This is my coolest bug bounty report (SSRF ➡ Phishing)

Published 2022-05-26

Download video MP4 360p
Download video MP4 720p

Recommendations

19:58

What functionalities are vulnerable to SSRFs? Case study of 124 bug bounty reports
09:15

$XX,000 Airbnb impossible XSS with 4 bypasses
17:45

100 hours of reviewing the source code - Bounty vlog #3 - Elastic
10:12

What is Server-side Request Forgery (SSRF)?
28:40

Which XSS payloads get the biggest bounties? - Case study of 174 reports
47:04

Server-Side Request Forgery (SSRF) | Complete Guide
07:26

$6,5k + $5k HTTP Request Smuggling mass account takeover - Slack + Zomato
49:38

Live Hacking On Indeed with Tess 💥 | Hacker2Hacker
10:08

From a lame Server-Side Request Forgery to Remote Code Execution
09:31

2022-style OAuth account takeover on Facebook - $45,000 bug bounty
09:09

How I found the $1,500 SSRF in Stripe bug bounty program
38:47

Денис Рыбин — Server Side Request Forgery: атака на веб-приложение, которая страшнее, чем кажется
07:36

An overlooked parameter leads to a critical SSRF in Dropbox bug bounty program
11:43

SSRF Bug Bounty | Server Side Request Forgery | Ethical Hacking
09:53

My $20,000 S3 bug that leaked everyone’s attachments - S3 bucket misconfig of pre-signed URLs
05:55

$3,500 Slack SSRF - proxying to internal network via TURN server explained - Hackerone
15:48

Missing HTTP Security Headers - Bug Bounty Tips
09:43

The world's largest bug bounty - $3.4 mln for a bug in Polygon blockchain
12:55

How to get greater bounties for MEDIUM and LOW risk reports? Account takeover - Stripe
08:56

Find and Exploit Server-Side Request Forgery (SSRF)

This is my coolest bug bounty report (SSRF ➡ Phishing)

Download video MP4 360p

Download video MP4 720p

What functionalities are vulnerable to SSRFs? Case study of 124 bug bounty reports

$XX,000 Airbnb impossible XSS with 4 bypasses

100 hours of reviewing the source code - Bounty vlog #3 - Elastic

What is Server-side Request Forgery (SSRF)?

Which XSS payloads get the biggest bounties? - Case study of 174 reports

Server-Side Request Forgery (SSRF) | Complete Guide

$6,5k + $5k HTTP Request Smuggling mass account takeover - Slack + Zomato

Live Hacking On Indeed with Tess 💥 | Hacker2Hacker

From a lame Server-Side Request Forgery to Remote Code Execution

2022-style OAuth account takeover on Facebook - $45,000 bug bounty

How I found the $1,500 SSRF in Stripe bug bounty program

Денис Рыбин — Server Side Request Forgery: атака на веб-приложение, которая страшнее, чем кажется

An overlooked parameter leads to a critical SSRF in Dropbox bug bounty program

SSRF Bug Bounty | Server Side Request Forgery | Ethical Hacking

My $20,000 S3 bug that leaked everyone’s attachments - S3 bucket misconfig of pre-signed URLs

$3,500 Slack SSRF - proxying to internal network via TURN server explained - Hackerone

Missing HTTP Security Headers - Bug Bounty Tips

The world's largest bug bounty - $3.4 mln for a bug in Polygon blockchain

How to get greater bounties for MEDIUM and LOW risk reports? Account takeover - Stripe

Find and Exploit Server-Side Request Forgery (SSRF)

$1300 bugbounty | Blind SSRF and XSPA | bug bounty poc | hackerone | ssrf poc #bugbountypoc #bounty

Blind SSRF Through gif | bug bounty poc | hacker 1

Information Disclosure by Sending a GIF (Blind SSRF) | POC - 1| $500

Uncle Rats Ultimate SSRF Guide For Bug Bounties

Client-side desync vulnerabilities - a breakthrough in request smuggling techniques

SSRF & Network Enumeration

The key to succeed in bug bounty - @NahamSec

Stealing all your cookies from your mobile Firefox browser - Bug Bounty Reports Explained

CVE 2021 40438 - SSRF | P1 | Bug Bounty Series - EP 18 | Ran$ome

$10k+5k Web cache poisoning - Github + Firefox - Bug Bounty Reports Explained

Open Redirect Vulnerability Explained

How I made 200$ in 2 Minutes on Hackerone - Zomato Bug Bounty Program - POC