Master Production-Ready Machine Learning, Step by Step
Learn AI, Data Science & Business — Earn Certificates That Get You Hired
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
This conference talk from nullcon Goa 2025 explores techniques for hunting authorization and logic vulnerabilities across Google products using basic hacking tools like Burp Suite. Learn how security researcher Cameron Vincent discovered significant vulnerabilities, including the ability to edit other users' apps on Google Play Store, access entire Google Workspace organizations' admin consoles, publish apps to Android devices in organizations, and view users' files on Google Ads. Discover practical approaches to vulnerability hunting with simple yet creative attack scenarios, and gain insights into making a living through bug bounty programs like Google's Vulnerability Reward Program (VRP). The 30-minute presentation covers responsible disclosure practices and provides valuable knowledge for both beginner and intermediate security researchers interested in bug bounty hunting.
Syllabus
Nullcon Goa 2025: Google Give Me Vulnz - Cameron Vincent
Taught by
nullcon