3 Real API Bugs I got a bounty for

This is a series of mildly Halloween-themed hacking stories for October. I'm going to walk you through my most unimpressive, easy, and straightforward vulnerabilities as I tell three stories of real bugs in real production systems. In this video, we take a look at some API flaws. I've (obviously) had to omit a lot of details, even though these bugs are resolved, sometimes clients worry about disclosing, so no permission = no details on client names, programs, platforms or anything else, all screenshots are taken from unrelated and mildly similar products. ANYWAY, I hope you enjoy the slightly shorter videos. This video is kindly sponsored by Snyk, sign up to their Fetch The Flag CTF on October 27th via my link https://snyk.co/ctf-insiderphd and don’t forget about their CTF 101 workshop on October 17th where you can get hands on practice and help from Synk staff! With over 30 challenges and prizes for the top 3 teams it’s a great chance to learn new skills, do something with friends or just challenge yourself!