Broadcasts.com - "Plucking the low hanging fruit of data and security breaches. How to be rewarded even if there's no bug bounty program (hackerhotel2024)" (Chaos Computer Club

Other
SEE MORE
- classical
- general
- talk
- News
- Family
- Bürgerfunk
- pop
- Islam
- soul
- jazz
- Comedy
- humor
- wissenschaft
- opera
- baroque
- gesellschaft
- theater
- Local
- alternative
- electro
- rock
- rap
- lifestyle
- Music
- como
- RNE
- ballads
- greek
- Buddhism
- deportes
- christian
- Technology
- piano
- djs
- Dance
- dutch
- flamenco
- social
- hope
- christian rock
- academia
- afrique
- Business
- musique
- ελληνική-μουσική
- religion
- World radio
- Zarzuela
- travel
- World
- NFL
- media
- Art
- public
- Sports
- Gospel
- st.
- baptist
- Leisure
- Kids & Family
- musical
- club
- Culture
- Health & Fitness
- True Crime
- Fiction
- children
- Society & Culture
- TV & Film
- gold
- kunst
- música
- gay
- Natural
- a
- francais
- bach
- economics
- kultur
- evangelical
- tech
- Opinion
- Government
- gaming
- College
- technik
- History
- Jesus
- Health
- movies
- radio
- services
- Church
- podcast
- Education
- international
- Transportation
- kids
- podcasts
- philadelphia
- Noticias
- love
- sport
- Salud
- film
- and
- 4chan
- Disco
- Stories
- fashion
- Arts
- interviews
- hardstyle
- entertainment
- humour
- medieval
- literature
- alma
- Cultura
- video
- TV
- Science
- en

Plucking the low hanging fruit of data and security breaches. How to be rewarded even if there's no bug bounty program (hackerhotel2024)

Published: Feb. 11, 2024, 2 p.m.

I call myself "The Lamest Hacker You Know". I don 't use Kali, 0days, Burp Suite or any tools besides Curl, A browser, and clients for existing software, combined with (semi) open data sources. Probably 90% of my findings are for companies that don't have a CISO an never even heard the term "Bug Bounty Program", In this talk I will give some tips on how to reach out to a company out-of-the-blue and not have them hate you.\n\nI call myself "The Lamest Hacker You Know". \nI don 't use Kali, 0days, burp suite or any tools besides Curl and some (semi) open data sources.\n\nProbably 90% of my findings are for companies that don't even have a CISO and never even heard of a Bug Bounty Program and yet, I have been rewarded for finds that will make you go "yikes".\n\nI never once got into trouble because of how I operate: Being radically open. \n\nIn this talk I will look back on some cases I never made public, show you how I work, the upsides and the downsides, and give some tips on how to reach out to a company out-of-the-blue and not have them hate you.\nabout this event: https://pretalx.hackerhotel.nl/hackerhotel-2024/talk/FPMLCB/