$25k GitHub account takeover & justCTF 2023 CSRF+XSS writeup | allinfosecnews.com

June 13, 2024, 2:15 p.m. | Bug Bounty Reports Explained

Bug Bounty Reports Explained www.youtube.com

💻 Challenge yourself in 2024 justCTF online teaser: https://2024.justctf.team
Sponsored by:
HexRays - get 20% from IDA pro training sessions with exclusive code BBRE20: https://bbre.dev/hexrays
Trail of Bits: https://cutt.ly/veucZatb
OtterSec: https://cutt.ly/leucL7cz
SECFORCE: https://cutt.ly/5eoKRyNL

📧 Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on Twitter: https://bbre.dev/tw

This video is a writeup of my CTF task "phantom" from justCTF 2023 that involved a CSRF inspired by a $25,000 Oauth account takeover in GitHub and …

account account takeover bypass csrf ctf github html intro oauth protection sponsored takeover task timestamps video writeup xss

More from www.youtube.com / Bug Bounty Reports Explained

The top full-time bug bounty hunter reports less than 2 bugs per week feat. Alex … 1 day ago | www.youtube.com

alex bounty bug bug bounty +11

Keeping a spreadsheet with interesting features of different websites feat. Alex Chapman #bugbounty 2 days ago | www.youtube.com

alex bounty bug bug bounty +11

The secret to finding many Criticals - Alex Chapman 2 days, 22 hours ago | www.youtube.com

alex bounty bug bug bounty +21

XSS sanitizer bypass with namespaces #bugbounty #bugbountytips #bugbountyhunter 1 week, 6 days ago | www.youtube.com

account account takeover csrf ctf +7

CSRF protection bypass feat. Teddy Katz #bugbounty #bugbountytips #bugbountyhunter 2 weeks ago | www.youtube.com

account account takeover csrf ctf +7

$25k GitHub account takeover & justCTF 2023 CSRF+XSS writeup 2 weeks ago | www.youtube.com

account account takeover bypass csrf +13

Leaking data from within the sandbox by usafely initialising memory #bugbounty #bugbountytips #bugbo 3 weeks, 4 days ago | www.youtube.com

azure bot bugs health +7

Bypassing authorization check with secondary path traversal #bugbounty #bugbountytips #bugbountyhunt 3 weeks, 6 days ago | www.youtube.com

azure bot bugs health +7

$203,000 bounties for 4 bugs in Azure Health Bot - 2x RCE, path traversal, memory … 4 weeks, 2 days ago | www.youtube.com

allowlist azure bot bugs +16

Information Technology Specialist I: Windows Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, California

View on infosec-jobs.com

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA

View on infosec-jobs.com

Executive Head: CVM and Artificial Intelligence Enablement

@ Vodafone | Midrand, ZA

View on infosec-jobs.com

AWS SysOps Administrator

@ BridgePhase | San Antonio, TX

View on infosec-jobs.com

Major Accounts Executive - France (Public Sector)

@ Cyberark | Paris, France

View on infosec-jobs.com

Account Executive - Denmark

@ Cyberark | Copenhagen, Denmark

View on infosec-jobs.com