This content highlights the journey and methodology of a bug bounty hunter, emphasizing the importance of developer mindset, tool selection, and persistence in discovering vulnerabilities.
Mind Map
Clic para expandir
Haz clic para explorar el mapa mental interactivo completo
Hello, I'm Atlau. I'm from France. I'm
25 years old and I'm currently 35 on Yes React.
The fact that you know that there are a
lot of bugs everywhere, but you don't
know where to start and [music] where to
find bugs. So, it can be challenging at
first, but when you start finding the
first bug, after that, you can find a
I'm primarily looking at target that I
already use like an everyday basis. So
mainly app that I use everyday [music]
an app that I love to use. So I know
that if I found bug on them I can use it
or not after that because if I found a
lot of bugs on the target like that I
My favorite taking tool is Kaido, which
is [music] underrated at the moment and
I love using it instead of B because
it's lightweight and pretty nice. As I
was a developer before that, I love to
develop my own tool and be able to find
bugs like that. So, I'm developing
plugins for Kaido or maybe some script
for myself to help [music] me find more bugs.
Yeah, a lot. Because by being a
developer before, I have the mindset of
how people trait new tools and how
people create websites. So I know where
I can find bugs and how it can happen.
I love Yes because the traging is
perfect. So it's very fast to get triage
and I love the platform. The people
[music] are pretty good. The bugs are
pretty good there and the program is
That was a bug when I was able to reset
the password of every account in a big
uh medical company. So that was pretty
huge. That was a full chain. So it was
different bugs chained together. So that
was mainly idols and improper access
control bugs. And at the end it was the
result of resetting every password of
We did a hacker house with some friends
mainly on Yesak [music] and it was very
fun because we were like a lot of
friends just doing bunch together having
I would say persistent, creative and
communitydriven mainly because I'm
writing a lot of blog posts so sharing
my experience and all the stuff I'm
>> [music]
>> being persistent on the target and take
a lot of time because at the first time
you will not find any bugs but you can
find one maybe a week later or maybe a
month later. So just being persistent
and still continue [music] to look at
Haz clic en cualquier texto o marca de tiempo para ir directamente a ese momento del video
Compartir:
La mayoría de las transcripciones están listas en menos de 5 segundos
Copia con un clicMás de 125 idiomasBuscar en el contenidoIr a marcas de tiempo
Pega la URL de YouTube
Ingresa el enlace de cualquier video de YouTube para obtener la transcripción completa
Formulario de extracción de transcripción
La mayoría de las transcripciones están listas en menos de 5 segundos
Instala nuestra extensión para Chrome
Obtén transcripciones al instante sin salir de YouTube. Instala nuestra extensión de Chrome y accede con un clic a la transcripción de cualquier video directamente desde la página de reproducción.
