What functionalities are vulnerable to SSRFs? Case study of 124 bug bounty reports

  Рет қаралды 16,167

Bug Bounty Reports Explained

Bug Bounty Reports Explained

Күн бұрын

Пікірлер: 26
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
Welcome to the comment section! If you enjoyed this part of the case study, check out BBRE Premium to see the full version: bbre.dev/premium
@cyber-man
@cyber-man 2 жыл бұрын
Very cool report!! Cant wait to see more bug bounty reports explained - I would love to see not only the biggest, but also those small, more common explained 3-5 min videos even - could be fun :)
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
Thank you for always leaving insightful comments. In regards to 3-5 minutes videos, I feel like there's no good platform for them at the moment. KZbin promotes longer videos (even my 7-9 minute ones are on the short side) and then there are modern platforms with up to a minute content. There seems to be nothing in between these two. And while it's a romantic story to go against the odds (algorithms) and we are not forced to create what they want, we are better off working with them. We simply put a lot of work into these videos and we want many peope benefiting from that.
@jerrychu5773
@jerrychu5773 2 жыл бұрын
Thank you for your work!!! Please keep on!!!
@0xbro
@0xbro 2 жыл бұрын
Wow, great job of analysis! I found it full of interesting insights, thank you!
@AnPham-uz3td
@AnPham-uz3td 2 жыл бұрын
One of the most insightful vid about finding security bug :)
@SleeplessDemon1
@SleeplessDemon1 2 жыл бұрын
Awesome 👍! Can you make for other vulnerabilities too?
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
Seeing the positive feedback on this article and the video, it would be stupid not to more of that ;) What vulnerability class would you like to see next?
@SleeplessDemon1
@SleeplessDemon1 2 жыл бұрын
@@BugBountyReportsExplained LFI
@laughterwithabhaygupta8606
@laughterwithabhaygupta8606 Жыл бұрын
​@@SleeplessDemon1many more we want details very detailed and well explained all over the KZbin not seeing like this type of content this is actually what we want .It is literally dopamine for bug hunters
@oldshibagt
@oldshibagt Жыл бұрын
New fear unlocked: Built hackers
@razmjumehdi9069
@razmjumehdi9069 Жыл бұрын
Can you please explain a project from the recon stage to how to report in a video? I'm searching a lot, but I still haven't found a complete project from HackerOne or Bugcrowd.
@brutexploiter
@brutexploiter Жыл бұрын
Can you share the template...No need database
@ahmedahmedx9600
@ahmedahmedx9600 2 жыл бұрын
Thanks for the video, can you tell me how you scrape lot of reports and filter them by vulnerability please ? And from where you scrape them ?
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
Check out the blogpost linked in the description, it's there
@ahmedahmedx9600
@ahmedahmedx9600 2 жыл бұрын
@@BugBountyReportsExplained thank you bro, you are always useful as expected
@ahmedahmedx9600
@ahmedahmedx9600 2 жыл бұрын
@@omarataallah9451 thanks bro
@مشعلالعنزي-ذ5ل6ط
@مشعلالعنزي-ذ5ل6ط Жыл бұрын
i love you brother from syria biiig thanks 😢❤❤
@devangsolanki4622
@devangsolanki4622 2 жыл бұрын
We need that notion page. Please share it
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
I shared this database with BBRE Premium members.
@mohmino4532
@mohmino4532 Жыл бұрын
where is the reports links ?
@BugBountyReportsExplained
@BugBountyReportsExplained Жыл бұрын
in BBRE Premium platform
@vuilachinh5252
@vuilachinh5252 Жыл бұрын
🌟🌟🌟
@Al-rt3ec
@Al-rt3ec 2 жыл бұрын
How could guide for every in details , i want to start to get money from this Job , could i email for further in touch or personal chat . Thank you
@BugBountyReportsExplained
@BugBountyReportsExplained 2 жыл бұрын
Thanks, but I don't do personal coaching or anything like that.
@Al-rt3ec
@Al-rt3ec 2 жыл бұрын
@@BugBountyReportsExplained But i need explanation how to do it step by step clearly , how could i get it ?
IDOR - how to predict an identifier? Bug bounty case study
23:55
Bug Bounty Reports Explained
Рет қаралды 16 М.
Find and Exploit Server-Side Request Forgery (SSRF)
8:56
The Cyber Mentor
Рет қаралды 43 М.
За кого болели?😂
00:18
МЯТНАЯ ФАНТА
Рет қаралды 3,1 МЛН
The IMPOSSIBLE Puzzle..
00:55
Stokes Twins
Рет қаралды 176 МЛН
Do you love Blackpink?🖤🩷
00:23
Karina
Рет қаралды 17 МЛН
ТВОИ РОДИТЕЛИ И ЧЕЛОВЕК ПАУК 😂#shorts
00:59
BATEK_OFFICIAL
Рет қаралды 6 МЛН
How to do account takeover? Case study of 146 bug bounty reports
30:23
Bug Bounty Reports Explained
Рет қаралды 11 М.
How I found the $1,500 SSRF in Stripe bug bounty program
9:09
Bug Bounty Reports Explained
Рет қаралды 11 М.
BSidesBUD2022: Bug Bounty Recon The Right Way
25:00
BSides Budapest IT Security Conference
Рет қаралды 11 М.
Turning unexploitable XSS into an account takeover with Matan Berson
23:46
Bug Bounty Reports Explained
Рет қаралды 14 М.
Top privilege escalation techniques - bug bounty case study
22:41
Bug Bounty Reports Explained
Рет қаралды 3 М.
Eliminating False Assumptions in Bug Bounties - Frans Rosén @fransrosen
26:15
Server-Side Request Forgery (SSRF) Explained
15:58
NahamSec
Рет қаралды 29 М.
This Bug Got Me A $30,000 Bounty
12:41
NahamSec
Рет қаралды 17 М.
За кого болели?😂
00:18
МЯТНАЯ ФАНТА
Рет қаралды 3,1 МЛН