Slide 11
Slide 11 text
The Bug Hunters’ Approach
Housekeeping Items:
- Selecting a Scope
- Good at Recon? - Wide Scope
- Good at Access Controls? - Multi -
Tenant/Multi - Role Applications
- Good at Business Logics? - Go for
Complex Applications
- Good at Server-Side Attacks? -
Choose SaaS Products
Similarly know what you are good at and approach
accordingly.
Approach:
- No Time Boxing – If you think you found a
potential issue, keep trying to exploit it -
Often results in fruitful vulns.
- Approach test cases that you are most
comfortable with.
- Report & Reward
- Re-testing