура для iPhone ⌨️
serg1us
Рет қаралды 2,1 МЛН
Worlds smallest 4K headset 😎 Visor.com #tech #vr #technology #virtualreality #insideout2
0:15
Worlds smallest 4K headset 😎 Visor.com #tech #vr #technology #virtualreality #insideout2
Immersed
Рет қаралды 111 МЛН
⚡️Супер БЫСТРАЯ Зарядка | Проверка
1:00
⚡️Супер БЫСТРАЯ Зарядка | Проверка
YOLODROID
Рет қаралды 2,2 МЛН
Product Link in Bio ( # 1636 ) @MaviGadgets ✅ Smart Universal Magnetic Car Phone Holder
0:14
Product Link in Bio ( # 1636 ) @MaviGadgets ✅ Smart Universal Magnetic Car Phone Holder
MaviGadget
Рет қаралды 11 МЛН
PART 52 || DIY Wireless Switch forElectronic Lights - Easy Guide!
1:01
PART 52 || DIY Wireless Switch forElectronic Lights - Easy Guide!
HUBAB__OFFICIAL
Рет қаралды 49 МЛН
С Какой Высоты Разобьётся Айфон ?😳 #рекомендации
0:31
С Какой Высоты Разобьётся Айфон ?😳 #рекомендации
Koshyl_Live
Рет қаралды 811 М.
Ryzen 9 9950X и 9900X - первые тесты Zen 5. Новый король CPU?
19:40
Ryzen 9 9950X и 9900X - первые тесты Zen 5. Новый король CPU?
PRO Hi-Tech
Рет қаралды 94 М.