►
Description
William Bowling (@vakzz on HackerOne), talks about how he chooses a bug bounty program and features to research in his bug hunting efforts.
See his full GitLab AMA at: https://youtu.be/kw168DGAILk.
Learn more about GitLab security programs at https://about.gitlab.com/security/ and our HackerOne program at https://hackerone.com/gitlab.
A
Yeah,
so
programs
like
get
loud
death,
the
source
is
very
large,
there's
lots
of
different
parts
and
components,
so
yeah
definitely
reading
up
on
what
what
other
issues
have
already
been
discovered.
A
A
So
yes,
if
there's
you
know
been
a,
I
think
when
I,
when
I
first
started
there
had
been
a
couple
of
sort
of
file
handling
bugs,
so
that
was
sort
of
the
first
area
I
was
looking
at
was
any
anything
that
was
touching
files
that
were
user
controlled
yeah.
Yes,
I
think
that's
pretty
good
good
way
of
narrowing
it
down.