This video covers improper authorization issues, where users can access resources or take actions they shouldn't. We'll look at real-world examples of weird authorization bugs and how they happen.
.
.
.
.
.
My Blog: https://medusa0xf.medium.com/
.
.
.
Social media:
Twitter: https://twitter.com/medusa_0xf
.
.
.
Discord: https://discord.com/invite/2PUPD3RHHs
.
.
.
HackerOne Reports in the Video:
https://hackerone.com/reports/792927
https://hackerone.com/reports/270981
https://hackerone.com/reports/1861974
.
.
.
.
Introduction: 0:00
Authorization: 1:00
Report 1: 2:10
Report 2: 5:48
Report 3: 9:11
Final Thoughts: 11:38
.
.
.
#hackerone owasp #jwt #api #subdomain #portswigger #bugbounty #bola #postman #podcast #pentesting #api #hack #bola #tryhackme #hackerone #apihacking #computerscience #javascript #python #postman #ctf #bughunting #pentesting #hacking #hackingtools #burpsuite #portswigger #ethicalhacking #OAuth #webhacking #programming #websecurity #technology #practical #artificialintelligence #web #recon #bypass