Coursera Plus Annual is 40% Off — Ends June 29.

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Beyond the Borders of Scope

HackerOne via YouTube

Start learning Write review
Coursera Ad

Learn AI, Data Science & Business — Earn Certificates That Get You Hired

Learn More → Simplilearn Ad

UC San Diego Product Management Certificate — AI-Powered PM Training

Learn More →

Overview

AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Explore advanced bug bounty techniques focusing on out-of-scope asset reconnaissance in this 16-minute conference talk from h@cktivitycon 2020. Learn how to leverage unconventional recon methods to uncover vulnerabilities in core applications without directly hacking out-of-scope assets. Discover Jr0ch17's proven strategies for finding unique bugs, including reflected XSS, RCE, and information disclosure. Gain insights into approaching new targets, identifying site builders, chaining vulnerabilities, and exploiting various platforms like AEM, Slack, and Jenkins. Enhance your bug hunting skills and increase your chances of discovering high-impact, non-duplicate vulnerabilities in bug bounty programs.

Syllabus

Intro
Who am I
Outline
Disclaimer
Approaching a new target
Who built the site
Chaining vulnerabilities
AEM
Target Apps
Slack
Scope
Useruid Leak
Privilege Escalation
Admin Endpoint
Intel Jenkins
Outro

Taught by

HackerOne

Reviews

Start your review of Beyond the Borders of Scope

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.