YesWeHack

We've just completed a successful Live #BugBounty with none other than L'Oréal, a titan of the cosmetics world. 💄 Read our recap of this ‘Bug Beauty contest’ at LeHack in Paris to find out who topped the podium and about an unusual scope change partway through proceedings. 🏆 Our writeup also reveals what the hunters and L’Oréal’s security team thought of the event. 👇

🎵 Please don't pwn the music 🎵 Who could say no to a party on the eve of a #LiveHackingEvent? Certainly not our bug hunters! They joined the YesWeHack team for a fantastic sunset pre-hack party last Friday, following an exciting first day at leHACK! A big thank you to 211 for hosting us. With fresh beer, great music, and amazing people, it was definitely a night to remember 😎 #HackThePlanet #LHE #leHACK2024

We’re excited to release the next Dojo module, with lab included, based on Alex B. #NahamCon2024 talk on bypassing WAFs 🧗🔥 The second module shows how to exploit transformation behaviours in applications! #BugBounty #YesWeRHackers #CTF

A diverse pool of talented #security researchers with no time limitations: the perfect combination for top-notch security testing results! 💪 At our latest customer event in Singapore, the CISO of a global retailer of luxury goods juxtaposed the "no limitations" aspect of #BugBounty Programs with the constraints of traditional pentesting. Curious for more insights? Read the full customer story: https://lnkd.in/e94aRBBK

📺 Ce week-end, notre CEO et co-fondateur Guillaume Vassault-Houlière était l’invité de BFM Business Tech & Co pour discuter du fonctionnement de notre plateforme de #BugBounty et de gestion des vulnérabilités, mais également de notre récente levée de fonds et des projets à venir pour YesWeHack. L'émission, présentée par Frédéric Simottel, est disponible en replay ici 👇 #HackThePlanet

💄 That’s a wrap for our #LiveHackingEvent with the leading global beauty and cosmetics group L'Oréal! Special congratulations to our final top 3: 🥇 Abbas ABOUDOU IBOUROI (aka DinDinDin) 🥈 Sébastien Copin (aka cosades) 🥉 Florian DELOOZ (aka Fayred) Huge thanks to our fantastic partner L'Oréal for their trust and involvement, to all the talented bug hunters who took part in this thrilling event, and to leHACK for hosting another successful #LHE with us. See you next year! 🤘 Here’s the final leaderboard: https://lnkd.in/eYvCUrVT Photo credit: Jossuha 📷 THÉOPHILE #BugBounty #YesWeRHackers #leHACK2024

While everyone's pwning at our #LiveHackingEvent with L'Oréal, let’s share a quick leaderboard update! Seven hours in, 👨💻 Léo Jorand aka Gromak is shining at the top, with Steve Z. aka Intrusio and Cassim Khouani aka Aituglo close behind. Bug hunters still have the evening and night to perfect their attacks and highlight potential vulnerabilities in #LOreal's information systems. ✨ If you're attending leHACK, make your way to Le Loft now! 🏃♂️ Want to keep up with the competition live? This way 👉 https://lnkd.in/eYvCUrVT Photo credit: Jossuha 📷 THÉOPHILE #BugBounty #EthicalHacking #leHACK2024

Ready for a Live Bug… Beauty? 🤩 Our annual #LHE at leHACK features the world’s largest beauty and cosmetics group, L'Oréal! 💅 L'Oréal has been dedicated to beauty for over a century, delivering a comprehensive range of innovative beauty products across skincare, haircare, makeup, and fragrance. 📣 Calling all #leHACK2024 attendees: join us at Le Loft for a brilliant hacking session, kicking off now and continuing until tomorrow at 3:00am. We’re counting on you to use a palette of your best tools to contour L’Oréal’s potential security flaws! Follow the competition here: https://lnkd.in/eYvCUrVT #LiveHackingEvent #BugBounty #EthicalHacking

🍀 Want to try your luck at our claw machine at leHACK? Take part in the #PandemicCTF designed by our tech ambassador BitK, taking place today and tomorrow! 🦠 You'll not only have the chance to win one of our many goodies, but also to compete for the top 3 prizes: 1️⃣ A one-year licence for Burp Suite 2️⃣ A Flipper Zero, the geek's multi-tool device 3️⃣ "Javascript for hackers: Learn to think like a hacker" by Gareth Heyes Good luck! #YesWeRHackers #leHACK2024

👋 Bug hunters and aspiring hackers: Bug Bounty Bulletin, edition #3, is here! 🐞 Some highlights: ⚡️ Sam Curry strikes gold again ⚡️ Calls for Bug Bounty Programs for AI safety ⚡️ New WAF bypass module on YesWeHack Dojo ⚡️ HakuPiku hunter video interview ⚡️ Plus writeups and coverage of vulnerabilities affecting OpenSSH, iOS apps, Factorio and more besides… Enjoy!