Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Bug Bounty: Do and Don’t

Avatar for Raden Ardiansyah Natakusumah Raden Ardiansyah Natakusumah
August 30, 2019
Technology
0
61

Bug Bounty: Do and Don’t

Avatar for Raden Ardiansyah Natakusumah

Raden Ardiansyah Natakusumah

August 30, 2019
Tweet

More Decks by Raden Ardiansyah Natakusumah

See All by Raden Ardiansyah Natakusumah
Security stories in online payment company
Avatar for Raden Ardiansyah Natakusumah rully
0
25
Protect your business with PCI DSS
Avatar for Raden Ardiansyah Natakusumah rully
0
39
Intrusion Prevention System based on Machine Learning
Avatar for Raden Ardiansyah Natakusumah rully
0
160
PCI DSS Security Awareness
Avatar for Raden Ardiansyah Natakusumah rully
0
160

Other Decks in Technology

See All in Technology
「Linux」という言葉が指すもの
Avatar for Satoru Takeuchi sat
PRO
4
150
メルカリIBISの紹介
Avatar for ktykogm 0gm
1
990
フルカイテン株式会社 エンジニア向け採用資料
Avatar for FULL KAITEN fullkaiten
0
8.8k
20250905_MeetUp_Ito-san_s_presentation.pdf
Avatar for MagicPod magicpod
1
120
roppongirb_20250911
Avatar for Kuniaki IGARASHI igaiga
1
260
How AI agents are changing the way we should build APIs
Avatar for Fabien Potencier fabpot
1
190
使いやすいプラットフォームの作り方 ー LINEヤフーのKubernetes基盤に学ぶ理論と実践
Avatar for LINEヤフーTech (LY Corporation Tech) lycorptech_jp
PRO
2
200
エンジニアがデザインまで担うための AI駆動UIデザイン/フロントエンド開発実践
Avatar for 北見海貴 kitami
2
200
Modern Linux
Avatar for oracle4engineer oracle4engineer
PRO
0
170
「その開発、認知負荷高すぎませんか?」Platform Engineeringで始める開発者体験カイゼン術
Avatar for SansanTech sansantech
PRO
2
1.1k
AWSを利用する上で知っておきたい名前解決のはなし(10分版)
Avatar for nagisa_53 nagisa53
10
3.3k
Create Ruby native extension gem with Go
Avatar for sue445 sue445
0
160

Featured

See All Featured
Site-Speed That Sticks
Avatar for Harry Roberts csswizardry
10
830
Music & Morning Musume
Avatar for Bryan Veloso bryan
46
6.8k
Java REST API Framework Comparison - PWX 2021
Avatar for Matt Raible mraible
33
8.8k
We Have a Design System, Now What?
Avatar for Morgane Peng morganepeng
53
7.8k
Large-scale JavaScript Application Architecture
Avatar for Addy Osmani addyosmani
513
110k
Being A Developer After 40
Avatar for Adrian Kosmaczewski akosma
90
590k
Fireside Chat
Avatar for paigeccino paigeccino
39
3.6k
Product Roadmaps are Hard
Avatar for C. Todd Lombardo iamctodd
PRO
54
11k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
Avatar for mongodb mongodb
48
9.7k
Improving Core Web Vitals using Speculation Rules API
Avatar for Sergey Chernyshev sergeychernyshev
18
1.1k
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
53
8.9k
A Tale of Four Properties
Avatar for Chris Coyier chriscoyier
160
23k

Transcript

  1. None

  2. Bug Bounty: Do and Don’t @r_u_l_l_y For Educational Purpose Only

  3. None

  4. https://about.me/r_u_l_l_y

  5. Bug bounty

  6. February 2019

  7. None
  8. None

  9. Bug report

  10. Bounty hunters

  11. None
  12. None

  13. Previous reports

  14. Duplicate

  15. They report

  16. E-mail

  17. Private chat

  18. Customer care

  19. The form

  20. Text

  21. Screenshots

  22. Docx

  23. PDF

  24. Video

  25. From all of that

  26. One

  27. None

  28. Sample cases

  29. None
  30. None

  31. 6 minutes later

  32. None
  33. None
  34. None
  35. None

  36. Proper report

  37. Description

  38. Impact

  39. Recommendation

  40. Severity

  41. OWASP Risk Rating

  42. CVSS v3.1

  43. Proof of Concept

  44. Bug bounty program?

  45. None

  46. Want to report?

  47. [email protected]

  48. Thank you