Accidentally finding a $50,000 vulnerability - Augusto Zanellato - Bug Bounty Reports Discussed #2
Sep 30, 2021 ·
26m 15s
Download and listen anywhere
Download your favorite episodes and enjoy them, wherever you are! Sign up or log in now to access offline listening.
Description
✉️ Sign up for the newsletter: https://mailing.bugbountyexplained.com/ This podcast is an interview with Augusto Zanellato, the hacker who submitted report with a GitHub rest API token leaked which had access...
show more
✉️ Sign up for the newsletter: https://mailing.bugbountyexplained.com/
This podcast is an interview with Augusto Zanellato, the hacker who submitted report with a GitHub rest API token leaked which had access to Shopify's Github account. It was reported on Hackerone to Shopify and Augusto got $50,000 for it. The best thing is that he didn't even look for a security issue.
Link to the report explained: https://youtu.be/TOgIgD0KUVs
The report on Hackerone: https://hackerone.com/reports/1087489
Subscribe to Bug Bounty Reports Explained on YouTube: https://www.youtube.com/c/BugBountyReportsExplained/
Augusto's media:
https://twitter.com/auguzanellato
https://hackerone.com/augustozanellato?type=user
https://github.com/augustozanellato
show less
This podcast is an interview with Augusto Zanellato, the hacker who submitted report with a GitHub rest API token leaked which had access to Shopify's Github account. It was reported on Hackerone to Shopify and Augusto got $50,000 for it. The best thing is that he didn't even look for a security issue.
Link to the report explained: https://youtu.be/TOgIgD0KUVs
The report on Hackerone: https://hackerone.com/reports/1087489
Subscribe to Bug Bounty Reports Explained on YouTube: https://www.youtube.com/c/BugBountyReportsExplained/
Augusto's media:
https://twitter.com/auguzanellato
https://hackerone.com/augustozanellato?type=user
https://github.com/augustozanellato
Information
Author | Grzegorz Niedziela |
Organization | Grzegorz Niedziela |
Website | - |
Tags |
Copyright 2024 - Spreaker Inc. an iHeartMedia Company