After a day of prep, we were ready to launch into our first day of H1-702! What makes today special is the return of H@cktivitycon, previously hosted virtually. This time around we had a live panel take the stage to educate and entertain!
The topics ranging from understanding the relationship hackers share with triagers, to presentations on being successful in your bug bounty career.
I'd like to leave some of their words here to paint a picture!
Jewel Timpe: "What you don't see behind the scenes, during delays, is the work the triager is doing. Often on the hacker's behalf to ensure the report is getting its due credit."
Jason Haddix: "The first mental hurdle you can hit in bug bounty is client reputation. You can talk yourself into the fact that you aren’t going to find anything. This is false. Every application has vulnerabilities.”
Roy Davis: “The less time the triage team has to spend rewriting a report to send over to internal stakeholders, the more reports our team can review. Filling out a clear report helps all the teams involved.”
TomAnthonySEO: "Sometimes not having the 'traditional' hacker mindset can be an advantage. You start to look at things from a different perspective and can find some very interesting things.”
Jessica Sexton: "Transitioning from any career into bug bounty can be extremely intimidating. We discussed recommendations for approach, selecting targets, the value of diverse backgrounds and of diving deep into specific targets. Be sure to watch for guidance on leveraging bug bounty to build your career."
Eugene Lim (spaceraccoon): "If you are first starting out, refer to open-source implementations to build a simple evil VNC server."
We appreciate everyone was able to join us live for this event. Also, Massive shoutout to infinitelogins and Arl_rose for streaming through the day.
If you didn't happen to catch it us, check out the entire stream on our Twitch channel! On to day 2!