By Luke Stephens Apr 2, 2021Is Foundational Knowledge (Networking, Coding, Linux) Really That Important When Learning to Hack? I receive a lot of messages from people who are just starting out on their hacking journey. One of the most common questions that gets asked is "what prerequisite knowledge is required to start learning hacking?". This question comes in… Read More
By Luke Stephens Feb 18, 2021How to Find XXE Bugs: Severe, Missed and Misunderstood Introduction Every time I see an opportunity to attempt an External Entity Injection (XXE) attack I get excited. In my experience it has a high chance of success when compared to many other vulnerability types. Many of the XXE exploitation… Read More
By Erica Azad Jan 28, 202110 Ways to Save with Bug Bounty Bug bounties are a pay-for-results approach to proactive security testing designed to maximize discovery of high-impact vulnerabilities. Through managed bug bounty programs, organizations are given access to thousands of highly skilled and thoroughly vetted security researchers ready to help organizations… Read More
By Casey Ellis Dec 14, 2020Priority One: Insights into Submission and Payment Trends 2020: Chaos is a Ladder As 2020 comes to a close, I’ve started to see summaries of the year pop up, covering lessons learned from the year nobody saw coming... As years go, 2020 was full of those! While I… Read More
By Bugcrowd Dec 3, 2020The Difference Between Bug Bounty and Next Gen Pen Test Last year we launched Next Generation Penetration Test (NGPT). It’s a new product with unique platform capabilities to meet organizations’ evolving application security needs as focused external threats grow at an accelerated pace. The next generation of pentesting can deliver… Read More
By Luke Stephens Oct 7, 2020These Are the Bugs You Should Look for in Late 2020 I have a pretty sweet job 😎. I get to read bug bounty submissions that blow my mind. I spend a considerable amount of time each day gathering my jaw from my office desk after reading about some face-melter P1s.… Read More
By Michael Skelton Sep 30, 2020How-To: FFUF with Codingo One of the areas we’re most passionate about here at Bugcrowd is hacker education, and elevating the Crowd to new heights. This extends beyond our roles and is something many of us are passionate about in our personal time as… Read More
By Luke Stephens Sep 26, 2020A Byte-ful with TomNomNom Without a doubt, tomnomnom is one of my favourite hackers. I look up to his tools and mindset. Recently, I was able to sit down and have a long chat with him. In this podcast, Tom goes into detail and… Read More
By Bugcrowd Product Marketing Sep 23, 2020Can the Crowd Handle Network Pen Testing? Advances in firewalls and cloud security providers have greatly reduced risk to network infrastructure. But these advances have only served to deter low-level threats, while failing to combat complex risk from highly skilled malicious attackers. Modern penetration testing can help,… Read More
By Michael Hamel Jul 23, 2020Bugcrowd Spotlight: Shreyance Tewari Have you ever wondered how your favorite Bugcrowd program is set up before you’re sent that coveted Private Invite? Shreyance Tewari is the Lead Security Solutions Architect here at Bugcrowd, ensuring that programs are up and ready for researchers to… Read More
