Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Bug Bounty: Do and Don’t

Avatar for Raden Ardiansyah Natakusumah Raden Ardiansyah Natakusumah
August 30, 2019
Technology
0
62

Bug Bounty: Do and Don’t

Avatar for Raden Ardiansyah Natakusumah

Raden Ardiansyah Natakusumah

August 30, 2019
Tweet

More Decks by Raden Ardiansyah Natakusumah

See All by Raden Ardiansyah Natakusumah
Security stories in online payment company
Avatar for Raden Ardiansyah Natakusumah rully
0
26
Protect your business with PCI DSS
Avatar for Raden Ardiansyah Natakusumah rully
0
42
Intrusion Prevention System based on Machine Learning
Avatar for Raden Ardiansyah Natakusumah rully
0
160
PCI DSS Security Awareness
Avatar for Raden Ardiansyah Natakusumah rully
0
160

Other Decks in Technology

See All in Technology
予期せぬコストの急増を障害のように扱う――「コスト版ポストモーテム」の導入とその後の改善
Avatar for Masahiro Yoshizawa muziyoshiz
1
1.9k
超初心者からでも大丈夫!オープンソース半導体の楽しみ方〜今こそ!オレオレチップをつくろう〜
Avatar for Yamada3 keropiyo
0
110
名刺メーカーDevグループ 紹介資料
Avatar for Sansan, Inc. sansan33
PRO
0
1k
AIと新時代を切り拓く。これからのSREとメルカリIBISの挑戦
Avatar for ktykogm 0gm
0
930
SREが向き合う大規模リアーキテクチャ 〜信頼性とアジリティの両立〜
Avatar for Kuniaki Moriya zepprix
0
450
Context Engineeringの取り組み
Avatar for nutslove nutslove
0
340
Greatest Disaster Hits in Web Performance
Avatar for Estela Franco guaca
0
250
SREチームをどう作り、どう育てるか ― Findy横断SREのマネジメント
Avatar for adachi.ryo rvirus0817
0
250
20260204_Midosuji_Tech
Avatar for Takuya Yonezawa takuyay0ne
1
160
SREじゃなかった僕らがenablingを通じて「SRE実践者」になるまでのリアル / SRE Kaigi 2026
Avatar for AEON aeonpeople
6
2.3k
データの整合性を保ちたいだけなんだ
Avatar for ShoheiMitani shoheimitani
8
3.1k
今日から始める Amazon Bedrock AgentCore
Avatar for Har1101 har1101
4
410

Featured

See All Featured
Highjacked: Video Game Concept Design
Avatar for Ryan Kendrick rkendrick25
PRO
1
290
Unlocking the hidden potential of vector embeddings in international SEO
Avatar for Frank van Dijk frankvandijk
0
170
Agile that works and the tools we love
Avatar for Rasmus Luckow-Nielsen rasmusluckow
331
21k
So, you think you're a good person
Avatar for Per Axbom axbom
PRO
2
1.9k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
Avatar for Chris Coyier chriscoyier
508
140k
How Software Deployment tools have changed in the past 20 years
Avatar for Geshan Manandhar geshan
0
32k
Leadership Guide Workshop - DevTernity 2021
Avatar for David Neal reverentgeek
1
200
Redefining SEO in the New Era of Traffic Generation
Avatar for Szymon szymonslowik
1
210
The Organizational Zoo: Understanding Human Behavior Agility Through Metaphoric Constructive Conversations (based on the works of Arthur Shelley, Ph.D)
Avatar for Dr. Kim W Petersen kimpetersen
PRO
0
240
Dealing with People You Can't Stand - Big Design 2015
Avatar for Cassini Nazir cassininazir
367
27k
Evolving SEO for Evolving Search Engines
Avatar for Ryan Jones ryanjones
0
120
Making Projects Easy
Avatar for Brett Harned brettharned
120
6.6k

Transcript

  1. None

  2. Bug Bounty: Do and Don’t @r_u_l_l_y For Educational Purpose Only

  3. None

  4. https://about.me/r_u_l_l_y

  5. Bug bounty

  6. February 2019

  7. None
  8. None

  9. Bug report

  10. Bounty hunters

  11. None
  12. None

  13. Previous reports

  14. Duplicate

  15. They report

  16. E-mail

  17. Private chat

  18. Customer care

  19. The form

  20. Text

  21. Screenshots

  22. Docx

  23. PDF

  24. Video

  25. From all of that

  26. One

  27. None

  28. Sample cases

  29. None
  30. None

  31. 6 minutes later

  32. None
  33. None
  34. None
  35. None

  36. Proper report

  37. Description

  38. Impact

  39. Recommendation

  40. Severity

  41. OWASP Risk Rating

  42. CVSS v3.1

  43. Proof of Concept

  44. Bug bounty program?

  45. None

  46. Want to report?

  47. [email protected]

  48. Thank you