How to do Code Review - The Offensive Security Way

In this session, we will explore how source code analysis can lead to finding vulnerabilities in large enterprises codebases. By combining offensive security skillsets with code auditing and curiosity, it's often possible to find high and critical risk vulnerabilities affecting all the organisations using the software. If you're interested in the concept of finding 0days in web applications, source code disclosure and auditing, and common vulnerabilities classes this exposes - we'll cover the process of finding bug and applying them to bug bounties.

SHUBHAM SHAH
Shubham Shah is the co-founder and CTO of Assetnote. Shubham is a prolific bug bounty hunter in the top 50 hackers on HackerOne and has presented at various industry events including QCon London, Kiwicon, AusCert, BSides Canberra and CrikeyCon. In his free time, Shubham enjoys performing high impact application security research.