Welcome to the comment section! I hope you enjoyed the video about one chapter of this case study. Remember that the full article along with the checklist and report database is avaiable in BBRE Premium: bbre.dev/atocs
@@waleedbutt885 I described the methodology here: www.bugbountyexplained.com/what-functionalities-are-most-often-vulnerable-to-ssrfs-case-study-of-124-bug-bounty-reports/
29:30 There are mail filters that auto follow links. So if the user has this set up they won't have to click the link. This is usually done to protect user against phising attacks but in this case it works for the attacker.
Thank you for letting me know! I started to wonder about this very thing when creating the video because whenever I send a mass email, I run it through mail-tester which follows all the links. I started wondering if eg Gmail does the same
@@BugBountyReportsExplained it ain't very public if you have to pay for it, at least make some free or make the site exploitable so the ones who have the skill and want it don't gotta pay, something like that. Im gonna find out if that's not already the case I hope your API is secure, actually no I dont
the one just in front is Read-World bug hunting by Pete Yaworski and that's just about the only bug bounty related bug there. The test is about business and personal growth.
bro where do you live?? I assume u r french??? Anyway, I like ur accent, better than most people who do tutorials on TH-cam- or what i like to call scam tube
hello, greg. Thank you for these kind of videos. Always look forward to them. I was wodnering, since you study sooo many writeups do you feel like you learn a lot from them or they help in your hunting/methodology. Asking since everyone is always suggesting to read write ups and all as a great resource for bug hunters.
Welcome to the comment section! I hope you enjoyed the video about one chapter of this case study. Remember that the full article along with the checklist and report database is avaiable in BBRE Premium: bbre.dev/atocs
@@shanks2906 In none. I've never been a developer so I'm not an expert in any but I can code stuff in Python, JavaScript and recently Golang
Sir Will you tell from where you get all these reports and how you manage to make a perfect table of thats in notion
@@waleedbutt885 I described the methodology here: www.bugbountyexplained.com/what-functionalities-are-most-often-vulnerable-to-ssrfs-case-study-of-124-bug-bounty-reports/
Love these case studies! 🔥
29:30 There are mail filters that auto follow links. So if the user has this set up they won't have to click the link. This is usually done to protect user against phising attacks but in this case it works for the attacker.
Thank you for letting me know! I started to wonder about this very thing when creating the video because whenever I send a mass email, I run it through mail-tester which follows all the links. I started wondering if eg Gmail does the same
@@BugBountyReportsExplained I believe Office 365's ATP has an option to watch over links. I think it auto clicks them.
Loving all the content, thanks again
AMAZING RESEARCH! 🤯🤯🤯
can u give me the name of the website where all bug has been public
it's in the description
@@BugBountyReportsExplained it ain't very public if you have to pay for it, at least make some free or make the site exploitable so the ones who have the skill and want it don't gotta pay, something like that. Im gonna find out if that's not already the case I hope your API is secure, actually no I dont
Anyone know any decent CTF's inspired by real would bug bounty reports which exploit account takeover bugs?
What are the book u have please tell....
the one just in front is Read-World bug hunting by Pete Yaworski and that's just about the only bug bounty related bug there. The test is about business and personal growth.
@@BugBountyReportsExplained put a seperate a video for what are the book using that is useful for us...
@Bug Bounty Reports Explained i recently watch your is nice and useful in 3:25 is software or a web site and name is?....please reply
Just awsome case study man🔥🔥
May i know what kind of platform are you using to log all the items?
I use Notion
bro where do you live?? I assume u r french??? Anyway, I like ur accent, better than most people who do tutorials on TH-cam- or what i like to call scam tube
In Poland ;)
Great! Thank you.
hello, greg. Thank you for these kind of videos. Always look forward to them.
I was wodnering, since you study sooo many writeups do you feel like you learn a lot from them or they help in your hunting/methodology. Asking since everyone is always suggesting to read write ups and all as a great resource for bug hunters.
Yes, absolutely!
can you tell us in vidéo how you begin in bug bounty and whats the best road map to learn bug bounty on your opinion please
Thank you
Joke: "Closed: No impact."
Osm content
Wow AI