Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Hunting Bugs In Real Life
Search
akshat singhal
September 23, 2020
Technology
0
100
Hunting Bugs In Real Life
akshat singhal
September 23, 2020
Tweet
Share
Other Decks in Technology
See All in Technology
ソフトとハード両方いけるデータ人材の育て方
waiwai2111
0
140
【Agentforce Hackathon Tokyo 2025 発表資料】みらいシフト:あなた働き方を、みらいへシフト。
kuratani
0
120
国井さんにPurview の話を聞く会
sophiakunii
1
370
Contract One Engineering Unit 紹介資料
sansan33
PRO
0
12k
マーケットプレイス版Oracle WebCenter Content For OCI
oracle4engineer
PRO
5
1.5k
AIと融ける人間の冒険
pujisi
0
120
I tried making a solo advent calendar!
zzzzico
0
150
Qiita Bash アドカレ LT #1
okaru
0
190
技術選定、下から見るか?横から見るか?
masakiokuda
0
190
Models vs Bounded Contexts for Domain Modularizati...
ewolff
0
150
スクラムを一度諦めたチームにアジャイルコーチが入ってどう変化したか / A Team's Second Try at Scrum with an Agile Coach
kaonavi
0
220
Introduction to Bill One Development Engineer
sansan33
PRO
0
340
Featured
See All Featured
Leading Effective Engineering Teams in the AI Era
addyosmani
9
1.5k
The Art of Programming - Codeland 2020
erikaheidi
57
14k
SEOcharity - Dark patterns in SEO and UX: How to avoid them and build a more ethical web
sarafernandez
0
110
Building the Perfect Custom Keyboard
takai
2
670
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
4.1k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
49
3.3k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
196
71k
The browser strikes back
jonoalderson
0
300
The Organizational Zoo: Understanding Human Behavior Agility Through Metaphoric Constructive Conversations (based on the works of Arthur Shelley, Ph.D)
kimpetersen
PRO
0
210
A designer walks into a library…
pauljervisheath
210
24k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
231
22k
VelocityConf: Rendering Performance Case Studies
addyosmani
333
24k
Transcript
None
BUG BOUNTY WEBINAR
HUNTING BUGS IN REAL LIFE Akshat Singhal
Who am I • Bug crowd Top 700 Researcher –
All Time • Blogger • Bug Bounty Hunter • Speaker • Lifelong learner
@Akshat05623019 @akshat-singhal-90141716b @honeyakshat999 Get In Touch At @AkshatSinghal1 @AkshatSinghal @honeyakshat999
None
None
None
STORED DOM REFLECTED
None
None
SQL injection is a web security vulnerability that allows an
attacker to interfere with the queries that an application makes to its database.
▪ admin’—
None
None
TYPES HORIZONTAL VERTICAL
None
None
None
CSRF + XSS --> Account Takeover User enum.
+ IDOR --> All users compromise
None
None
waiwai2111
kuratani
sophiakunii
sansan33
oracle4engineer
pujisi
zzzzico
okaru
masakiokuda
ewolff
kaonavi
addyosmani
erikaheidi
sarafernandez
takai
kastner
tammyeverts
soudai
jonoalderson
kimpetersen
pauljervisheath
danielanewman
