Bug Bounty Village @ DEF CON 33
DEF CON 33 Bug Bounty Village — bounty hunter craft, AI bug bounty, modern web/mobile exploitation, and program operations.
→ See editor’s top picks at Bug Bounty Village @ DEF CON 33
- Exploiting The Off-Chain Ecosystem In Web 3 Bug Bounty — Bruno Halltari
In this insightful talk from Bug Bounty Village, Bruno Halltari, a security researcher at OtterSec, sheds light on a frequently underestimated area within Web3 security: the off-chain ecosystem…
- Hacking The Edge: Real-World ESI Injection Exploits — Robert Vulpe
- To Pay or Not to Pay? The Battle Between Bug Bounty & VDPs — Aaron Guzman
In "To Pay or Not to Pay? The Battle Between Bug Bounty & VDPs," Aaron Guzman, a Program Owner at Cisco, delves into the intricate challenges and strategic imperatives of managing both bug bounty…
- Year of the Bounty Desktop: Bugs From Binaries — Parsia Hakimian
In "Year of the Bounty Desktop: Bugs From Binaries," Parsia Hakimian of Microsoft challenges the conventional focus of bug bounty hunting, urging researchers to look beyond traditional web…
- Testing Trust Relationships: Breaking Network Boundaries — Michael Gianarakis
In his talk at Bug Bounty Village, Michael Gianarakis, Chief Product Officer at Searchlight and co-founder of Assetnote, presented a critical analysis of modern network access controls, particularly…
- How Hackers Are Breaking Modern AI Systems & How Bug Bounty Programs Can Keep Up
In this insightful talk from Bug Bounty Village, Dane Sherrits and Shlomi, both seasoned bug bounty hunters and experts at HackerOne, delve into the rapidly evolving landscape of AI security. Titled…
- Creator Panel Discussion — Nahamsec, Rhynorater, InsiderPHD
The "Creator Panel Discussion" at Bug Bounty Village, Defcon, brought together three prominent figures in the bug bounty and cybersecurity content creation space: Nahamsec (Ben), Rhynorater (Justin…
- Nuclei: Beyond the Basic Templates — Ben Sadeghipour
In his insightful Bug Bounty Village talk, "Nuclei: Beyond the Basic Templates," renowned bug bounty hunter Ben Sadeghipour, famously known as Nahamsk, delivers a compelling critique and practical…
- KEYNOTE: Attacking AI — Jason Haddix
In this keynote at Bug Bounty Village, Jason Haddix, a seasoned offensive security expert and leader at Arcane, delves into the rapidly evolving landscape of attacking **Generative AI**-powered…
- Exposing Hidden Data from RAG Systems — Pedro Paniago
In this insightful talk from Bug Bounty Village, Pedro Paniago, a Manager at PwC Belgium and an accomplished bug bounty hunter, unveils a critical vulnerability in **Retrieval Augmented Generation…
- Becoming a Caido Power User — Justin Gardner
In this insightful presentation, Justin Gardner, a prominent bug bounty hunter, podcast host, and adviser for Caido, takes the stage to illuminate how security researchers can transform into "Caido…
- Q&A - AI's Journey Through Zero-Days And A Thousand Bugs
This article delves into the groundbreaking work presented at Bug Bounty Village, where a team of researchers from Expo showcased their advanced autonomous pentest AI. While originally scheduled as…
- Inside a large self-hosted VRP — Sam Erb
Sam Erb, a Security Engineer at Google who helps manage the expansive Google and Alphabet Vulnerability Reward Program (VRP), delivered an insightful talk at Bug Bounty Village detailing the unique…