SlideShare ist ein Scribd-Unternehmen logo

Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and Abroad

M
Mazin Ahmed

Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and Abroad http://blog.mazinahmed.net/2016/10/bug-bounty-hunting-swiss-cyber-storm.html

Technologie
1 von 49
Downloaden Sie, um offline zu lesen
B B H C R By: Mazin Ahmed @mazen160 mazin AT mazinahmed DOT net Bounty Hunting in Sudan and Abroad
WHO AM I? Mazin Ahmed – Freelancing Information Security Specialist / Penetration Tester – Freelancing Security Researcher at Bugcrowd, Inc – Security Contributor at ProtonMail – Interested in web-security, networks-security, WAF evasions, mobile-security, responsible disclosure, and software automation. – One of top 50 researchers at Bugcrowd out of 37,000+ researchers. – Acknowledged by Facebook, Twitter, Oracle, LinkedIn, and many… You can read more at https://mazinahmed.net
And I have contributed to the security of the following:
BUG BOUNTY PLATFORMS PROCESS AGENDA MY STORY WHAT ARE BUG BOUNTY PROGRAM? BUG BOUNTY PROGRAM (HISTORY) WHY BUG BOUNTY PROGRAMS? POPULAR BUG BOUNTY PLATFORMS SELF-HOSTED BUG BOUNTY PROGRAM TIPS & NOTES • RESPONSIBLE DISCLOSURE PROGRAM VS. BUG BOUNTY PROGRAM WHAT HAPPENS AFTER STARTING BUG BOUNTY COMMON PITFALLS/MISTAKES COOL FINDINGS INFOSEC, BUG HUNTING IN SUDAN & THE MIDDLE EAST ACKNOWLEDGEMENTS QUESTIONS
• First ever public bug bounty platform. • 37,000+ researchers/hackers. • Largest-ever security team. • Offers managed – unmanaged - on-going - time-limited – public - private bug bounties.
• A “security inbox” for companies, and a bug bounty platform. • The client handles the submissions validating process. • Around 3700 researchers were thanked in the platform.
• Only hires the best of best. • requiring written exams, practical exams, and background-checks for researchers. • Larger payouts than its competitors. • Private number of researchers, private clients.
• Bug Bounty Platform + Crowdsourced Pentesting Services. • Different pentesting + bounties services. • A team of 5000 researchers, 200 vetted researchers, 329 submitted valid reports.
• Amsterdam-based bug bounty platform. • Invite-only platform for researchers. • Around 100 chosen researchers. • Handles all reports (aka managed bounty programs). • Run scanners on systems to find hanging fruits before launching the program.
• Can be done by handling reports by emails, forms, etc... • Less opportunity of having hackers noticing it, (unless the company is very well-known) • Example: Facebook, Google, PayPal, United Airlines) • Bugcrowd hosts a list of self-hosted bounty programs https://bugcrowd.com/list-of-bug-bounty-programs https://firebounty.com
• Bug Bounties do not replace traditional security assessment. • Before getting into bug bounties: – Evaluate your systems and networks. – Perform internal vulnerability assessments – Fix everything!
Vs Responsible Disclosure Program Bug Bounty Program Vs
[Preferably] Start with a bug bounty platform. check with bug bounty platforms support. Write an explicit and clear bounty brief. When getting into bug bounties
Bug Bounty Platforms Process
When you receive a submission, respond with an acknowledgment. Try to fix issues ASAP.Payouts are vital part!
Tips & Notes (for Researchers)
• Bug bounty program is NOT a way to get free or almost-free pentests.
Common Pitfalls/Mistakes
Common Pitfalls/Mistakes • Not paying researchers, while having a full bounty program, aka playing dodgy with researchers. – Some companies actually do that! Example: Yandex
Common Pitfalls/Mistakes Example: Yandex Check: http://www.rafayhackingarticles.net/2012/10/yandex-bug-bounty-program-is-it-worth.html
Common Pitfalls/Mistakes Internal Policies Issues To fix or not? to reward or not??
Internal Policies Issues
Cool Findings “The Fun Part” Cool Findings “The Fun Part” 
Why? Because we are in Switzerland!
• One day, I woke-up, and I said to myself, let’s hack Symantec! • Of course, Symantec has a responsible disclosure policy that I follow.
Bug #1: Backup-File Artifacts on nortonmail.Symantec.com
Bug #2: Multiple SQL Injection Vulnerabilities #1
Bug #2: Multiple SQL Injection Vulnerabilities #2
Dumb the DB Get root (the server used deprecated and vulnerable kernel) Access the CMS as Admin Reverse TCP connecti on to my box Upload a web-shell Crack (if hashed) Get password Exploit SQLI Report it to vendor. DONE Plan There was a CMS on the same web environment
Executing the Plan Found that I have access to 61 databases! I Immediately stopped, and report it without exploitation. Just imagine if I was a bad guy
How is it like to be a bug bounty hunter from the middle east? How is the knowledge level in IT security in the Middle-East?
How powerful are Arabian BlackHat Hackers? • When it comes to defacing public property, they get crazy. • Motivated by: politics, human-rights, money, and ego. • Seriously, don’t underestimate their powers, don’t mess with them, you won’t like the outcome! Note: I do not support any form of unethical hacking by no means
• Christian Folini - @ChrFolini • Bernhard Tellenbach • @SwissCyberStorm Team and everyone for attending and listening!
Questions? Mazin Ahmed Twitter: @mazen160 Email: mazin AT mazinahmed DOT net Website: https://mazinahmed.net LinkedIn: https://linkedin.com/in/infosecmazinahmed

Empfohlen

Hackfest presentation.pptx
Hackfest presentation.pptxHackfest presentation.pptx
Hackfest presentation.pptxPeter Yaworski
 
Bug Bounty - Play For Money
Bug Bounty - Play For MoneyBug Bounty - Play For Money
Bug Bounty - Play For MoneyShubham Gupta
 
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin AhmedBackup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin AhmedMazin Ahmed
 
Bug Bounty - Hackers Job
Bug Bounty - Hackers JobBug Bounty - Hackers Job
Bug Bounty - Hackers JobArbin Godar
 
Bug bounty null_owasp_2k17
Bug bounty null_owasp_2k17Bug bounty null_owasp_2k17
Bug bounty null_owasp_2k17Sagar M Parmar
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameAbhinav Mishra
 
How to do well in Bug bounty programs. Presentation at @nullhyd by Abhijeth
How to do well in Bug bounty programs. Presentation at @nullhyd by AbhijethHow to do well in Bug bounty programs. Presentation at @nullhyd by Abhijeth
How to do well in Bug bounty programs. Presentation at @nullhyd by AbhijethAbhijeth D
 
Bug Bounty Secrets
Bug Bounty Secrets Bug Bounty Secrets
Bug Bounty Secrets n|u - The Open Security Community
 

Empfohlen

Hackfest presentation.pptx
Hackfest presentation.pptxHackfest presentation.pptx
Hackfest presentation.pptxPeter Yaworski
 
Bug Bounty - Play For Money
Bug Bounty - Play For MoneyBug Bounty - Play For Money
Bug Bounty - Play For MoneyShubham Gupta
 
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin AhmedBackup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin AhmedMazin Ahmed
 
Bug Bounty - Hackers Job
Bug Bounty - Hackers JobBug Bounty - Hackers Job
Bug Bounty - Hackers JobArbin Godar
 
Bug bounty null_owasp_2k17
Bug bounty null_owasp_2k17Bug bounty null_owasp_2k17
Bug bounty null_owasp_2k17Sagar M Parmar
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameAbhinav Mishra
 
How to do well in Bug bounty programs. Presentation at @nullhyd by Abhijeth
How to do well in Bug bounty programs. Presentation at @nullhyd by AbhijethHow to do well in Bug bounty programs. Presentation at @nullhyd by Abhijeth
How to do well in Bug bounty programs. Presentation at @nullhyd by AbhijethAbhijeth D
 
Bug Bounty Secrets
Bug Bounty Secrets Bug Bounty Secrets
Bug Bounty Secrets n|u - The Open Security Community
 
Bug Bounty Hunter's Manifesto V1.0
Bug Bounty Hunter's Manifesto V1.0Bug Bounty Hunter's Manifesto V1.0
Bug Bounty Hunter's Manifesto V1.0Dinesh O Bareja
 
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016Frans Rosén
 
Bug Bounty #Defconlucknow2016
Bug Bounty #Defconlucknow2016Bug Bounty #Defconlucknow2016
Bug Bounty #Defconlucknow2016Shubham Gupta
 
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...HackerOne
 
LKNOG3 - Bug Bounty
LKNOG3 - Bug BountyLKNOG3 - Bug Bounty
LKNOG3 - Bug BountyLKNOG
 
How to steal and modify data using Business Logic flaws - Insecure Direct Obj...
How to steal and modify data using Business Logic flaws - Insecure Direct Obj...How to steal and modify data using Business Logic flaws - Insecure Direct Obj...
How to steal and modify data using Business Logic flaws - Insecure Direct Obj...Frans Rosén
 
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012Nir Goldshlager
 
Writing vuln reports that maximize payouts - Nullcon 2016
Writing vuln reports that maximize payouts - Nullcon 2016Writing vuln reports that maximize payouts - Nullcon 2016
Writing vuln reports that maximize payouts - Nullcon 2016bugcrowd
 
5 Tips to Successfully Running a Bug Bounty Program
5 Tips to Successfully Running a Bug Bounty Program5 Tips to Successfully Running a Bug Bounty Program
5 Tips to Successfully Running a Bug Bounty Programbugcrowd
 
Sucuri Webinar: How Websites Get Hacked
Sucuri Webinar: How Websites Get HackedSucuri Webinar: How Websites Get Hacked
Sucuri Webinar: How Websites Get HackedSucuri
 
2018 Hacked Website Trends
2018 Hacked Website Trends2018 Hacked Website Trends
2018 Hacked Website TrendsSucuri
 
What Are the Most Common Types of Hacks?
What Are the Most Common Types of Hacks?What Are the Most Common Types of Hacks?
What Are the Most Common Types of Hacks?Sucuri
 
Steps to Keep Your Site Clean
Steps to Keep Your Site CleanSteps to Keep Your Site Clean
Steps to Keep Your Site CleanSucuri
 
Android "Fight Club" : In pursuit of APPiness -- null Humla Delhi Chapter
Android "Fight Club" : In pursuit of APPiness -- null Humla Delhi ChapterAndroid "Fight Club" : In pursuit of APPiness -- null Humla Delhi Chapter
Android "Fight Club" : In pursuit of APPiness -- null Humla Delhi ChapterAbhinav Mishra
 
Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Sucuri
 
Sucuri Webinar: How to clean hacked WordPress sites
Sucuri Webinar: How to clean hacked WordPress sitesSucuri Webinar: How to clean hacked WordPress sites
Sucuri Webinar: How to clean hacked WordPress sitesSucuri
 
Rafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack ChainRafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack Chaincentralohioissa
 
Sucuri Webinar: Website Security Primer for Digital Marketers
Sucuri Webinar: Website Security Primer for Digital MarketersSucuri Webinar: Website Security Primer for Digital Marketers
Sucuri Webinar: Website Security Primer for Digital MarketersSucuri
 
Overview of information security
Overview of information securityOverview of information security
Overview of information securityAskao Ahmed Saad
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!Ammar WK
 
Basics of getting Into Bug Bounty Hunting
Basics of getting Into Bug Bounty HuntingBasics of getting Into Bug Bounty Hunting
Basics of getting Into Bug Bounty HuntingMuhammad Khizer Javed
 
Thinking Outside the Sand[box]
Thinking Outside the Sand[box]Thinking Outside the Sand[box]
Thinking Outside the Sand[box]Juniper Networks
 

Weitere ähnliche Inhalte

Was ist angesagt?

Bug Bounty Hunter's Manifesto V1.0
Bug Bounty Hunter's Manifesto V1.0Bug Bounty Hunter's Manifesto V1.0
Bug Bounty Hunter's Manifesto V1.0Dinesh O Bareja
 
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016Frans Rosén
 
Bug Bounty #Defconlucknow2016
Bug Bounty #Defconlucknow2016Bug Bounty #Defconlucknow2016
Bug Bounty #Defconlucknow2016Shubham Gupta
 
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...HackerOne
 
LKNOG3 - Bug Bounty
LKNOG3 - Bug BountyLKNOG3 - Bug Bounty
LKNOG3 - Bug BountyLKNOG
 
How to steal and modify data using Business Logic flaws - Insecure Direct Obj...
How to steal and modify data using Business Logic flaws - Insecure Direct Obj...How to steal and modify data using Business Logic flaws - Insecure Direct Obj...
How to steal and modify data using Business Logic flaws - Insecure Direct Obj...Frans Rosén
 
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012Nir Goldshlager
 
Writing vuln reports that maximize payouts - Nullcon 2016
Writing vuln reports that maximize payouts - Nullcon 2016Writing vuln reports that maximize payouts - Nullcon 2016
Writing vuln reports that maximize payouts - Nullcon 2016bugcrowd
 
5 Tips to Successfully Running a Bug Bounty Program
5 Tips to Successfully Running a Bug Bounty Program5 Tips to Successfully Running a Bug Bounty Program
5 Tips to Successfully Running a Bug Bounty Programbugcrowd
 
Sucuri Webinar: How Websites Get Hacked
Sucuri Webinar: How Websites Get HackedSucuri Webinar: How Websites Get Hacked
Sucuri Webinar: How Websites Get HackedSucuri
 
2018 Hacked Website Trends
2018 Hacked Website Trends2018 Hacked Website Trends
2018 Hacked Website TrendsSucuri
 
What Are the Most Common Types of Hacks?
What Are the Most Common Types of Hacks?What Are the Most Common Types of Hacks?
What Are the Most Common Types of Hacks?Sucuri
 
Steps to Keep Your Site Clean
Steps to Keep Your Site CleanSteps to Keep Your Site Clean
Steps to Keep Your Site CleanSucuri
 
Android "Fight Club" : In pursuit of APPiness -- null Humla Delhi Chapter
Android "Fight Club" : In pursuit of APPiness -- null Humla Delhi ChapterAndroid "Fight Club" : In pursuit of APPiness -- null Humla Delhi Chapter
Android "Fight Club" : In pursuit of APPiness -- null Humla Delhi ChapterAbhinav Mishra
 
Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Sucuri
 
Sucuri Webinar: How to clean hacked WordPress sites
Sucuri Webinar: How to clean hacked WordPress sitesSucuri Webinar: How to clean hacked WordPress sites
Sucuri Webinar: How to clean hacked WordPress sitesSucuri
 
Rafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack ChainRafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack Chaincentralohioissa
 
Sucuri Webinar: Website Security Primer for Digital Marketers
Sucuri Webinar: Website Security Primer for Digital MarketersSucuri Webinar: Website Security Primer for Digital Marketers
Sucuri Webinar: Website Security Primer for Digital MarketersSucuri
 
Overview of information security
Overview of information securityOverview of information security
Overview of information securityAskao Ahmed Saad
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!Ammar WK
 

Was ist angesagt? (20)

Bug Bounty Hunter's Manifesto V1.0
Bug Bounty Hunter's Manifesto V1.0Bug Bounty Hunter's Manifesto V1.0
Bug Bounty Hunter's Manifesto V1.0
 
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
 
Bug Bounty #Defconlucknow2016
Bug Bounty #Defconlucknow2016Bug Bounty #Defconlucknow2016
Bug Bounty #Defconlucknow2016
 
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...
 
LKNOG3 - Bug Bounty
LKNOG3 - Bug BountyLKNOG3 - Bug Bounty
LKNOG3 - Bug Bounty
 
How to steal and modify data using Business Logic flaws - Insecure Direct Obj...
How to steal and modify data using Business Logic flaws - Insecure Direct Obj...How to steal and modify data using Business Logic flaws - Insecure Direct Obj...
How to steal and modify data using Business Logic flaws - Insecure Direct Obj...
 
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012
Nir goldshlager Killing a bug bounty program - twice Hack In The Box 2012
 
Writing vuln reports that maximize payouts - Nullcon 2016
Writing vuln reports that maximize payouts - Nullcon 2016Writing vuln reports that maximize payouts - Nullcon 2016
Writing vuln reports that maximize payouts - Nullcon 2016
 
5 Tips to Successfully Running a Bug Bounty Program
5 Tips to Successfully Running a Bug Bounty Program5 Tips to Successfully Running a Bug Bounty Program
5 Tips to Successfully Running a Bug Bounty Program
 
Sucuri Webinar: How Websites Get Hacked
Sucuri Webinar: How Websites Get HackedSucuri Webinar: How Websites Get Hacked
Sucuri Webinar: How Websites Get Hacked
 
2018 Hacked Website Trends
2018 Hacked Website Trends2018 Hacked Website Trends
2018 Hacked Website Trends
 
What Are the Most Common Types of Hacks?
What Are the Most Common Types of Hacks?What Are the Most Common Types of Hacks?
What Are the Most Common Types of Hacks?
 
Steps to Keep Your Site Clean
Steps to Keep Your Site CleanSteps to Keep Your Site Clean
Steps to Keep Your Site Clean
 
Android "Fight Club" : In pursuit of APPiness -- null Humla Delhi Chapter
Android "Fight Club" : In pursuit of APPiness -- null Humla Delhi ChapterAndroid "Fight Club" : In pursuit of APPiness -- null Humla Delhi Chapter
Android "Fight Club" : In pursuit of APPiness -- null Humla Delhi Chapter
 
Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?
 
Sucuri Webinar: How to clean hacked WordPress sites
Sucuri Webinar: How to clean hacked WordPress sitesSucuri Webinar: How to clean hacked WordPress sites
Sucuri Webinar: How to clean hacked WordPress sites
 
Rafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack ChainRafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack Chain
 
Sucuri Webinar: Website Security Primer for Digital Marketers
Sucuri Webinar: Website Security Primer for Digital MarketersSucuri Webinar: Website Security Primer for Digital Marketers
Sucuri Webinar: Website Security Primer for Digital Marketers
 
Overview of information security
Overview of information securityOverview of information security
Overview of information security
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!
 

Ähnlich wie Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and Abroad

Basics of getting Into Bug Bounty Hunting
Basics of getting Into Bug Bounty HuntingBasics of getting Into Bug Bounty Hunting
Basics of getting Into Bug Bounty HuntingMuhammad Khizer Javed
 
Thinking Outside the Sand[box]
Thinking Outside the Sand[box]Thinking Outside the Sand[box]
Thinking Outside the Sand[box]Juniper Networks
 
Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6Chinatu Uzuegbu
 
Webinar - Tips and Tricks on Website Security
Webinar - Tips and Tricks on Website SecurityWebinar - Tips and Tricks on Website Security
Webinar - Tips and Tricks on Website SecurityStopTheHacker
 
Pentesting Tips: Beyond Automated Testing
Pentesting Tips: Beyond Automated TestingPentesting Tips: Beyond Automated Testing
Pentesting Tips: Beyond Automated TestingAndrew McNicol
 
ACRNA Webinar #5: Cyber Security – The Unlikely Romance
ACRNA Webinar #5: Cyber Security – The Unlikely RomanceACRNA Webinar #5: Cyber Security – The Unlikely Romance
ACRNA Webinar #5: Cyber Security – The Unlikely RomanceCasey Ellis
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Vasile
 
Defcamp 2013 - Does it pay to be a blackhat hacker
Defcamp 2013 - Does it pay to be a blackhat hackerDefcamp 2013 - Does it pay to be a blackhat hacker
Defcamp 2013 - Does it pay to be a blackhat hackerDefCamp
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Claus Cramon Houmann
 
Bug bounties - cén scéal?
Bug bounties - cén scéal?Bug bounties - cén scéal?
Bug bounties - cén scéal?Ciaran McNally
 
The most dangerous places on the web
The most dangerous places on the webThe most dangerous places on the web
The most dangerous places on the webJoel May
 
Watchtowers of the Internet - Source Boston 2012
Watchtowers of the Internet - Source Boston 2012Watchtowers of the Internet - Source Boston 2012
Watchtowers of the Internet - Source Boston 2012Stephan Chenette
 
PoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryPoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryInvincea, Inc.
 
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...Orbid
 
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdBeyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdNipun Jaswal
 
Web Application Security And Getting Into Bug Bounties
Web Application Security And Getting Into Bug BountiesWeb Application Security And Getting Into Bug Bounties
Web Application Security And Getting Into Bug Bountieskunwaratul hax0r
 

Ähnlich wie Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and Abroad (20)

Basics of getting Into Bug Bounty Hunting
Basics of getting Into Bug Bounty HuntingBasics of getting Into Bug Bounty Hunting
Basics of getting Into Bug Bounty Hunting
 
Thinking Outside the Sand[box]
Thinking Outside the Sand[box]Thinking Outside the Sand[box]
Thinking Outside the Sand[box]
 
Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6
 
Webinar - Tips and Tricks on Website Security
Webinar - Tips and Tricks on Website SecurityWebinar - Tips and Tricks on Website Security
Webinar - Tips and Tricks on Website Security
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
 
Pentesting Tips: Beyond Automated Testing
Pentesting Tips: Beyond Automated TestingPentesting Tips: Beyond Automated Testing
Pentesting Tips: Beyond Automated Testing
 
ACRNA Webinar #5: Cyber Security – The Unlikely Romance
ACRNA Webinar #5: Cyber Security – The Unlikely RomanceACRNA Webinar #5: Cyber Security – The Unlikely Romance
ACRNA Webinar #5: Cyber Security – The Unlikely Romance
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
 
Defcamp 2013 - Does it pay to be a blackhat hacker
Defcamp 2013 - Does it pay to be a blackhat hackerDefcamp 2013 - Does it pay to be a blackhat hacker
Defcamp 2013 - Does it pay to be a blackhat hacker
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015
 
Bug bounties - cén scéal?
Bug bounties - cén scéal?Bug bounties - cén scéal?
Bug bounties - cén scéal?
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Bulletproof IT Security
Bulletproof IT SecurityBulletproof IT Security
Bulletproof IT Security
 
The most dangerous places on the web
The most dangerous places on the webThe most dangerous places on the web
The most dangerous places on the web
 
Watchtowers of the Internet - Source Boston 2012
Watchtowers of the Internet - Source Boston 2012Watchtowers of the Internet - Source Boston 2012
Watchtowers of the Internet - Source Boston 2012
 
PoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryPoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail Industry
 
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
 
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdBeyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
 
Web Application Security And Getting Into Bug Bounties
Web Application Security And Getting Into Bug BountiesWeb Application Security And Getting Into Bug Bounties
Web Application Security And Getting Into Bug Bounties
 

Kürzlich hochgeladen

Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 

Kürzlich hochgeladen (20)

Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 

Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and Abroad

  • 1. B B H C R By: Mazin Ahmed @mazen160 mazin AT mazinahmed DOT net Bounty Hunting in Sudan and Abroad
  • 2. WHO AM I? Mazin Ahmed – Freelancing Information Security Specialist / Penetration Tester – Freelancing Security Researcher at Bugcrowd, Inc – Security Contributor at ProtonMail – Interested in web-security, networks-security, WAF evasions, mobile-security, responsible disclosure, and software automation. – One of top 50 researchers at Bugcrowd out of 37,000+ researchers. – Acknowledged by Facebook, Twitter, Oracle, LinkedIn, and many… You can read more at https://mazinahmed.net
  • 3. And I have contributed to the security of the following:
  • 4. BUG BOUNTY PLATFORMS PROCESS AGENDA MY STORY WHAT ARE BUG BOUNTY PROGRAM? BUG BOUNTY PROGRAM (HISTORY) WHY BUG BOUNTY PROGRAMS? POPULAR BUG BOUNTY PLATFORMS SELF-HOSTED BUG BOUNTY PROGRAM TIPS & NOTES • RESPONSIBLE DISCLOSURE PROGRAM VS. BUG BOUNTY PROGRAM WHAT HAPPENS AFTER STARTING BUG BOUNTY COMMON PITFALLS/MISTAKES COOL FINDINGS INFOSEC, BUG HUNTING IN SUDAN & THE MIDDLE EAST ACKNOWLEDGEMENTS QUESTIONS
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12. • First ever public bug bounty platform. • 37,000+ researchers/hackers. • Largest-ever security team. • Offers managed – unmanaged - on-going - time-limited – public - private bug bounties.
  • 13. • A “security inbox” for companies, and a bug bounty platform. • The client handles the submissions validating process. • Around 3700 researchers were thanked in the platform.
  • 14. • Only hires the best of best. • requiring written exams, practical exams, and background-checks for researchers. • Larger payouts than its competitors. • Private number of researchers, private clients.
  • 15. • Bug Bounty Platform + Crowdsourced Pentesting Services. • Different pentesting + bounties services. • A team of 5000 researchers, 200 vetted researchers, 329 submitted valid reports.
  • 16. • Amsterdam-based bug bounty platform. • Invite-only platform for researchers. • Around 100 chosen researchers. • Handles all reports (aka managed bounty programs). • Run scanners on systems to find hanging fruits before launching the program.
  • 17. • Can be done by handling reports by emails, forms, etc... • Less opportunity of having hackers noticing it, (unless the company is very well-known) • Example: Facebook, Google, PayPal, United Airlines) • Bugcrowd hosts a list of self-hosted bounty programs https://bugcrowd.com/list-of-bug-bounty-programs https://firebounty.com
  • 18.
  • 19.
  • 20. • Bug Bounties do not replace traditional security assessment. • Before getting into bug bounties: – Evaluate your systems and networks. – Perform internal vulnerability assessments – Fix everything!
  • 22. [Preferably] Start with a bug bounty platform. check with bug bounty platforms support. Write an explicit and clear bounty brief. When getting into bug bounties
  • 23.
  • 25.
  • 26. When you receive a submission, respond with an acknowledgment. Try to fix issues ASAP.Payouts are vital part!
  • 27.
  • 28. Tips & Notes (for Researchers)
  • 29.
  • 30. • Bug bounty program is NOT a way to get free or almost-free pentests.
  • 32. Common Pitfalls/Mistakes • Not paying researchers, while having a full bounty program, aka playing dodgy with researchers. – Some companies actually do that! Example: Yandex
  • 33. Common Pitfalls/Mistakes Example: Yandex Check: http://www.rafayhackingarticles.net/2012/10/yandex-bug-bounty-program-is-it-worth.html
  • 34. Common Pitfalls/Mistakes Internal Policies Issues To fix or not? to reward or not??
  • 36. Cool Findings “The Fun Part” Cool Findings “The Fun Part” 
  • 37. Why? Because we are in Switzerland!
  • 38.
  • 39. • One day, I woke-up, and I said to myself, let’s hack Symantec! • Of course, Symantec has a responsible disclosure policy that I follow.
  • 40. Bug #1: Backup-File Artifacts on nortonmail.Symantec.com
  • 41. Bug #2: Multiple SQL Injection Vulnerabilities #1
  • 42. Bug #2: Multiple SQL Injection Vulnerabilities #2
  • 43. Dumb the DB Get root (the server used deprecated and vulnerable kernel) Access the CMS as Admin Reverse TCP connecti on to my box Upload a web-shell Crack (if hashed) Get password Exploit SQLI Report it to vendor. DONE Plan There was a CMS on the same web environment
  • 44. Executing the Plan Found that I have access to 61 databases! I Immediately stopped, and report it without exploitation. Just imagine if I was a bad guy
  • 45.
  • 46. How is it like to be a bug bounty hunter from the middle east? How is the knowledge level in IT security in the Middle-East?
  • 47. How powerful are Arabian BlackHat Hackers? • When it comes to defacing public property, they get crazy. • Motivated by: politics, human-rights, money, and ego. • Seriously, don’t underestimate their powers, don’t mess with them, you won’t like the outcome! Note: I do not support any form of unethical hacking by no means
  • 48. • Christian Folini - @ChrFolini • Bernhard Tellenbach • @SwissCyberStorm Team and everyone for attending and listening!
  • 49. Questions? Mazin Ahmed Twitter: @mazen160 Email: mazin AT mazinahmed DOT net Website: https://mazinahmed.net LinkedIn: https://linkedin.com/in/infosecmazinahmed