Presented at
Diana Initiative 2020 Virtual,
Aug. 22, 2020, 3 p.m.
(60 minutes)
The Bug Hunter’s Methodology is an ongoing yearly installment on the newest tools and techniques for bug hunters and red teamers. This version explores both common and lesser known techniques to find assets for a target. The topics discussed will look at finding a targets main seed domains, subdomains, IP space, and discuss cutting edge tools and automation for each topic. By the end of this session a bug hunter or red team we will be able to discover and multiply thier attack surface. We also discuss several vulnerabilities and misconfigurations related to the recon phase of assessment.
See slides here: https://docs.google.com/presentation/d/1HHzkmREYNGLAT8UY\_nnNgG7yJFuaR9tj\_UaahF92oqw/edit
Presenters:
-
Jason Haddix
- Speaker
Father, hacker, educator, gamer, & nerd. I am passionate about information security. Not only is security my career focus but it’s my hobby. I absolutely love my job.
In my previous role as Director of Penetration Testing I led efforts on matters of information security consulting. The gamut stretched from developing test plans for Fortune 100 companies to competing in "bake-offs" to win business against other top tier consulting vendors.
In my current role I serve as the Director of our Application Security Engineers and Technical Operations. This means I am an extension of (and advisor to) over 300+ security programs across many industry verticals. Under my direction, my team has triaged over 15,000 vulnerabilities this year alone. We also strive to keep the relationship between vulnerability researcher and customer a good one.
Streaming sometimes at: [http://twitch.tv/js0n\_x](https://t.co/WBZcSgGOIG?amp=1 "http://twitch.tv/js0n_x") & posted to [http://youtube.com/jhaddix](https://t.co/I2yhmJjGAb?amp=1 "http://youtube.com/jhaddix")
Links:
Similar Presentations: