YoVDO

CodeQL Roundtable: Leveraging Static Analysis for Bug Bounties

Offered By: Bugcrowd via YouTube

Tags

Bug Bounty Courses CodeQL Courses

Course Description

Overview

Explore the world of CodeQL and its impact on bug bounties and open-source security in this informative roundtable discussion featuring @JLLeitschuh. Gain insights into how CodeQL can be leveraged to uncover vulnerabilities, earn bounties, and enhance the security of open-source software. Learn about the importance of HTTPS, vulnerability locations, and effective remediation strategies. Discover the role of LGTM, GitHub notifications, and bounty programs in the process. Delve into future plans for CodeQL implementation and examine the Nettie vulnerability case study. Engage with a Q&A session at the end to further expand your understanding of this powerful security tool.

Syllabus

Intro
Title
Why is HTTPS important
Location of vulnerability
Who was vulnerable
How to fix it
Enter CodeQL
LGTM
How I did it
GitHub notifications
GitHub bounty
Slide deck
Future plans
Nettie vulnerability


Taught by

Bugcrowd

Related Courses

Discover Vulnerabilities with CodeQL
HackerOne via YouTube
Event-based Fuzzing, Patch-based Research, and Comment Police - Finding Bugs Through a Bug
Black Hat via YouTube
Protect Your Code with GitHub Security Features
GOTO Conferences via YouTube
Security as Code - A DevSecOps Approach
NDC Conferences via YouTube
Protect Your Code with GitHub Security Features
NDC Conferences via YouTube