By Erica Azad Apr 21, 2021Attack Surface Management 101: An Essential Guide What is an Attack Surface? Imagine you live in a house with two doors and five windows. Each night, you check each door and window to make sure it is locked. But what if there was a hidden sixth window,… Read More
By Michael Hamel Apr 19, 2021The LevelUp CFP is open! Calling all Speakers! Hello friends! Are you interested in speaking at an upcoming LevelUp virtual conference or event? Well, you’re in luck! Our LevelUp CFP is open! You can now submit your talk ideas to our CFP intake form for consideration! Click here… Read More
By Michael Hamel Apr 16, 2021The Ultimate Guide to Bugcrowd Incentive Programs Welcome to the Ultimate Guide to Bugcrowd Incentive Programs! Ever wondered how you can get your hands on some Bugcrowd Swag? Well I’m here to break it all down for you. In fact, we have a number of ways that… Read More
By Luke Stephens Apr 9, 2021How to Succeed in Bug Bounties as a Pentester TL;DR: As a pentester, when I first started bug bounties, it was hard. I had to change my hacking style to start earning decent money. Read on to find out exactly what changed. When I first started bug bounties, I… Read More
By Luke Stephens Apr 2, 2021Is Foundational Knowledge (Networking, Coding, Linux) Really That Important When Learning to Hack? I receive a lot of messages from people who are just starting out on their hacking journey. One of the most common questions that gets asked is "what prerequisite knowledge is required to start learning hacking?". This question comes in… Read More
By Barnett Klane Mar 30, 2021VRT v1.10 Released: Flash downgrades and extended automotive categorization In our tenth release of the Vulnerability Rating Taxonomy (VRT), we’re continuing to meet the goals we prioritized from the start: Collaborate with the community to collect feedback and expertise to drive improvement Maintain a taxonomy that reflects the latest… Read More
By Luke Stephens Mar 24, 2021The Ultimate Guide to Finding and Escalating XSS Bugs What is XSS? Cross-Site Scripting (XSS) is the most common vulnerability discovered on web applications. It occurs when an attacker is able to execute client-side JavaScript in another user’s browser. XSS is a very interesting and dynamic bug class for… Read More
By Luke Stephens Mar 12, 2021How to Regex: A Practical Guide to Regular Expressions (Regex) for Hackers Regular Expressions (a.k.a regex, or regexp) is one of those things that has a fairly steep learning curve, but once you dedicate an hour or so to learning the basics, you will find that you will be far more efficient… Read More
By Luke Stephens Mar 10, 2021Introducing: Bugcrowd Tip Jar Currently one of the best* sources of Bug Bounty resources is Twitter. That’s why we’ve started tweeting more tips and techniques to educate our researchers. The thing is, Twitter is 10% laughs, 10% education and 80% cat memez. It’s an… Read More
By Andy White Mar 10, 2021The Informational Revolution In the next few weeks we’ll be changing the Won’t Fix outcome to Informational. You may notice this shift happening gradually. This means that while you’ll see “informational” start to appear in the Bugcrowd user interface, not all references to… Read More
