all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

What functionalities are vulnerable to SSRFs? Case study of 124 bug bounty reports

Add to bookmarks
Oct. 26, 2022, 4:17 p.m. | Bug Bounty Reports Explained

Bug Bounty Reports Explained www.youtube.com

📧 Subscribe to BBRE Premium: https://bbre.dev/premium
The blogpost with case study methodology: https://bbre.dev/ssrfs

✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on twitter: https://bbre.dev/tw

I pulled 361 bug bounty reports from the web to make a case study and see how people are making money with SSRFs. From this video, you can learn what functionalities are most often vulnerable to Server-Side Request Forgery in these disclosed reports and also some of my opinions on which of them …

bounty bug bug bounty case reports study vulnerable

Visit resource

More from www.youtube.com / Bug Bounty Reports Explained

HTTP Multiline headers #bugbounty #bugbountytips #bugbountyhunter 2 days, 16 hours ago | www.youtube.com
bug characters class down +12
Browser-powered desync #bugbounty #bugbountytips #bugbountyhunter 3 days, 16 hours ago | www.youtube.com
bug characters class down +12
Trailer - HTTP feature you did not know about #bugbounty #bugbountytips #bugbountyhunter 5 days, 16 hours ago | www.youtube.com
bug characters class down +12
Node.js’ strange behaviour leads to request smuggling #bugbounty #bugbountytips #bugbountyhunter 6 days, 16 hours ago | www.youtube.com
bug characters class down +12
Request smuggling - do more than running tools! HTTP Request smuggling bug bounty case study 1 week ago | www.youtube.com
bug characters class down +12
Client-side path traversal #bugbounty #bugbountytips #bugbountyhunter 1 month ago | www.youtube.com
adjust bug bug hunting case +10
These CSRFs are not mitigated by SameSite=Lax #bugbounty #bugbountytips #bugbountyhunter 1 month ago | www.youtube.com
adjust bug bug hunting case +10
This differentiates top hunters from the rest #bugbounty #bugbountytips #bugbountyhunter 1 month ago | www.youtube.com
adjust bug bug hunting case +10
This CSRF trick will help you find CSRFs in 2024 #bugbounty #bugbountytips #bugbountyhunter 1 month ago | www.youtube.com
adjust bug bug hunting case +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Regional Leader, Cyber Crisis Communications

@ Google | United Kingdom
View on infosec-jobs.com

Regional Intelligence Manager, Compliance, Safety and Risk Management

@ Google | London, UK
View on infosec-jobs.com

Senior Analyst, Endpoint Security

@ Scotiabank | Toronto, ON, CA, M1K5L1
View on infosec-jobs.com

Software Engineer, Security/Privacy, Google Cloud

@ Google | Bengaluru, Karnataka, India
View on infosec-jobs.com

Senior Security Engineer

@ Coinbase | Remote - USA
View on infosec-jobs.com
View more jobs