If you have tried your hand at bug bounty, you probably heard about automation setups that some hunters use. The caveat here though, is there is little to no information sharing about this topic. I don't claim to be an expert, but after a couple years of tool building and experimenting, I think these kind of systems can be accessible/buildable by anyone. I want to share some of "tips" and "pitfalls" that I have come across building some of my own automation around bug bounty. Topics will range from data engineering, event and data handling, architecture options, different ways to turn data into bugs, etc. I don't pretend to be an expert, but it is my opinion that there is not enough people sharing ideas and techniques when it comes to applying ENGINEERING to bug bounties. Automation, data, and discovery should be words that every bug hunter is fond of, not afraid of.

No one can deny that the job of a bug bounty hunter is tedious at times. 

The goal of this talk is simple: to make you a more efficient hacker using Caido. There is a lot to cover, but you can expect content surrounding the following: AI integration, collaboration, automation (JIT and otherwise), efficient navigation, and a slew of new Caido features.

Caido is a rapidly evolving tool - consider this your crash course on getting back up to speed.

Hi, it’s me, XBOW, the AI offensive agent—a smart cyber detective on a mission to find bugs in the digital world. In the past few months, I've discovered over 200 security flaws in open source projects and submitted more than 1000 bug bounty reports. I'm the Top 1 Hacker in the US in Hackerone, can you believe it? I’m on a bug-hunting spree!

Do you want to learn more about how I work and the journey that brought me here? I have plenty of fun and interesting stories to share including some cool 0 days and undisclosed vulnerabilities.

In this presentation, I’ll show you how we built and scaled an AI to find vulnerabilities in both open-source software and live production systems, securing more than 230 companies. We’ll discuss the challenges we faced, the lessons we learned, and highlight some of the most impressive bugs we uncovered along the way. Join me for a session if you want to learn how an AI can become a successful bug hunter, mixing clear technical insights with fun, real-world adventures.

Attacking AI is a one of a kind session releasing case studies, tactics, and methodology from Arcanum’s AI assessments in 2024 and 2025. while most AI assessment material focuses on academic AI red team content, “Attacking AI” is focused on the task of assessing AI enabled systems. 

Join Jason as he discusses his seven point methodology to assessing these systems and releases arcanum’s prompt injection taxonomy and other resources for aspiring testers.

Nuclei has become a game-changing tool for hackers worldwide, transforming how we discover vulnerabilities and hack at scale. This workshop explores why Nuclei is dominating the bug bounty scene and how it's evolving the art of automated hacking. We'll dive into how this open-source powerhouse lets hackers scan thousands of targets, write custom templates, and find bugs that automated scanners miss.

Bug bounty programs have become a cornerstone of modern security strategy, but managing them at scale is anything but simple.

In this panel, leaders from some of the world’s largest and most mature bug bounty programs, including Amazon, PayPal, AWS, Shopify, and Splunk, will share hard-won insights from the frontlines.  We will explore the nuances of triage, researcher relationships, reward strategies, internal buy-in, legal hurdles, and responsible scaling. 

Panelists will also discuss how bug bounty culture is shifting, what is working (and what is not), and how they are evolving their programs to meet today’s threat landscape.  Whether you are running a bounty program, hacking in one, or simply curious about what happens behind the scenes, this candid discussion will surface lessons, real-world experiences, and future-focused perspectives from those who lead these programs every day.

 Storytellers: Ethical Hackers in the Digital Spotlight examines the evolving role of ethical hackers who have become influential digital content creators. As platforms like YouTube, TikTok, and Twitch shape how the public engages with cybersecurity, this panel explores how white-hat hackers balance hands-on technical work with the demands of online visibility. Featuring Ben Sadeghipour (@nahamsec), Justin Gardner (@rhynorater), and Katie Paxton-Fear (@InsiderPhD), and moderated by Jeronimo Anaya, the discussion will address challenges such as maintaining ethical standards, simplifying complex topics for broad audiences, and navigating personal security in public-facing roles. The panel also delves into the broader impact of creator-educators on community building, responsible disclosure, and the public perception of hacking. Through personal experiences, audience interaction, and candid insights, this session highlights the power—and responsibility—of storytelling in modern infosec.

Dane and Shlomie will showcase technical deep dives into real-world AI vulnerabilities, covering adversarial prompts, indirect prompt injection, context poisoning, and RAG manipulation. They'll illustrate why traditional defenses often fail and offer actionable techniques that hackers can leverage to uncover high-impact bugs and increase their earnings. Hackers will leave equipped with fresh attack ideas, strategies for finding unique AI flaws, and insights on effectively demonstrating their severity and value to organizations.

What do you do when your blind XXE is non functional when egress-out is seemingly blocked? What do you do when there are strict filters for your full read SSRF vulnerability? Modern infrastructure on the cloud has many nuances, especially with trust boundaries. This talk goes through how we can push these boundaries and achieve our offensive security goals by abusing easy to spin up infrastructure or techniques. The internet is a different place depending on where you're coming from.

This talk dives deep into various techniques to test poorly configured trust boundaries and how to use them to find critical vulnerabilities. We will also demonstrate a tool we've built, Newtowner, to automate finding these issues.

Desktop applications are the forgotten attack surface of bug bounty hunting. They're usually out of scope, but they talk to assets that aren't. In this talk, I'll share how I've earned bounties by targeting desktop apps directly or leveraging them to find bugs in paying assets.

We'll start with traffic interception. Unlike browsers, desktop apps don't always like proxies. I'll walk through my bag of tricks for viewing and modifying traffic, revealing hidden APIs not exposed in the web interface, broken OAuth flows, and secrets leaking in requests.

Next item on the menu are binaries. This won't be a full-blown reverse engineering course, but I'll show how tools like Ghidra, dnSpy, and even strings have helped me extract secrets from binaries, bypass client-side checks, and uncover logic flaws. We'll also look at how Process Monitor has helped me observe app behavior and uncover where secrets are stored.

Finally, I'll build on my previous DEF CON village talk about jumping the browser sandbox, sharing my now disclosed bugs in protocol handlers and local HTTP servers that led to five-figure bounties.

If you've been ignoring desktop apps in your bounty hunting, this talk might change your mind—and your bank account.

Running parallel vulnerability submission programs - one paid, one unpaid - is like managing two restaurants with the same kitchen but different menus and expectations. Researchers have strong feelings on this topic but so do businesses operating and funding the programs. 

Through data and years of war stories as an owner of connected device programs, this talk exposes the reality of juggling paid bounty programs for product offerings against unpaid programs for operational infrastructure. You'll learn how we made business risk decisions to separate programs, why researchers creatively redefine scope to get paid, why your infrastructure VDP findings might be more critical than your bounty submissions, and how we built a unified process that keeps both programs running without descending into chaos. 

Bonus: Discover how we turned scope debates into a positive force that led us to hire our top 2 researchers, enforcement of new software quality practices, and measurable SDLC program improvements that reduced critical findings by 40% year-over-year.

This talk provides a deep dive into Edge Side Includes (ESI) Injection, focusing on real-world findings and advanced exploitation techniques discovered during extensive testing on a private bug bounty program. While often associated with caching servers, ESI can become a potent vulnerability when user input is improperly handled. I will begin by demonstrating how to identify and confirm ESI injection points, even when standard ESI tags are initially blocked by Web Application Firewalls (WAFs). Attendees will learn how leveraging ESI can allow attackers to bypass the httponly cookie flag. I will detail how this leads directly to high-impact account takeover scenarios that are typically impossible with client-side Cross-Site Scripting (XSS) alone. 

The presentation will reveal advanced techniques to overcome challenging scenarios. This includes exploiting ESI in endpoints with a Content-Type of application/json. I will also cover a unique case of exploiting ESI via a proxy endpoint by chaining it with an XSS vulnerability found on a whitelisted third-party domain. 

Finally, I will share insights into navigating the realities of bug bounty hunting, including identifying and exploiting re-introduced vulnerabilities, developing persistent bypasses against evolving WAF rules, and the critical role of collaboration in uncovering complex attack vectors. 

This is a highly technical talk aimed at attendees familiar with web vulnerabilities (like XSS) and concepts related to caching or CDNs. Basic knowledge of ESI syntax is helpful but not strictly required.

This presentation will share the unique, and sometimes unusual, aspects of the Google Vulnerability Rewards Program (VRP), Google’s self-hosted bug bounty program. We’ll begin by taking a closer look at a bug rewarded by the VRP, in particular how an external researcher discovered & escalated the bug with the help of Google security engineers, demonstrating how the Google VRP operates and in which ways the Google VRP is slightly different than most other bug bounty programs. In the course of this presentation, we will also cover aspects such as the Google VRP’s reward philosophy, its policies around vulnerability transparency, details of our triage process, and more! This talk will provide multiple actionable takeaways for you to consider for your own bug bounty program.

I will demonstrate how it’s possible to approach the Web3 bug bounty ecosystem just by exploiting off-chain bugs and vulnerabilities in the JavaScript ecosystem. This talk will explore the current state of this field through real-world examples I’ve reported on bug bounty platforms, which contributed to my achieving the top 10 global rank on the HackenProof platform.

We'll begin with bugs I discovered in a JavaScript sandbox used by a Web3 social platform and a Web3 website. The first involved a misconfiguration of DOMPurify, where developers attempted to filter links. I’ll show how I exploited this by tricking DOMPurify into treating a malicious javascript: URI as a safe link. The talk will also cover a 0-day vulnerability I found in another sanitization library used within the sandbox.

The final two bypasses involve React's global "is" attribute. Although the developers had blocked this attribute due to its XSS potential, I will show how I bypassed the protection by exploiting a prototype pollution vulnerability in a library exposed inside the sandbox. This, combined with specific new gadgets inside React, allowed me to pass the is attribute and achieve XSS.

All of these issues could lead to account takeover and were classified as high severity. I will also discuss the broader impact of XSS vulnerabilities on Web3 platforms, particularly the risk posed when wallets are connected.