Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Hunting Bugs In Real Life
Search
akshat singhal
September 23, 2020
Technology
0
89
Hunting Bugs In Real Life
akshat singhal
September 23, 2020
Tweet
Share
Other Decks in Technology
See All in Technology
開発生産性向上! 育成を「改善」と捉えるエンジニア育成戦略
shoota
2
400
podman_update_2024-12
orimanabu
1
280
[Ruby] Develop a Morse Code Learning Gem & Beep from Strings
oguressive
1
170
NilAway による静的解析で「10 億ドル」を節約する #kyotogo / Kyoto Go 56th
ytaka23
3
380
ずっと昔に Star をつけたはずの思い出せない GitHub リポジトリを見つけたい!
rokuosan
0
150
どちらを使う?GitHub or Azure DevOps Ver. 24H2
kkamegawa
0
870
終了の危機にあった15年続くWebサービスを全力で存続させる - phpcon2024
yositosi
19
17k
AWS re:Invent 2024で発表された コードを書く開発者向け機能について
maruto
0
200
バクラクのドキュメント解析技術と実データにおける課題 / layerx-ccc-winter-2024
shimacos
2
1.1k
なぜCodeceptJSを選んだか
goataka
0
160
Storage Browser for Amazon S3
miu_crescent
1
240
生成AIのガバナンスの全体像と現実解
fnifni
1
190
Featured
See All Featured
The Language of Interfaces
destraynor
154
24k
Agile that works and the tools we love
rasmusluckow
328
21k
The Invisible Side of Design
smashingmag
298
50k
Thoughts on Productivity
jonyablonski
67
4.4k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
44
6.9k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
226
22k
YesSQL, Process and Tooling at Scale
rocio
169
14k
jQuery: Nuts, Bolts and Bling
dougneiner
61
7.5k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
28
900
Making Projects Easy
brettharned
116
5.9k
RailsConf 2023
tenderlove
29
940
How to Think Like a Performance Engineer
csswizardry
22
1.2k
Transcript
None
BUG BOUNTY WEBINAR
HUNTING BUGS IN REAL LIFE Akshat Singhal
Who am I • Bug crowd Top 700 Researcher –
All Time • Blogger • Bug Bounty Hunter • Speaker • Lifelong learner
@Akshat05623019 @akshat-singhal-90141716b @honeyakshat999 Get In Touch At @AkshatSinghal1 @AkshatSinghal @honeyakshat999
None
None
None
STORED DOM REFLECTED
None
None
SQL injection is a web security vulnerability that allows an
attacker to interfere with the queries that an application makes to its database.
▪ admin’—
None
None
TYPES HORIZONTAL VERTICAL
None
None
None
CSRF + XSS --> Account Takeover User enum.
+ IDOR --> All users compromise
None
None