Bug Bounty Experiences (Spanish)

Eduardo Zamorano shared a talk at #DragonJARCON 2020 titled "Bug Bounty Experiences," which can be described as follows: Learn, through experience, how to become a bug hunter on the world's most popular bug bounty platforms, such as HackerOne, BugCrowd, Cobalt.io, and OpenBugBounty. Explore the most recognized bug bounty platforms today and how they can change your life. 00:00 - Introduction to DragonJAR Security Conference 00:43 - Eduardo Zamorano's Presentation 02:12 - Who is Eduardo Zamorano (debsec)? 04:49 - Talk Agenda 05:53 - What is a Bug Bounty? 06:49 - Bug Bounty Platforms (YESWEHACK, HACKEONE, BUGCROW, VULNSCOPE) 08:01 - What Types of Bugs to Report? 09:39 - Public Programs 11:48 - Private Programs 13:15 - OpenBugBounty Chapter 23:26 - Hackerone - Bugcrowd Chapter 25:25 - Learning Resources for Bug Bounty 29:12 - Hackerone Meetup 36:10 - Explaining Vulnerabilities - Improper Access Control 39:30 - Remote Code Execution (RCE) 44:53 - From XXE to SSRF AWS Private Key 48:25 - Reflection 49:44 - How Much Money Can You Earn with Bug Bounty? 51:36 - Can You Start Bug Bounty Without Pentesting Experience? If you liked it, give it a "Like" and subscribe (http://bit.ly/DragonJARtv) – it helps a lot! More from DragonJAR.tv: ----------------------------------------------------------------------------------------------- YouTube: DragonJARtv (http://bit.ly/DragonJARtv) Facebook: La.Comunidad.DragonJAR (http://bit.ly/DragonJARfb) Twitter: @DragonJAR (http://bit.ly/DragonJARtw) Instagram: Dragon.JAR (http://bit.ly/DragonJARig) Blog: Comunidad DragonJAR (http://bit.ly/DragonJAR) -----------------------------------------------------------------------------------------------