Category: Hyderabad

Null Humla – How to do well/start Bug Bounty Hunting

This will be a humla session on bug bounty. We shall have a hands on session on bug hunting. Also, we would be providing few tips and techniques by which a security analyst can be a better bug hunter. The speaker would share few of his POC’s and experiences on the various bug disclosed.

Topic:
1. Introduction to various Bug Bounty programs
2. Finding the right domain to start hunting
3. Information Gathering
4. Discovering vulnerabilities
5. Multitasking with various free vulnerability scanners
6. Generating and submitting POCs without violating bug bounty rules
7. Special discussion on how to submit potential RCEs based on various CVEs.
8. Case studies or POCs

Pre-requisite:

  1. Back Track/ Samurai WTF Installed laptop ( VMs will be fine as well )
  2. OWASP Top -10 knowledge
  3. Basic WAPT terminologies
  4. And should be able to differentiate between 0 and o

Humla Champion Bio:

Abhijeth Dugginapeddi:
Abhijeth is a 23 year old security consultant working in Tata Consultancy Services. His interest in this domain started when he was 14 year old, the innate curiosity of his, made him explore many things and share them with his peers. He has found vulnerabilities in 1400 web applications, the top ones being Google, Yahoo, Microsoft, Amazon, at&t, Juniper, HDFC, ICICI ,ETSY. During his B.tech, along with handling freelance projects, he has also trained around 10,000 students by conducting various workshops in Andhra Pradesh.

Interested members can register here: https://bugbounty.eventbrite.com/  before 24th May 2014 12:00PM