Most web applications today are protected by WAFs, making it challenging for pentesters to test for payload-based vulnerabilities like SQL Injection and XSS. Additionally, automated tools and scanners can easily identify some of these vulnerabilities, making it even more challenging for bug bounty hunters to find such issues.
In this talk, we will discuss a different class of vulnerabilities that can still be exploited even under these restrictions. These vulnerabilities have a high-security impact and arise from abusing the application logic or exploiting misconfigurations. We will only showcase advanced and undocumented techniques used by bug bounty hunters to identify these types of issues, including Account Takeover Attacks, Insecure Direct Object References (IDOR), and others.