bug bounty hunting tips Archives - Page 3 of 3

Reading Time: 6 minutes

If you read through the disclosed bug bounty reports on platforms such as hackerone.com it is clear that most bug bounty hunters are targeting web applications and neglecting the mobile application landscape. This is an opportunity that you can take advantage of.

Android app bug bounty — Photo by LOLIONI on Unsplash

I’ve had a lot of success recently looking at mobile apps, specifically android applications. After searching online for decent training material I stumbled upon the Udemy course Android Application Penetration Testing which has proven invaluable. (Disclaimer, I get no financial gain or anything else out of linking to this course, other than more competition in the android bug bounty space.) 4.5 hours of training at 2x regular playback speed and you’re in a good starting position.

Just like web applications, you can find the OWASP Mobile Top 10 very useful for identifying vulnerabilities to look for. My personal favourites are:

[Read more…]

Reading Time: 3 minutes

One of the first things I do when approaching a target is to search for and read through all of their public source code repositories on sites like github.com looking at every file in every directory. I also check through the commit history to see what has changed with each commit. Yes this takes time to do it and it isn’t as fun as jumping straight into hacker typer mode fuzzing inputs on web applications and APIs but it is invaluable. Once I’ve finished the official code repositories of the target I then look at contributors to each of the projects and do the same thing for each of those. Developers often share a lot of code, config, SSH keys, usernames, and passwords between work and personal projects. This has the following benefits:

[Read more…]

Bug Bounty Hunting Tips #2 —Target their mobile apps (Android Edition)

Bug Bounty Hunting Tips #1— Always Read the Source Code

Craig Hays