$2,500 Leaking parts of private Hackerone reports - timeless cross-site leaks

  Рет қаралды 4,939

Bug Bounty Reports Explained

Bug Bounty Reports Explained

Күн бұрын

Пікірлер: 18
@BugBountyReportsExplained
@BugBountyReportsExplained 3 жыл бұрын
Thanks for watching the video and welcome to the comment section. Make sure to leave a like to help me grow my channel and reach more hackers like you👍
@FUN-sy5lr
@FUN-sy5lr 3 жыл бұрын
Before i will watch i will thank you for your videos you are great 😍
@BugBountyReportsExplained
@BugBountyReportsExplained 3 жыл бұрын
Very nice of you mate!
@tyaprak
@tyaprak 3 жыл бұрын
Job very well done brother, appreciated.
@BugBountyReportsExplained
@BugBountyReportsExplained 3 жыл бұрын
My pleasure
@unurbayaramarsaikhan1362
@unurbayaramarsaikhan1362 3 жыл бұрын
You are awesome. I have learned so much from your channel. And Congratulations for you last 1000$ bounty
@BugBountyReportsExplained
@BugBountyReportsExplained 3 жыл бұрын
Thanks so much! I'm very glad you learn a lot!
@rabbitcodecs
@rabbitcodecs 3 жыл бұрын
Wow..amazing content
@BugBountyReportsExplained
@BugBountyReportsExplained 3 жыл бұрын
Thank you 🙌
@-bubby9633
@-bubby9633 3 жыл бұрын
Absolutely fantastic explanation thanks! Very easy to understand. Was interested throughout to see how this could be effectively abused, and was kicking myself when I realized "oh yes, stealing partially known values containing sensitive info such as cookiename+Val or headername+Val. Duhhh of course 😅". Very educational
@BugBountyReportsExplained
@BugBountyReportsExplained 3 жыл бұрын
Im happy you learnt something!
@ミネちゃんねる-t5u
@ミネちゃんねる-t5u 3 жыл бұрын
Interesting, but modern browsers have a samesite cookie value of lax. The browser does not send the cookie...
@BugBountyReportsExplained
@BugBountyReportsExplained 3 жыл бұрын
True. Those attacks these days mostly work in websites that explicitly set their SameSite to None, like KZbin
@mnageh-bo1mm
@mnageh-bo1mm 3 жыл бұрын
Great video , but i wasn't able to fully understand the Timeless XSleak tecnique
@BugBountyReportsExplained
@BugBountyReportsExplained 3 жыл бұрын
Which part exactly?
@mnageh-bo1mm
@mnageh-bo1mm 3 жыл бұрын
@@BugBountyReportsExplained the diff between it and the time one
@howplz
@howplz 3 жыл бұрын
Hi bro can you explain to me how you did to understand every tech word And if you're may be translated the word to ur native language?? Please i need an answer
@BugBountyReportsExplained
@BugBountyReportsExplained 3 жыл бұрын
Can you clarify? I don't understand
$16k Stealing secrets.yaml from GitLab using stored XSS - Hackerone bug bounty
9:48
$16k Stealing secrets.yaml from GitLab using stored XSS - Hackerone bug bounty
Bug Bounty Reports Explained
Рет қаралды 7 М.
What functionalities are vulnerable to SSRFs? Case study of 124 bug bounty reports
19:58
What functionalities are vulnerable to SSRFs? Case study of 124 bug bounty reports
Bug Bounty Reports Explained
Рет қаралды 16 М.
Жездуха 41-серия
36:26
Жездуха 41-серия
Million Show
Рет қаралды 5 МЛН
Thank you mommy 😊💝 #shorts
0:24
Thank you mommy 😊💝 #shorts
5-Minute Crafts HOUSE
Рет қаралды 33 МЛН
Почему Катар богатый? #shorts
0:45
Почему Катар богатый? #shorts
Послезавтра
Рет қаралды 2 МЛН
Challenge CR7 people try the impossible-to-do Cristiano challenge 2m68😱😳⚽️
1:01
Challenge CR7 people try the impossible-to-do Cristiano challenge 2m68😱😳⚽️
dimerci tv
Рет қаралды 134 МЛН
Hacking into Google's Network for $133,337
31:32
Hacking into Google's Network for $133,337
LiveOverflow
Рет қаралды 1 МЛН
Creating a YouTube TV that could steal your private videos - $6,000 CSRF
9:06
Creating a YouTube TV that could steal your private videos - $6,000 CSRF
Bug Bounty Reports Explained
Рет қаралды 4,5 М.
$130,000+ Learn New Hacking Technique in 2021 - Dependency Confusion - Bug Bounty Reports Explained
11:12
$130,000+ Learn New Hacking Technique in 2021 - Dependency Confusion - Bug Bounty Reports Explained
Bug Bounty Reports Explained
Рет қаралды 15 М.
$6,5k + $5k HTTP Request Smuggling mass account takeover - Slack + Zomato
7:26
$6,5k + $5k HTTP Request Smuggling mass account takeover - Slack + Zomato
Bug Bounty Reports Explained
Рет қаралды 37 М.
DEF CON 32 - Hacking Millions of Modems and Investigating Who Hacked My Modem - Sam Curry
24:58
DEF CON 32 - Hacking Millions of Modems and Investigating Who Hacked My Modem - Sam Curry
DEFCONConference
Рет қаралды 50 М.
This is my coolest bug bounty report (SSRF ➡ Phishing)
10:05
This is my coolest bug bounty report (SSRF ➡ Phishing)
Bug Bounty Reports Explained
Рет қаралды 9 М.
DEF CON 32 - The Darkest Side of Bug Bounty - Jason Haddix
32:30
DEF CON 32 - The Darkest Side of Bug Bounty - Jason Haddix
DEFCONConference
Рет қаралды 55 М.
XS Leaks Client Side Attacks In A Post XSS World Zeyu Zayne Zhang
14:04
XS Leaks Client Side Attacks In A Post XSS World Zeyu Zayne Zhang
Security BSides London
Рет қаралды 914
CRLF + XSS + cache poisoning = Access to Github private pages for $35k bounty
11:22
CRLF + XSS + cache poisoning = Access to Github private pages for $35k bounty
Bug Bounty Reports Explained
Рет қаралды 12 М.
Bug Bounty bootcamp // Get paid to hack websites like Uber, PayPal, TikTok and more
42:19
Bug Bounty bootcamp // Get paid to hack websites like Uber, PayPal, TikTok and more
David Bombal
Рет қаралды 180 М.
Жездуха 41-серия
36:26
Жездуха 41-серия
Million Show
Рет қаралды 5 МЛН