all InfoSec news
$3,133.70 XSS in golang's net/html library - My first Google bug bounty
Feb. 20, 2023, 12:57 p.m. | Bug Bounty Reports Explained
Bug Bounty Reports Explained www.youtube.com
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on twitter: https://bbre.dev/tw
This video is a writeup of a vulnerability I found in Google's golang/net/html library that could lead to an XSS. It was my first submission to Google and I got a bounty of $3,133.70 for it.
🖥 Get $100 in credits for Digital Ocean: https://bbre.dev/do
Timestamps:
00:00 Intro
00:28 Preparations before reviewing the code
00:57 Where do I start security …
bounty bug bug bounty code code review comments golang google html library parsing review security start video vulnerability writeup xss
More from www.youtube.com / Bug Bounty Reports Explained
Minimising user interaction for OAuth account takeovers
3 weeks, 3 days ago |
www.youtube.com
Do not use the script tag when testing for XSS
3 weeks, 4 days ago |
www.youtube.com
Leaking GitHub's 1220 env variables #BBRENewsletter75
4 weeks, 2 days ago |
www.youtube.com
HTTP Multiline headers #bugbounty #bugbountytips #bugbountyhunter
1 month, 2 weeks ago |
www.youtube.com
Browser-powered desync #bugbounty #bugbountytips #bugbountyhunter
1 month, 2 weeks ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Senior Security Researcher - Linux MacOS EDR (Cortex)
@ Palo Alto Networks | Tel Aviv-Yafo, Israel
Sr. Manager, NetSec GTM Programs
@ Palo Alto Networks | Santa Clara, CA, United States
SOC Analyst I
@ Fortress Security Risk Management | Cleveland, OH, United States