Bangalore Hackerone bug bounty meetup 2

Name: Bangalore Hackerone bug bounty meetup 2
Start: 2023-09-30T11:00:00+05:30
End: 2023-09-30T13:30:00+05:30
Location: Smartworks Vaishnavi Tech Park

Sep 30, 2023, 5:30 – 8:00 AM

India South HackerOne Club

Join us for our second version of the Bangalore Bug Bounty Meetup, This meetup will feature engaging talks and insightful interview panels, covering topics such as CI/CD attacks, container security with and an exclusive interview panel with the esteemed hacker, Vivin Joseph

Educational WorkshopsHacking MeetupsStudent Series

Registration for this event is closed.
Please contact the event organizer for assistance.

About this event!

Join us for an enlightening session at the second edition of the Bug Bounty Meetup organized by the HackerOne Bangalore Chapter. This event promises a deep dive into the world of cybersecurity, offering insights from some of the best in the industry. Here's what's in store:
Hacking the Giants: A Tale of BountiesDive into an intriguing session with Divyanshu, as he unravels his journey of hacking into the CI/CD systems of tech giants like Apple and Google. Learn about the vulnerabilities he discovered and the bounties he secured from these exploits.
DOM Clobbering & Client Side Javascript Hacking
Rohit will take the stage to shed light on the intricacies of DOM vulnerabilities. Understand the potential risks and discover techniques for privilege escalation within JavaScript. This talk is necessary for anyone keen on enhancing their knowledge about JavaScript.
Bug Bounty Panel DiscussionEngage in a stimulating panel discussion featuring the top hacker on Shopify and HackerOne, Vivin Joseph. Delve into the nuances of bug bounties, learn from their experiences, and get answers to your burning questions.
Don't miss this opportunity to network with fellow enthusiasts and learn from the best. Mark your calendars and be a part of this enriching experience!

Venue:GROWW office, Smartworks Vaishnavi Tech Park, Sarjapur Main Road, Bengaluru, 560102

Fill the google form for venue-gate entry
https://forms.gle/6YzFAHHC3cR7HmqA8

Speakers

Divyanshu Mehta

CRED

Security Engineer

Rohit Kumar

GROWW

Security Engineer

Vivin Joseph aka h13-

Hacker

When

Saturday, September 30, 2023
5:30 AM – 8:00 AM UTC

Where

Smartworks Vaishnavi Tech Park
Sarjapur Main Road
Bengaluru, 560102

Agenda

Hacking CI/CD of big giants Apple, google for fun and profit	Join us for a groundbreaking session by Divyanshu that delves into the lesser-discussed realm of CI/CD systems on GitHub. As organizations increasingly rely on the cloud to build PRs, there's a rising trend of passing potentially unsafe external PR code directly into build systems. While most research in this domain has been centered around leaking secrets or command execution in build pipelines, our study takes a different route. We'll introduce a novel technique detailing how we penetrated Cloud Build systems, accessing the core cloud accounts of several companies through a single malicious external PR on GitHub. Our discussion will predominantly focus on giants like AWS, GCP, and Azure, offering insights on discreet operations and evasion tactics. Concluding the session, we'll provide guidance on detection and prevention measures, though, spoiler alert, some cloud providers might leave you with limited defense options! Join us for this eye-opening exploration and fortify your organization's defenses
DOM Clobbering & Client Side Javascript Hacking	In our upcoming presentation by Rohit, we'll journey into the intricate world of Document Object Model (DOM) vulnerabilities, with a special emphasis on clobbering techniques. These techniques have become a notable concern in web security, and understanding them is crucial for both developers and security enthusiasts. We'll not only dissect how attackers exploit these vulnerabilities but also provide insights on bolstering defenses against such threats. Beyond clobbering, we'll touch upon other intriguing JavaScript hacking techniques, offering attendees a holistic view of the landscape. Join us for this insightful session and arm yourself with the knowledge to navigate the ever-evolving world of web security.
Bug bounty panel	Join our exclusive interview panel featuring the esteemed bug bounty hunter, Vivin Joseph, also known as h13 on HackerOne. Dive deep into the world of ethical hacking as Vivin, a top hacker on platforms like Shopify and HackerOne, shares his invaluable experiences, methodologies, and best practices for effective bug hunting. Unravel the stories behind his most notable discoveries and grasp techniques to identify vulnerabilities in intricate systems. Whether you're an experienced hacker or embarking on your bug bounty adventure, this panel discussion is set to inspire and provide you with the expertise to thrive in the cybersecurity domain. Seize this unique chance to gain insights from one of the industry's leading figures.

Organizer

Akshansh Jaiswal

CRED

akshansh

See bio

Contact Us