The Bug Bounty Hunter
Happy hunting! thebugbountyhunter.com [email protected]
Show more- Subscribers
- Post coverage
- ER - engagement ratio
Data loading in progress...
Data loading in progress...
TL;DR I discovered a one-click account takeover vulnerability in a popular Indonesian Android app called Tokopedia . Th...
Guillaume Kermarrec, who oversees LβOrΓ©alβs Bug Bounty Program and threat/vulnerability management generally for the iconic cosmetics brand, discussed LβOrΓ©alβs hopes for a live Bug Bounty it held in partnership with YesWeHack. Kermarrec, who works at LβOrΓ©alβs CyberDefense Center, reflected on the companyβs preparations for the event, which took place in the summer of 2024 during LeHACK, Franceβs largest hacker convention. He also explained why they decided to open their scopes to some of Europeβs most talented ethical hackers in the context of an intensive, in-person competition. You can also watch highlights from this live hacking event π
https://www.youtube.com/watch?v=wVSZ5lCDyr4And read more about the event in our roundup of the scopes, final leaderboard, feedback from hunters, and the benefits of live Bug Bounties π
https://www.yeswehack.com/news/loreal-live-hacking-event-lehackππ Signup for DevSecCon ππΌ snyk.co/dscnahamsec LIKE and SUBSCRIBE with NOTIFICATIONS ON if you enjoyed the video! π π If you want to learn bug bounty hunting from me:
https://bugbounty.nahamsec.trainingπ» If you want to practice some of my free labs and challenges:
https://app.hackinghub.ioπ΅ FREE $200 DigitalOcean Credit:
https://m.do.co/c/3236319b9d0bπ LINKS: π MY FAVORITE BOOKS: Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities -
https://amzn.to/3Re8Pa2Hacking APIs: Breaking Web Application Programming Interfaces -
https://amzn.to/45g4bOrBlack Hat GraphQL: Attacking Next Generation APIs -
https://amzn.to/455F9l3πΏ WATCH NEXT: If I Started Bug Bounty Hunting in 2024, I'd Do this -
https://youtu.be/z6O6McIDYhU2023 How to Bug Bounty -
https://youtu.be/FDeuOhE5MhUBug Bounty Hunting Full Time -
https://youtu.be/watch?v=ukb79vAgRiYHacking An Online Casino -
https://youtu.be/watch?v=2eIDxVrk4a8WebApp Pentesting/Hacking Roadmap -
https://youtu.be/watch?v=doFo0I_KU0oMY OTHER SOCIALS: π My website -
https://www.nahamsec.com/π¨βπ» My free labs -
https://app.hackinghub.io/π¦ Twitter -
https://twitter.com/NahamSecπΈ Instagram -
https://instagram.com/NahamSecπ¨βπ» Linkedin -
https://www.linkedin.com/in/nahamsec/WHO AM I? If we haven't met before, hey π! I'm Ben, most people online know me online as NahamSec. I'm a hacker turned content creator. Through my videos on this channel, I share my experience as a top hacker and bug bounty hunter to help you become a better and more efficient hacker. FYI: Some of the links I have in the description are affiliate links that I get a a percentage from.
Hacking Hackers - Even the software used by teams of offensive security professionals is prone to standard web application vulnerabilities.
Welcome to another blog in the series of Advance Frida Usage. This blog post demonstrates how to use Fridaβs Stalker APIs to trace instructions as they execute in a app in real time.
Learn about DORA, the new EU regulation for digital operational resilience, and how to meet the requirements with pentesting.
We are back and testing out a new episode format focusing more on discussion than summaries. We start talking a bit about the value of learning hacking by iterating on the same exploit and challenging yourself as a means of practicing the creative parts of exploitation. Then we dive into the recent Intel SGX fuse key leak, talk a bit about what it means, how it happened. We are seeking feedback on this format. Particularly interested in those of you with more of a bug bounty or higher-level focus if an episode like this would still be appealing? If you want to share any feedback feel free to DM us (@__zi or @specterdev) or email us at media [at] dayzerosec.com
The Resource Owner Password Credentials(ROPC) is one of the Open Authentication(OAuth) flow with a βpasswordβ grant type. This grant typeβ¦
What is Dependency Confusion?
Your current plan allows analytics for only 5 channels. To get more, please choose a different plan.