$130,000+ Learn New Hacking Technique in 2021 - Dependency Confusion - Bug Bounty Reports Explained

Share
Embed
  • 
    Loading...
  • Published on:  2/22/2021
  • Today's Bug Bounty Report Explained covers dependency confusion - a new bug bounty hacking technique that earned the researcher at least $130,000 bounties and probably even more. Lucky for you, the researcher didn't find all of them, so there's still plenty to be discovered.

    Blogpost:
    https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610

    Reporter's twitter:
    https://twitter.com/alxbrsn

    Follow me on twitter:
    https://twitter.com/gregxsunday

    Timestamps:
    00:00 Intro
    00:32 Known attacks on dependencies
    02:03 The new attack on dependencies
    04:22 Impact
    05:02 Data exfiltration
    06:29 Getting names of private packages
    08:00 Results

    #DependencyConfusion
Loading...

Comment