Bug Bounty Secrets

HARI KRISHNAN. R

Security Researcher and new to ppt :P

And get fame and cash

Select the

target

Gather Information

Find bug and

report

Basic steps

Paying rewards to independent security researchers for finding vulnerabilities in their products. Major Players

Google Mozilla Facebook Paypal

And what we get ? Money and Fame. And what the company get ? They get their application secured and is very cost effective for them as they pay the independent researchers a minimal amount

About Bug Bounty

What all you need to start hunting for bounty ? Know about the target, their products, acquired companies ( which you can find it by searching it in Google ) , sub domains, etc. Do have a good understanding of the application which you are testing. Know which all company is having bug bounty program and some of them are AT&T Barracuda Chromium Project Etsy Facebook Gallery Google Hex-Rays Kaneva LaunchKey ManageWP Mozilla PayPal Samsung Yandex

What kind of bugs are in scope ? XSS XSRF / CSRF SQL injection or equivalent Remote code execution Authentication bypass or information leak Rewards for qualifying bugs can range from 100 $ to 20,000$ or more. So far, Google have paid $828,000 to more than 250 individuals. Mozilla has paid $570,000+

Reference:Slides from Adam Mein at SANS AppSec 2011

Reference: Slides from Adam Mein at SANS AppSec 2011

Example 1 : Dom based Xss in Google Partners

Example 2: XSS vulnerabilities in Google's Gmail's mobile view by Nils juenemann

Conclusion: Report the bugs to the company rather than selling it in black market ;)