Efficient Bug Bounty Automation Techniques, Gunnar Andrews | Bug Bounty Village, DEF CON 32

Efficient Bug Bounty Automation Techniques, Gunnar Andrews | Bug Bounty Village, DEF CON 32

Bug Bounty DEFCON
1.331 Lượt nghe
Efficient Bug Bounty Automation Techniques, Gunnar Andrews | Bug Bounty Village, DEF CON 32
🔧 Efficient Bug Bounty Automation Techniques | Talk by Gunnar Andrews 🎯 DEF CON / Bug Bounty / AppSec / Recon / Tooling Welcome to the deep dive into efficient bug bounty automation, presented by Gunnar Andrews — AppSec engineer by day, bug bounty hunter by night, and content creator across YouTube and Twitch. This talk is packed with actionable techniques and hard-earned lessons from real-world bug hunting automation. Whether you're just starting out or scaling up your recon game, you'll walk away with practical insights into making your tooling faster, smarter, and more effective. 💡 Talk Breakdown: Resources vs Findings → How to go from data overload to actual bug reports (and payouts). → Why scaling smart is more important than just scanning more. Automating Collection → What Gunnar collects, how he collects it, and why brute-forcing is a last resort. → Creative passive techniques that outperform aggressive scans. Data Engineering for Hackers → Why flat files aren't enough. → Redis, PowerDNS, Prometheus, and more for real-time, scalable bug bounty infra. ⚙️ Tools Mentioned: Caduceus (TLS scanning + cert parsing) Gungnir (Real-time CT log scraping) Harpy (Virtual host scanning – coming soon!) Subfinder, SMAP, ZDNS, Masscan, etc. 🧠 Key Topics: Passive DNS strategies Real-time subdomain discovery DNS resolution accuracy (and silent failures!) IP domain cross-referencing Lambda-based stealth scanning Building resilient, distributed bug bounty pipelines Avoiding scope pitfalls and automation burns 🔗 Find Gunnar GitHub: https://github.com/g0ldencybersec Twitter/X: https://x.com/g0lden_infosec Twitch & YouTube: https://www.youtube.com/@g0lden1 🛠 Don't automate in a vacuum. Talk to people. Share your bugs. There's plenty out there. If this talk helped you, drop a like, leave a comment, and subscribe for more content around bug bounty, recon, and security tooling! #BugBounty #AppSec #Recon #CyberSecurity #Automation #Infosec #DEFCON #CTLogs #DNS #RedTeaming #ReconTools

Những bài liên quan

    Chưa có bài liên quan nào!