Are you ready to be a billionaire? Are you ready for getting an unlimited lifetime supply of free hoodies and pizza? Fasten your seat belts and come along!
The talk will revolve around us red-teamers bypassing and exploiting Banking Logics, Mobile wallets and Non-Banking Financial applications to show to get free pizzas. We will cover bugs not only in payment gateways and frameworks but also in applications that fail to implement them properly. From bypassing AES encrypted requests, exploiting net banking and core banking product implementations to logical flaws in some of the biggest product, services and NBFC websites we tested.
We will walk you through each type of vulnerability with real-life PoCs. We will talk about techniques using which we were able to make recurring deposits in our account which get debited from victim's accounts, view statements of arbitrary accounts, buy products for free, pay loan instalments, credit card bills, electricity bills, telephone bills all for free, regenerate ATM pins of bank accounts at mass and most importantly getting an unlimited lifetime supply of free hoodies and pizza.
All the numerous exploits will be along with real-life case studies, patches and recommendations.
The presentation will be held by Himanshu Sharma and Aman Sachdev.
Himanshu has been in the field of bug bounty since 2009 and has been listed in Apple, Google, Microsoft, Facebook, Adobe, Uber, AT&T, Avira, and many more with hall of fame listings as proofs. He has helped celebrities such as Harbhajan Singh in recovering their hacked accounts, and also assisted an international singer in tracking down his hacked account and recovering it. He was a speaker Botconf '13, RSA 2018, IEEE Conferences, and TedX.
Currently, he is the co-founder of BugsBounty, a crowdsourced security platform for ethical hackers and companies interested in cyber services. He also authored multiple books titled "Kali Linux - An Ethical Hacker's Cookbook", " Hands-On Red Team Tactics" and "Hands-On Web Penetration Testing with Metasploit"
Aman is a programmer at heart and an information security professional with 8+ years of experience in the Information Security Ecosystem having trained over 19000 individuals to date. He is also co-founder of BugsBounty. His love for breaking challenging WAFs and AVs landed him as core Red Teamer at Bugsbounty.com as well as being invited at numerous international security conferences including RSA, HITB, Confidence, Hack Miami, Sec-T, LeHack Paris and numerous others.
Aman has done his Bachelor's in Computer Applications and also holds an OSCP certification apart from his vast experience in application development, exploitation and infra PT. At BugsBounty he solves cyber security problems in day and creates them at night.
You should not miss this session as you will learn vital security with real-life case studies to secure your systems!