in the future - u will be able to do some more stuff here,,,!! like pat catgirl- i mean um yeah... for now u can only see others's posts :c
All four of my Bug Bounty Hunting Methodology sheets are (mostly) done and available on my DEFCON Workshop repo! The tools and techniques I used to find every valid bug bounty report I've ever submitted are documented in these files. I hope they help, and I can't wait to see everyone at DEFCON this weekend!!
github.com/R-s0n/bug-bounty-village-defcon32-worksβ¦
84 - 5
Wouldn't it be great if the Security Teams that run Bug Bounty Programs would hop on a Livestream, explain their attack surface and show you what kinds of vulnerabilities they are looking for?
I thought so, too, so I decided to lead the way! Tomorrow at 11am CST on Twitch, I'll be hosting a livestream to walk through the FloQast Bug Bounty Program's attack surface.
I'm going to be explaining why you see what you see when you get scan results from many popular tools, what vulnerabilities we look for, and how to approach testing our application.
My goal at FloQast is to build the Bug Bounty Program I always *wished* existed when I was hunting full-time. This is the first step in achieving that goal π
91 - 11
Hey Everyone! Just want to give a quick update on my IDORs and Access Controls Part III video:
As I'm recording this video, I'm realizing that this will end up being another 4-5 hour recording π¨, and as much as I want to get this video out to the community, I also don't want to rush it.
Now that we've got the basic knowledge from the last two videos, I think I have a really great opportunity to take my time and demonstrate a very effective and cohesive methodology. Then downside is that it simply takes time to get all that knowledge in the video.
I promise I will get this video out to y'all as soon as I can! However, I also promise not to rush out an inferior video just to keep my numbers up in the algorithm, which hopefully is better for everyone!
246 - 29
Tank wanted me to take a break from our bike ride to let everyone know the Ars0n Security DISCORD CHANNEL is finally live!! π’π₯ --> discord.gg/qCm8USdn4
I'm very excited to begin fostering a community of people who are deeply passionate about making the internet a more secure place!
If you are interested in any of the following, then come hang out:
- Bug Bounty Hunting
- Cybersecurity Research
- Building Automation Tools
- Starting a Career Cybersecurity
- Technology-related Side Hustles
But most importantly, if you're someone who believes in hard work, making an impact, and lifting others up as much as possible then we would love to have you!
28 - 6
Hey Everyone! My dog Tank wanted me to let everyone know that I'm going to be hosting a Twitch Stream starting in the next few hours!
This time, I'm going to move past Recon and do Live Enumeration and Identifying Attack Vectors in the Starbucks public Bug Bounty Program on HackerOne!
Feel free to come hang out, ask questions, and request any specific demos!!
www.twitch.tv/rs0n_live
26 - 1
I've worked in Cyber Security for almost 10 years and done Bug Bounty hunting for 5 of those years. I'm here to share what I've learned and help others start Bug Bounty Hunting and/or break into Application Security!