The secret to finding many Criticals - Alex Chapman
Bug Bounty Reports Discussed
00:00
Bug Bounty Hunting and Browser Exploitation Journey
The chapter follows the speaker's progression from binary exploitation into full-time bug bounty hunting, with a focus on identifying critical vulnerabilities within complex systems like PDF rendering functionalities using server-side browsers. They discuss their experiences with browser exploitation, including identifying reliable primitives and proof of concepts, and the challenges posed by recent security implementations in browsers like Chrome. The conversation also covers exploiting CI/CD pipelines, manipulating JDBC drivers for code execution, and the strategy of applying bugs across various programs in bug bounty hunting.
Transcript
Play full episode
