Critical Thinking - Bug Bounty Podcast Episode 81: Crushing Client-Side on Any Scope with MatanBer
21 snips
Jul 25, 2024 Join MatanBer, a seasoned expert in client-side hacking and DevTools, as he shares invaluable insights on navigating web vulnerabilities. He discusses advanced techniques for exploiting client-side issues like XSS and HTML injection, while offering practical DevTools tips that enhance debugging efficiency. The conversation delves into the appeal of chaining attacks and overcoming Web Application Firewalls, alongside personal anecdotes that illuminate the challenges of real-world cybersecurity. It's a treasure trove of knowledge for aspiring hackers!
AI Snips
Chapters
Transcript
Episode notes
Beyond XSS Labs
- Supplement PortSwigger labs with resources like "Beyond XSS" by Aszx87410.
- This series offers valuable DOM XSS labs and puzzles for practicing client-side hacking.
First Bug Report
- Matan Ber found a potential SQL injection on Portswigger's website by putting a quote in the search field.
- Albino Wax (James Kettle) kindly guided him towards XSS labs, shaping Matan's hacking journey.
Bridging the Gap
- Bridge the gap between labs and real-world applications by practicing on live targets.
- Embrace failure as a learning opportunity in bug bounty hunting.