Yassine Aboukir: Bug Bounty, Authentication Vulnerabilities, and Hacker Collaboration

is he please tell us something about yourself well my name is Yasin I'm 27 years old I'm originally from Morocco I live in France I've been doing I've been involved in cyber security for over a decade I mainly do application security a lot of penetration testing security assessments I've also been involved in back bounties since 2013 which I mainly actively do and I love traveling as well as a digital mobile yeah okay so how long did it take you until you found your first significant high impact payout vulnerability uh when I first started and it actually took a while because like I was finding some low hanging fruits low severity bugs but I think it might have taken me

a year if I remember because I started in 2014 and my first critical was in 2015 so one year okay what has been your favorite or let's say most interesting but uh I I'd probably go for authentication bugs and the the most interesting that I found was actually this year it was a bug in the SSO of a of an app that I'm not gonna name of course and the vulnerability allowed us to take over any account in user account without any interactions and the thing is that the app was supposed to be like a very secure messaging app but we were able to take over any user account and we got a good pounding for that one I

collaborated with a hacker a friend of mine who is called Andre right what do you do to keep up with all the new trends uh if you're if you're referring to cyber security I'm usually uh trying to be up to date by following a bunch of people on social media mainly on Twitter uh I read a lot of research papers so I keep up with that and I also follow the cyber security news and I just try to stay in touch with relevant people who are involved in the cyber security as well so I get relevant information all right so do you collaborate with other hackers if yes can you name a few yes I love collaboration like that some

of the most impactful bikes that I've had myself were actually a result of collaboration uh the last that bug that I just mentioned with the SSO slash authentication was actually found in collaboration with a friend a hacker friend of mine he's called Andre he goes by the handle of zero X ECB shout out to him of course I've also collaborated with other hackers uh mainly me Luke he's an Italian slash Moroccan friend of mine uh I named ayubat here as well there are other people that I've collaborated with I love collaboration of course okay so how do you approach a Target hence actually it depends on the scope uh if it's like a limited scope like

it's just a core app I usually do some app based reconnaissance just like finding all the juicy information about the app so I get to know it but if it's a wild card like an open scope uh I do some wide reconnaissance just like finding subtle means a bunch of poor scanning Services fingerprinting as well but uh when I approach a Target I usually try to focus on the main app and just like uh Recon do reconnaissance in regards to all these functionalities in points parameters that's how I go about it all right so what is your recon methodology my reconnaissance mythology okay so if like as I mentioned if I'm hacking on an open scope uh I do first a bunch of

supplement enumeration uh and then I do some permutation on those subdomains uh I and afterwards I do poor scanning and I check the Danish information as well and I use the Danish information to do some poor scanning and then I submit everything for vulnerability Discovery that's the that's the automated part of it all right how do you manage your personal life and work all right that's an interesting question uh I just I don't I don't like let my work take over my personal life I've had so many other hobbies that I do on the side apart from work so like when I'm not working I I like to work out for example I like to go running I like the

skateboard so I basically love to learn about new things other than works so that I don't when I get burnt out or I can just easily get back to work all right so one last question how has been your experience with besides Ahmedabad amazing it's been a great experience uh a bit overwhelming because I didn't expect the audience to be as big as it was this year but I had amazing experience organization was top-notch uh and I had a good time as well just like socializing with all the hackers and putting names to faces because there have been a lot of hackers that I've interacted with in the past and I've never seen them so I had the

chance to meet them as well and I had the chance to learn from them also like just exchanging and everything and first time in Ahmedabad I've been in India before but first i'm in Ahmedabad and I'm excited about exploring the local culture more and seeing the Garba dance for example so let's see all right thank you so much it has been a pleasure hosting you and we hope to see you again in the upcoming Edition thank you so much it's been my honor