Jan 28, 4:30 – 8:30 AM
DrSniper shares his tips and secrets for being successful at bug hunting. Register at https://www.crac-learning.com/craccon/workshop/bugbountyworkshop
Introduction:
Brief overview of Bug Bounty programs
Importance of reconnaissance in identifying vulnerabilities
Why Recon is Important for Bug Bounty Targets?
Understanding the significance of reconnaissance in bug hunting
Real-world examples of successful bug discoveries through effective recon
How recon contributes to a more targeted and efficient bug hunting process
Passive Recon
Definition and explanation of passive reconnaissance
Tools and techniques for passive recon (e.g., OSINT, WHOIS, DNS enumeration)
Demonstration of using passive recon for information gathering on bug bounty targets
Active Recon
Definition and explanation of active reconnaissance
Tools and techniques for active recon (e.g., scanning, enumeration, fingerprinting)
Demonstrating the use of active recon to discover potential vulnerabilities
Reporting Bugs on HackerOne
Identifying the right vulnerabilities to report
Strategies to avoid duplicate submissions
Tips for crafting effective bug reports
Understanding the HackerOne platform and its submission process
Case studies of successful bug reports and their impact
How to Avoid Duplicates and Increase Success?
Collaboration and communication within the bug bounty community
Using version control to track reported issues
Understanding the target's security policies and bug bounty program guidelines
Continuous learning and adapting to new attack surfaces
Sunday, January 28, 2024
4:30 AM – 8:30 AM UTC
Contact Us