My Experiments with truth: a different route to bug hunting

A session at CONFidence 2013

  • Devesh Bhatt

Wednesday 29th May, 2013

10:00am to 10:50am (WMT)

The Best way to improve the security of your systems is to hire hackers. Unfortunately, companies can’t hire all best hackers, so the companies has chosen another best way to improve their system security, “Bug Bounty Program”

Google, Facebook, Mozilla, PayPal, Etsy and many other companies pay a good amount to hackers for responsible disclosure and recently it is being started as a service in the form of “bugcrowd” Security Researchers have submitted bugs ranging from configuration issues to SQL injections.

This topic is not about what is a “Bug Bounty” program, who all is paying what amount and the scope of testing. This paper is basically focused on the approach to finding simple and yet devastating vulnerabilities, earn hefty amounts and share space with the top researchers from around the globe.

This paper depicts easy but unique methods to look for bugs online.

I started on this journey roughly five months back and kind of formulated a procedure to attack the strongest of applications in a short span of time.

About the speaker

This person is speaking at this event.
Devesh Bhatt

Sign in to add slides, notes or videos to this session

CONFidence 2013

Poland Poland, Krakow

28th29th May 2013

Tell your friends!


Time 10:00am10:50am WMT

Date Wed 29th May 2013

Short URL


Official session page


View the schedule


See something wrong?

Report an issue with this session