Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Bug Bounty: Do and Don’t
Search
Raden Ardiansyah Natakusumah
August 30, 2019
Technology
0
61
Bug Bounty: Do and Don’t
Raden Ardiansyah Natakusumah
August 30, 2019
Tweet
Share
More Decks by Raden Ardiansyah Natakusumah
See All by Raden Ardiansyah Natakusumah
Security stories in online payment company
rully
0
25
Protect your business with PCI DSS
rully
0
39
Intrusion Prevention System based on Machine Learning
rully
0
160
PCI DSS Security Awareness
rully
0
160
Other Decks in Technology
See All in Technology
ソフトウェアテストのAI活用_ver1.25
fumisuke
1
620
20250708オープンエンドな探索と知識発見
sakana_ai
PRO
4
1.1k
Four Keysから始める信頼性の改善 - SRE NEXT 2025
ozakikota
0
420
LLM拡張解体新書/llm-extension-deep-dive
oracle4engineer
PRO
24
6.6k
Autify Company Deck
autifyhq
2
44k
今だから言えるセキュリティLT_Wordpress5.7.2未満を一斉アップデートせよ
cuebic9bic
2
170
cdk initで生成されるあのファイル達は何なのか/cdk-init-generated-files
tomoki10
1
680
SRE不在の開発チームが障害対応と 向き合った100日間 / 100 days dealing with issues without SREs
shin1988
2
2.1k
How Do I Contact Jetblue Airlines® Reservation Number: Fast Support Guide
thejetblueairhelpsupport
0
150
Introduction to Bill One Development Engineer
sansan33
PRO
0
270
An introduction to Claude Code SDK
choplin
2
1.5k
ClaudeCode_vs_GeminiCLI_Terraformで比較してみた
tkikuchi
1
2.4k
Featured
See All Featured
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
16k
Building Flexible Design Systems
yeseniaperezcruz
328
39k
How GitHub (no longer) Works
holman
314
140k
Imperfection Machines: The Place of Print at Facebook
scottboms
267
13k
Building an army of robots
kneath
306
45k
GitHub's CSS Performance
jonrohan
1031
460k
Rebuilding a faster, lazier Slack
samanthasiow
83
9.1k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
251
21k
How to train your dragon (web standard)
notwaldorf
96
6.1k
Building a Modern Day E-commerce SEO Strategy
aleyda
42
7.4k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
1.8k
The Cult of Friendly URLs
andyhume
79
6.5k
Transcript
None
Bug Bounty: Do and Don’t @r_u_l_l_y For Educational Purpose Only
None
https://about.me/r_u_l_l_y
Bug bounty
February 2019
None
None
Bug report
Bounty hunters
None
None
Previous reports
Duplicate
They report
E-mail
Private chat
Customer care
The form
Text
Screenshots
Docx
PDF
Video
From all of that
One
None
Sample cases
None
None
6 minutes later
None
None
None
None
Proper report
Description
Impact
Recommendation
Severity
OWASP Risk Rating
CVSS v3.1
Proof of Concept
Bug bounty program?
None
Want to report?
[email protected]
Thank you
rully
fumisuke
%20(1).jpg){kind=avatar}
sakana_ai
ozakikota
oracle4engineer
autifyhq
cuebic9bic
tomoki10
shin1988
thejetblueairhelpsupport
sansan33
choplin
tkikuchi
afnizarnur
yeseniaperezcruz
holman
scottboms
kneath
jonrohan
samanthasiow
smashingmag
notwaldorf
aleyda
bluesmoon
andyhume
![[email protected]](https://files.speakerdeck.com/presentations/d3a5dfd04266466ab6d8761eab4cdecb/slide_46.jpg){kind=link}
