Bug Hunter's Methodology
28th February 09:00 AM - 6:00 PM IST
Course Abstract
Bugcrowd is happy to offer a full day workshop for bug hunters to learn both intro and advanced topics in web bug hunting. Each BCU module will go over a vulnerability describing it's nature, how to identify it, how to exploit it, relevant tools associated to it, and have labs for students to test their skills. These Bugcrowd University modules are designed to enable the crowd to spot and exploit Priority One level bugs, even in seemingly complex web applications.
(Intro) What makes a good submission
(Intro) Burp Suite Workshop
(Intermediate) Asset Discovery and Recon- IP enumeration (ASNs and Cloud)
Brand Enumeration (Acquisitions, RevWHOIS, Reverse tracker Analysis)
Subdomain Enumeration (Scraping and Bruteforcing)
Effective Port Scanning
Version based vulnerability analysis
Directory Bruteforcing / Content Discovery best practices
Prioritizing target testing areas by technology and features(Advanced)
(Advanced) XML External Entity Injection
An introduction to XXE
XXE Identification
XXE Tooling / payloads
XXE LABS
(Advanced) Authorization & Access Control Testing (MFLAC, IDOR)
The ever-giving IDOR and MFLAC
Examples
LABS
(Advanced) Server Side Request Forgery- An introduction to SSRF
SSRF Identification
SSRF Tooling
SSRF LABS
(Advanced) Security Misconfiguration (Git, AWS, Subdomain, ++)
introduction to AWS s3 Permissions
Labs
git pillaging
Labs
Github robbing
Live exercise
CI/Code repositories exploitation (no lab)
Subdomain takeover
Labs
Upon Completion of this training, attendees will know: At the end of this course, students should have some solid fundamentals in web testing for vulnerabilities that are more likely to show up in the wild TODAY. Not only does the course aim to arm the student with the technique, tools, and labs, but also a contextual and data-driven methodology on where and how to look for each vulnerability.
Attendees should bring: Laptop, Burp Suite (PRO preferably), VM or equivalent access to *nix command line.
Pre-requisites for attendees: General Web application security testing knowledge required. Some topics will assume some knowledge of OWASP Top Ten type vulnerabilities.
These trainings are 100% FREE to all OWASP Seasides attendees, first come first served basis only!
About the trainer Jason Haddix is the VP of Researcher Growth at Bugcrowd. Jason trains and works with internal analysts to triage and validate hardcore vulnerabilities in mobile, web, and IoT applications/devices. He also works with Bugcrowd to improve the security industries relations with the researchers. Jason’s interests and areas of expertise include mobile penetration testing, black box web application auditing, network/infrastructural security assessments, wireless network assessment, binary reverse engineering, and static analysis.
The registration is closed. However, all the events and workshops are on first come first serve basis. Please reach the venue early to grab your spot.
Last updated