What functionalities are vulnerable to SSRFs? Case study of 124 bug bounty reports

แชร์
ฝัง
  • เผยแพร่เมื่อ 19 ธ.ค. 2024

ความคิดเห็น • 26

  • @BugBountyReportsExplained
    @BugBountyReportsExplained  2 ปีที่แล้ว +3

    Welcome to the comment section! If you enjoyed this part of the case study, check out BBRE Premium to see the full version: bbre.dev/premium

  • @cyber-man
    @cyber-man 2 ปีที่แล้ว +5

    Very cool report!! Cant wait to see more bug bounty reports explained - I would love to see not only the biggest, but also those small, more common explained 3-5 min videos even - could be fun :)

    • @BugBountyReportsExplained
      @BugBountyReportsExplained  2 ปีที่แล้ว +3

      Thank you for always leaving insightful comments.
      In regards to 3-5 minutes videos, I feel like there's no good platform for them at the moment. TH-cam promotes longer videos (even my 7-9 minute ones are on the short side) and then there are modern platforms with up to a minute content. There seems to be nothing in between these two. And while it's a romantic story to go against the odds (algorithms) and we are not forced to create what they want, we are better off working with them. We simply put a lot of work into these videos and we want many peope benefiting from that.

  • @AnPham-uz3td
    @AnPham-uz3td 2 ปีที่แล้ว +1

    One of the most insightful vid about finding security bug :)

  • @0xbro
    @0xbro 2 ปีที่แล้ว +1

    Wow, great job of analysis! I found it full of interesting insights, thank you!

  • @jerrychu5773
    @jerrychu5773 2 ปีที่แล้ว +2

    Thank you for your work!!! Please keep on!!!

  • @oldshibagt
    @oldshibagt ปีที่แล้ว +2

    New fear unlocked: Built hackers

  • @SleeplessDemon1
    @SleeplessDemon1 2 ปีที่แล้ว +3

    Awesome 👍! Can you make for other vulnerabilities too?

    • @BugBountyReportsExplained
      @BugBountyReportsExplained  2 ปีที่แล้ว +1

      Seeing the positive feedback on this article and the video, it would be stupid not to more of that ;)
      What vulnerability class would you like to see next?

    • @SleeplessDemon1
      @SleeplessDemon1 2 ปีที่แล้ว +1

      @@BugBountyReportsExplained LFI

    • @laughterwithabhaygupta8606
      @laughterwithabhaygupta8606 ปีที่แล้ว

      ​@@SleeplessDemon1many more we want details very detailed and well explained all over the TH-cam not seeing like this type of content this is actually what we want .It is literally dopamine for bug hunters

  • @razmjumehdi9069
    @razmjumehdi9069 ปีที่แล้ว

    Can you please explain a project from the recon stage to how to report in a video? I'm searching a lot, but I still haven't found a complete project from HackerOne or Bugcrowd.

  • @ahmedahmedx9600
    @ahmedahmedx9600 2 ปีที่แล้ว +1

    Thanks for the video, can you tell me how you scrape lot of reports and filter them by vulnerability please ? And from where you scrape them ?

    • @BugBountyReportsExplained
      @BugBountyReportsExplained  2 ปีที่แล้ว +4

      Check out the blogpost linked in the description, it's there

    • @ahmedahmedx9600
      @ahmedahmedx9600 2 ปีที่แล้ว +1

      @@BugBountyReportsExplained thank you bro, you are always useful as expected

    • @ahmedahmedx9600
      @ahmedahmedx9600 2 ปีที่แล้ว +1

      @@omarataallah9451 thanks bro

  • @brutexploiter
    @brutexploiter 2 ปีที่แล้ว

    Can you share the template...No need database

  • @devangsolanki4622
    @devangsolanki4622 2 ปีที่แล้ว

    We need that notion page. Please share it

  • @مشعلالعنزي-ذ5ل6ط
    @مشعلالعنزي-ذ5ل6ط ปีที่แล้ว

    i love you brother from syria
    biiig thanks 😢❤❤

  • @mohmino4532
    @mohmino4532 ปีที่แล้ว

    where is the reports links ?

  • @vuilachinh5252
    @vuilachinh5252 ปีที่แล้ว

    🌟🌟🌟

  • @Al-rt3ec
    @Al-rt3ec 2 ปีที่แล้ว

    How could guide for every in details , i want to start to get money from this Job , could i email for further in touch or personal chat . Thank you

    • @BugBountyReportsExplained
      @BugBountyReportsExplained  2 ปีที่แล้ว +2

      Thanks, but I don't do personal coaching or anything like that.

    • @Al-rt3ec
      @Al-rt3ec 2 ปีที่แล้ว

      @@BugBountyReportsExplained But i need explanation how to do it step by step clearly , how could i get it ?