With Bug Bounty Expert Niks | Be Fearless Podcast EP 10
Manage episode 440819907 series 3579095
"I found multiple demo versions available without any authentication. I went there, extracted all the requests, and fuzzed all the parameters for SQL injection. Then I changed the domain to the in-scope domain of the company I was hacking and ran SQL commands to dump their database."
Hear from Nikhil “Niks” Srivastava bug bounty hunter and founder of B-Sides Ahmedabad in our DEF CON 32 special episode of the Be Fearless Podcast. Hosted by SquareX Product Evangelist Dakshitaa, Niks discusses his research, bug bounty hunting experience and giving back to the cybersecurity community via conferences.
0:00 Niks’ DEF CON talk on hacking corporate banking
3:27 How AI has made bug bounty hunting easier
4:59 Bug bounty story: breaking into an e-commerce company via SQL injection
7:34 Giving back to the cybersecurity community with BSides Ahmedabad
10:13 Advice for bug bounty beginners
🔔 Follow Niks and Dakshitaa on:
https://www.linkedin.com/in/nikhilksrivastava/
https://www.linkedin.com/in/dakshitaababu/
🔥 Powered by SquareX
SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. Find out more about SquareX at https://www.sqrx.com/
Rozdziały
1. Niks’ DEF CON talk on hacking corporate banking (00:00:00)
2. How AI has made bug bounty hunting easier (00:03:27)
3. Bug bounty story: breaking into an e-commerce company via SQL injection (00:04:59)
4. Giving back to the cybersecurity community with BSides Ahmedabad (00:07:34)
5. Advice for bug bounty beginners (00:10:13)
28 odcinków