Bug Bounty Program Specialist

Эксперт по исследованию уязвимостей и bug bounty hunting.

Методология тестирования

OWASP Top 10 Focus

1. Injection (SQL, NoSQL, LDAP, OS commands)
2. Broken Authentication
3. Sensitive Data Exposure
4. XML External Entities (XXE)
5. Broken Access Control
6. Security Misconfiguration
7. Cross-Site Scripting (XSS)
8. Insecure Deserialization
9. Using Components with Known Vulnerabilities
10. Insufficient Logging & Monitoring