A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Everybody gets clickjacked: Hard knock lessons on bug bounties - Jonathan Cran Derbycon 2014 (Hacking Illustrated Series InfoSec Tutorial Videos)

Everybody gets clickjacked: Hard knock lessons on bug bounties
Jonathan Cran
Derbycon 2014

Ever wondered what kind of bugs are submitted to a bug bounty? Ever wanted to know how it feels to be extorted by a 15yr old kid in Bulgaria? What happens when you submit an RCE in a database server- but.. it’s out of scope!?! What do you do when you start a bounty and your entire application stack is compromised... 30 minutes after you begin? Distilling 15- 000 submissions and a whole lot of stories down into lessons for bug bounty providers and researchers alike- the presenter provides a unique perspective. Join us for a journey through the world of bug bounties and walk away armed with insider knowledge.

Back to Derbycon 2014 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast