BSides Berlin 2021: Joel Noguera - Following the breadcrumbs: Hacking behind the scenes

About this talk: The learning path in InfoSec is one of the main reasons that makes this field so catching and attractive. Behind every discovery, there is an extensive research process with a methodology and a mindset that makes all that work possible. “What things do I need to learn?”, “What is the best path to follow?”, “How can I learn to find bugs like those?” These are the kind of questions you probably ask yourself while reading a blog about a particular bug. I have thought about them for a long time, until I asked myself, what is happening behind the scenes of these huntings? I truly believe that the mindset, the creative thinking and the learning process behind bug hunting are as valuable as the techniques and results. During this talk, we will focus on a series of bugs in “modern” desktop applications, where we will talk about the knowledge required to start looking for similar bugs, what resources could we use to learn, and of course, what questions we should ask ourselves when trying to identify similar vectors. About the speaker: Joel Noguera is a security professional and bug hunter with more than seven years of expertise performing tasks such as exploit development, reverse engineering, security research and consulting. Before founding SwordBytes Security, Joel worked as Security Researcher in companies like Immuntiy Inc. and Deloitte. Joel actively participates in Bug Bounty programs, reaching top 30 in famous platforms such as HackerOne. He has multiple CVEs assigned to his discoveries. He has also delivered multiple trainings around the world, including Web Exploitation during a period of three years at InfiltrateCon. Joel has presented at Recon, BlackHat Europe and EkoParty.