Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Bug Bounty: Do and Don’t
Search
Raden Ardiansyah Natakusumah
August 30, 2019
Technology
0
62
Bug Bounty: Do and Don’t
Raden Ardiansyah Natakusumah
August 30, 2019
Tweet
Share
More Decks by Raden Ardiansyah Natakusumah
See All by Raden Ardiansyah Natakusumah
Security stories in online payment company
rully
0
26
Protect your business with PCI DSS
rully
0
42
Intrusion Prevention System based on Machine Learning
rully
0
160
PCI DSS Security Awareness
rully
0
160
Other Decks in Technology
See All in Technology
予期せぬコストの急増を障害のように扱う――「コスト版ポストモーテム」の導入とその後の改善
muziyoshiz
1
1.9k
Bill One 開発エンジニア 紹介資料
sansan33
PRO
4
17k
Contract One Engineering Unit 紹介資料
sansan33
PRO
0
13k
Oracle Cloud Observability and Management Platform - OCI 運用監視サービス概要 -
oracle4engineer
PRO
2
14k
Webhook best practices for rock solid and resilient deployments
glaforge
1
290
20260204_Midosuji_Tech
takuyay0ne
1
160
Sansan Engineering Unit 紹介資料
sansan33
PRO
1
3.8k
Context Engineeringの取り組み
nutslove
0
340
Amazon Bedrock Knowledge Basesチャンキング解説!
aoinoguchi
0
140
All About Sansan – for New Global Engineers
sansan33
PRO
1
1.3k
Claude_CodeでSEOを最適化する_AI_Ops_Community_Vol.2__マーケティングx_AIはここまで進化した.pdf
riku_423
2
570
Introduction to Bill One Development Engineer
sansan33
PRO
0
360
Featured
See All Featured
Embracing the Ebb and Flow
colly
88
5k
Agile Leadership in an Agile Organization
kimpetersen
PRO
0
82
4 Signs Your Business is Dying
shpigford
187
22k
SEOcharity - Dark patterns in SEO and UX: How to avoid them and build a more ethical web
sarafernandez
0
120
So, you think you're a good person
axbom
PRO
2
1.9k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
16
1.8k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.8k
The Illustrated Guide to Node.js - THAT Conference 2024
reverentgeek
0
260
JAMstack: Web Apps at Ludicrous Speed - All Things Open 2022
reverentgeek
1
340
My Coaching Mixtape
mlcsv
0
48
The Cult of Friendly URLs
andyhume
79
6.8k
Transcript
None
Bug Bounty: Do and Don’t @r_u_l_l_y For Educational Purpose Only
None
https://about.me/r_u_l_l_y
Bug bounty
February 2019
None
None
Bug report
Bounty hunters
None
None
Previous reports
Duplicate
They report
E-mail
Private chat
Customer care
The form
Text
Screenshots
Docx
PDF
Video
From all of that
One
None
Sample cases
None
None
6 minutes later
None
None
None
None
Proper report
Description
Impact
Recommendation
Severity
OWASP Risk Rating
CVSS v3.1
Proof of Concept
Bug bounty program?
None
Want to report?
[email protected]
Thank you
rully
muziyoshiz
sansan33
oracle4engineer
glaforge
takuyay0ne
nutslove
aoinoguchi
riku_423
colly
kimpetersen
shpigford
sarafernandez
axbom
reverentgeek
cassininazir
mlcsv
andyhume
![[email protected]](https://files.speakerdeck.com/presentations/d3a5dfd04266466ab6d8761eab4cdecb/slide_46.jpg){kind=link}
