Android App Bug Bounty Secrets
Sergey Toshin tells us the story of how he became a top Android bug hunter and how he finds critical vulnerabilities. He also shows us a really cool vulnerability found in the Google Android Snapseed app. I didn't know this crazy attack vector exists!
Start Android Bug Hunting Here! Google App Scan Results: https://bughunters.google.com/report/...
Google Mobile VRP: https://bughunters.google.com/about/r...
Oversecured Blog: https://blog.oversecured.com/
Verify the output of tools: https://bughunters.google.com/learn/i...
More Bug Bounty Videos: • Bug Bounty
More Mobile Security: • Mobile Security
Chapters:
00:00 - Intro
00:57 - Meet Sergey Toshin (Oversecured)
02:51 - How Oversecured Started
04:42 - Verify The Output of Tools!
07:17 - First Look at Vulnerability
09:58 - 1. Explained: Android Intents
11:25 - 2. Explained: Content Providers
12:51 - 3. Explained: App Permissions
13:34 - Exploit Walkthrough
16:17 - Proof of Concept and Report
17:15 - Android VRP Rewards
18:32 - Start Hunting for Bugs in Google Apps!
=[ ❤️ Support ]=
→ per Video: / liveoverflow
→ per Month: / @liveoverflow
=[ 🐕 Social ]=
→ Twitter: / liveoverflow
→ Instagram: / liveoverflow
→ Blog: https://liveoverflow.com/
→ Subreddit: / liveoverflow
→ Facebook: / liveoverflow
![OSU! [supercell - Hero Kowari's Insane] 4.42 FC S](https://images.videosashka.com/watch/l4DQHYtqzqY)
