Null Humla - How to do well in Bug Bounty programs
By Null Hyderabad
Date and time
Saturday, May 24, 2014 · 10am - 2pm GMT+5:30
Location
Will be mailed to selected participants
Hyderabad, AP IndiaDescription
Null Humla - How to do well/start Bug Bounty Hunting
This will be a humla session on bug bounty and we will have a live hands on session on how to begin with bug hunting over the internet. Also, we would be discussing few tips and techniques by which a security analyst can be a better bug hunter. The speaker would share few of his POCs and experiences on the various bug bounty programs on web applications.
Topic:
1. Introduction to various Bug Bounty programs
2. Finding the right domain to start hunting
3. Information Gathering
4. Discovering vulnerabilities
5. Multitasking with various free vulnerability scanners
6. Generating and submitting POCs without violating bug bounty rules
7. Special discussion on how to submit potential RCEs based on various CVEs.
8. Case studies or POCs
Pre-requisite:
1. Back Track/ Samurai WTF Installed laptop ( VMs will be fine as well )
2. OWASP Top -10 knowledge
3. Basic WAPT terminologies
4. Should be able to differentiate between 0 and o
Humla Champion Bio:
Abhijeth Dugginapeddi:
Abhijeth is a 23 year old security consultant working in Tata Consultancy Services. His interest in this domain started when he was 14 year old, the innate curiosity of his, made him explore many things and share them with his peers. He has found vulnerabilities in 1400 web applications, the top ones being Google, Yahoo, Microsoft, Amazon, at&t, Juniper, HDFC, ICICI ,ETSY. During his B.tech, along with handling freelance projects, he has also trained around 10,000 students by conducting various workshops in Andhra Pradesh.