BountyCraft - The Panel

Abstract:

Every security tester has some sort of methodology and toolset they use. This "secret sauce" is the essence of good security research. BountyCraft the panel is about disclosing those secrets. The panel will talk through the successful tools and techniques used by the panelists, what do they focus on, and why. They will discuss topics such as advents in tooling, approaches to different types of applications, reconnaissance, vulnerability trends in bounty, and more. Viewers will leave this presentation with knowledge of practical recommendations for hacking methodologies, tools, and tips to better hack. The panelists will talk through vulnerabilities commonly seen as edge cases that have been present on heavily tested sites, and what are the upcoming challenges in the space.
This talk focuses on the current and future of bounty hunting and web hacks that bug hunters or penetration testers can be knowledgeable of what the various environment trends. We will be going over the changes to the web attack landscape and how web hackers, can better find bugs in the web applications that are currently being developed.

Panel includes:

Jason Haddix, Security Researchers/ Bugcrowd Ambassadors, and Chloé Messdaghi

Bios:

Jason Haddix is the VP of Researcher Growth at Bugcrowd. Jason works with Bugcrowd to improve the security industries relations with the researchers. Jason’s interests and areas of expertise include mobile penetration testing, black box web application auditing, network/infrastructure security assessments, wireless network assessment, binary reverse engineering, and static analysis. Follow @Jhaddix

Chloé Messdaghi is Security Researcher Advocate/PM @Bugcrowd, board member for four nonprofits, one of the WIST founders, mentors, speaker on diversity and inclusion in InfoSec, and Drop Labels founder. Follow @ChloeMessdaghi