Dávid Schütz - 4 Weird Google VRP Bugs in 40 Minutes

This presentation was held at #Hacktivity2021 IT security conference on 8th October 2021.

After almost two years of hacking on Google’s bug bounty program, I have found some weird, unexpected, and dare-to-say-it interesting security vulnerabilities. I will share 4 of these stories with you, from the initial ideas to the actual POC videos I have sent to Google. I’ll capture the key takeaways of these bugs, so you can avoid making the same mistakes when developing your applications. We will play with Google Assistant, the 2020 classic Google Classroom, and many (2) other products. I have never talked about these bugs publicly before, so prepare for some epic exclusivity. And yes, I will even tell you the bounty amounts.

#HACKTIVITY is the biggest event of its kind in Central & Eastern Europe. About 1000 visitors are coming from all around the globe every year to learn more about the latest trends of cybersecurity, get inspired by people with similar interest and develop themselves via comprehensive workshops and training sessions.

[ Ссылка ]

свернуть