YesWeHack

Looking for awesome video content? Check out the YesWeHack channel on YouTube! ✅ From recap videos of our live hacking events to customer stories and hunter interviews, we've got plenty to keep you entertained this summer. 🌞😎 See for yourself 👉 https://lnkd.in/e8v8cm_S #YouTube #BugBounty #YesWeHack

💡 More secure development and improved internal OffSec practices are not the most obvious benefits of #BugBounty, but should not be overlooked. Addressing peers at an event we held in Stockholm, George Medhurst from risk-management giant DNV said a YesWeHack #BugBounty Program not only uncovered many serious vulnerabilities, but helped the security team automate their own vulnerability hunt and developers avoid creating new vulnerabilities. Learn about the other perks of running a Bug Bounty Program in DNV’s customer success story 👉 https://lnkd.in/eqPQb-Hs

One every 17 minutes – that’s how often a new entry is published on the Common Vulnerabilities and Exposures (CVE) database, according to a new report. 😲 This Skybox research also reveals that 25% of new CVEs are exploited on the same day they were published. 👇 With cyber budgets tight, compliance risk increasing and the average time-to-patch now 100+ days, security teams are increasingly leveraging #BugBounty to detect and remediate vulnerabilities continuously and cost-effectively (our pricing is results-based!). ➡ https://lnkd.in/g5hPmw6W Our #AttackSurfaceManagement solution, meanwhile, takes vulnerability management to the next level – providing continuous visibility of an organisation's digital footprint, automated prioritisation of vulnerabilities, and the tools to tackle critical bugs at scale. ➡ https://lnkd.in/giKWzvyE

Catch us in Kuala Lumpur over the next three days 💪 Visit YesWeHack booth 6503 at Cyber DSA to meet Eileen Neo, Ming Kwang (MK) Teoh and Isabella Chee. Learn about how our #BugBounty and #VulnerabilityManagement solutions can enhance your organisation's #cybersecurity. Swing by, say hi and grab yourself some exclusive swag! 🎁 #EthicalHacking

🥁 The Dojo challenge #34 - AI Image Generator is over! Congrats to: greenhat, __init__, rafffff The swag is on its way! 🎁 #YesWeRHackers #CTF #BugBounty

Cross-site request forgery (CSRF) remains a viable vector in modern web applications despite browsers having been considerably hardened against CSRF. 🧐 That’s according to recent Doyensec research that leveraged client-side path-traversal “to resuscitate CSRF” and surface vulnerabilities in major web messaging applications. 🔥 This is obviously interesting news for ethical hackers, as is a new Burp extension from Doyensec “that provides advanced capabilities and automation for finding and exploiting Client-Side Path Traversal”. 👉 https://lnkd.in/eEkEHSRk Doyensec's Maxence Schmitt presented this novel web security research at OWASP Global Appsec Lisbon 2024. 🌐 Check out Schmitt’s fantastic writeup 👇

👋 Bug hunters and aspiring hackers: Bug Bounty Bulletin, edition #4, is alive!🐞 Featuring: ⚡️ L'Oréal live hacking highlights from leHACK ⚡️ ORM leaks, CSRF via client-side path traversal, and more groundbreaking writeups spotlighted ⚡️ DEF CON 32 to debut Bug Bounty Village, DEF CON next week ⚡️ White-box penetration testing with Xdebug

When using Burp, do you find it time-consuming to scan a wide range of requests that you’ve just collected? ⏳ Don't worry, the Burp extension BCheck Helper provides a list of various pre-written BChecks to speed things up! 👇 https://lnkd.in/egQdrYRm #YesWeRHackers #BugBountyTips

Next week, meet us at Cyber DSA 👋 Heard about #BugBounty but not sure whether it's effective for your organisation? Visit our booth 6503 from 6-8 Aug, where Eileen Neo, Ming Kwang (MK) Teoh and Isabella Chee will share more about YesWeHack's Bug Bounty and Vulnerability Management platform! #Cybersecurity #EthicalHacking

👏 Congrats to Hanissa S, our second and final #WorldEmojiDay competition winner – for having the first report accepted on a public #BugBounty program containing emojis! A swag pack is on your way pwnii… 🎁