<![CDATA[YesWeHack Blog | Cybersecurity Insights and Bug Bounty Trends| RSS Feed]]>https://www.yeswehack.comhttps://www.yeswehack.com/assets/images/sprite/logo.svgYesWeHack Blog | Cybersecurity Insights and Bug Bounty Trends| RSS Feedhttps://www.yeswehack.comRSS for NodeThu, 16 Apr 2026 17:44:32 GMTThu, 16 Apr 2026 17:44:32 GMT<![CDATA[‘When we ask for help, it’s instant’: Banco Galicia on expanding vulnerability discovery and speeding up remediation]]>https://www.yeswehack.com/en/blog/instant-banco-galicia-vulnerability-remediationhttps://www.yeswehack.com/en/blog/instant-banco-galicia-vulnerability-remediationThu, 16 Apr 2026 13:18:00 GMT<![CDATA[The ultimate Bug Bounty guide to OS command injection vulnerabilities]]>https://www.yeswehack.com/en/blog/ultimate-guide-os-command-injectionhttps://www.yeswehack.com/en/blog/ultimate-guide-os-command-injectionTue, 14 Apr 2026 12:28:00 GMT<![CDATA[Critical auth bypass in WordPress Azure AD SSO plugin due to missing OIDC id_token validation]]>https://www.yeswehack.com/en/blog/auth-bypass-wordpress-azure-pluginhttps://www.yeswehack.com/en/blog/auth-bypass-wordpress-azure-pluginFri, 10 Apr 2026 07:36:00 GMT<![CDATA[‘Being a developer before, I know where to find bugs’: Aituglo’s Bug Bounty story so far]]>https://www.yeswehack.com/en/blog/developer-aituglo-bug-bounty-storyhttps://www.yeswehack.com/en/blog/developer-aituglo-bug-bounty-storyFri, 03 Apr 2026 10:08:00 GMT<![CDATA[Map, test, fix, comply: unveiling our unified approach to offensive security]]>https://www.yeswehack.com/en/blog/map-test-fix-comply-unifiedhttps://www.yeswehack.com/en/blog/map-test-fix-comply-unifiedTue, 31 Mar 2026 07:34:00 GMT<![CDATA[Dojo challenge #49 Secret Manager solution]]>https://www.yeswehack.com/en/blog/dojo-challenge-solution-49https://www.yeswehack.com/en/blog/dojo-challenge-solution-49Wed, 25 Mar 2026 08:35:00 GMT<![CDATA[Continuous Pentesting with zero false positives: a fully managed, platform-driven approach]]>https://www.yeswehack.com/en/blog/continuous-pentesting-zero-false-positiveshttps://www.yeswehack.com/en/blog/continuous-pentesting-zero-false-positivesTue, 24 Mar 2026 07:39:00 GMT<![CDATA[Open-source security testing: the Bug Bounty guide to code analysis]]>https://www.yeswehack.com/en/blog/open-source-guide-code-analysishttps://www.yeswehack.com/en/blog/open-source-guide-code-analysisTue, 17 Mar 2026 08:10:00 GMT<![CDATA[Introducing Autonomous Pentest: identify actively exploited vulnerabilities across your attack surface]]>https://www.yeswehack.com/en/blog/introducing-autonomous-pentest-identify-vulnerabilitieshttps://www.yeswehack.com/en/blog/introducing-autonomous-pentest-identify-vulnerabilitiesThu, 12 Mar 2026 08:11:00 GMT<![CDATA[‘We must learn how to use AI’: Wlayzz on future-proofing Bug Bounty and how a duplicate became his favourite discovery]]>https://www.yeswehack.com/en/blog/use-ai-wlayzz-future-proofinghttps://www.yeswehack.com/en/blog/use-ai-wlayzz-future-proofingMon, 09 Mar 2026 09:14:00 GMT<![CDATA[Python pitfalls: Turning developer mistakes into vulnerabilities]]>https://www.yeswehack.com/en/blog/python-pitfalls-turning-developer-mistakeshttps://www.yeswehack.com/en/blog/python-pitfalls-turning-developer-mistakesFri, 27 Feb 2026 10:38:00 GMT<![CDATA[Notepad++ hijack, pwning Claude Code, top web hacking techniques of 2025 – ethical hacker news roundup]]>https://www.yeswehack.com/en/blog/notepad-hijack-pwn-claude-codehttps://www.yeswehack.com/en/blog/notepad-hijack-pwn-claude-codeMon, 23 Feb 2026 12:54:00 GMT<![CDATA[Dojo challenge #48 RubitMQ solution]]>https://www.yeswehack.com/en/blog/dojo-challenge-solution-48https://www.yeswehack.com/en/blog/dojo-challenge-solution-48Thu, 19 Feb 2026 08:17:00 GMT<![CDATA[LLM bug hunters lack intuition, ‘security teams will consolidate visibility’ in 2026, EU Cyber Act vuln disclosure revisions – offsec roundup for CISOs]]>https://www.yeswehack.com/en/blog/llm-hunters-visibility-cyber-acthttps://www.yeswehack.com/en/blog/llm-hunters-visibility-cyber-actMon, 16 Feb 2026 12:48:00 GMT<![CDATA[XML external entity: The ultimate Bug Bounty guide to exploiting XXE vulnerabilities]]>https://www.yeswehack.com/en/blog/xml-external-entity-guide-xxehttps://www.yeswehack.com/en/blog/xml-external-entity-guide-xxeFri, 06 Feb 2026 17:36:00 GMT<![CDATA[YesWeHack report 2026: the trends, insights and strategic shifts shaping offensive security]]>https://www.yeswehack.com/en/blog/yeswehack-report-2026-trends-securityhttps://www.yeswehack.com/en/blog/yeswehack-report-2026-trends-securityThu, 05 Feb 2026 14:57:00 GMT<![CDATA[Dojo challenge #47 APICrash solution]]>https://www.yeswehack.com/en/blog/dojo-challenge-solution-47https://www.yeswehack.com/en/blog/dojo-challenge-solution-47Wed, 14 Jan 2026 15:19:00 GMT<![CDATA[‘A fraction of the pentest cost’: Lessons from an Asian telco’s Bug Bounty success]]>https://www.yeswehack.com/en/blog/fraction-pentest-asia-telco-storyhttps://www.yeswehack.com/en/blog/fraction-pentest-asia-telco-storyTue, 16 Dec 2025 09:23:00 GMT<![CDATA[World Poker Tour and the Curry-Shah collab, in-flight exploits, does maths maketh the hunter? – ethical hacker news roundup]]>https://www.yeswehack.com/en/blog/poker-curry-maths-maketh-hunterhttps://www.yeswehack.com/en/blog/poker-curry-maths-maketh-hunterThu, 11 Dec 2025 13:22:00 GMT<![CDATA[Dojo challenge #46 Ghost whisper solution]]>https://www.yeswehack.com/en/blog/dojo-challenge-solution-46https://www.yeswehack.com/en/blog/dojo-challenge-solution-46Thu, 04 Dec 2025 08:36:00 GMT<![CDATA[Android recon for Bug Bounty hunters: A complete guide from APK extraction to mapping attack surfaces]]>https://www.yeswehack.com/en/blog/android-recon-bug-bounty-guidehttps://www.yeswehack.com/en/blog/android-recon-bug-bounty-guideWed, 26 Nov 2025 16:57:00 GMT<![CDATA[‘Bug Bounty helps us meet regulatory requirements ahead of time’: payments provider KOMOJU]]>https://www.yeswehack.com/en/blog/bounty-regulatory-payments-provider-komojuhttps://www.yeswehack.com/en/blog/bounty-regulatory-payments-provider-komojuTue, 18 Nov 2025 09:21:00 GMT<![CDATA[Cyber budgets still growing (but not fast enough), ‘AI and automation are operational imperatives’, the real-world impact of boosting Bug Bounty rewards – OffSec roundup for CISOs]]>https://www.yeswehack.com/en/blog/cyber-budgets-ai-automation-rewards-volumehttps://www.yeswehack.com/en/blog/cyber-budgets-ai-automation-rewards-volumeMon, 10 Nov 2025 13:50:00 GMT<![CDATA[The ultimate Bug Bounty guide to HTTP request smuggling vulnerabilities]]>https://www.yeswehack.com/en/blog/http-request-smuggling-guide-vulnerabilitieshttps://www.yeswehack.com/en/blog/http-request-smuggling-guide-vulnerabilitiesThu, 30 Oct 2025 12:50:53 GMT<![CDATA[Dojo challenge #45 Chainfection solution]]>https://www.yeswehack.com/en/blog/dojo-ctf-challenge-solution-45https://www.yeswehack.com/en/blog/dojo-ctf-challenge-solution-45Wed, 29 Oct 2025 13:15:52 GMT<![CDATA[MINDEF Launches Next Bug Bounty Programme with YesWeHack]]>https://www.yeswehack.com/en/blog/mindef-launches-next-bug-bounty-programme-with-yeswehackhttps://www.yeswehack.com/en/blog/mindef-launches-next-bug-bounty-programme-with-yeswehackTue, 28 Oct 2025 01:30:00 GMT<![CDATA[Continuous threat exposure management series #4: Supercharging CTEM with Bug Bounty]]>https://www.yeswehack.com/en/blog/continuous-supercharging-ctem-bug-bountyhttps://www.yeswehack.com/en/blog/continuous-supercharging-ctem-bug-bountyTue, 21 Oct 2025 12:01:00 GMT<![CDATA[The minefield between syntaxes: exploiting syntax confusions in the wild]]>https://www.yeswehack.com/en/blog/syntax-confusion-ambiguous-parsing-exploitshttps://www.yeswehack.com/en/blog/syntax-confusion-ambiguous-parsing-exploitsFri, 17 Oct 2025 11:30:00 GMT<![CDATA[YesWeHack marks first year of Bug Bounty partnership with Singapore government]]>https://www.yeswehack.com/en/blog/yeswehack-marks-first-year-of-partnership-with-singapore-government-bug-bounty-programmeshttps://www.yeswehack.com/en/blog/yeswehack-marks-first-year-of-partnership-with-singapore-government-bug-bounty-programmesWed, 15 Oct 2025 07:00:00 GMT<![CDATA[How to find SSTI, cache poisoning, business logic vulnerabilities: methodology tips from top Bug Bounty hunters]]>https://www.yeswehack.com/en/blog/ssti-cache-poisoning-logic-vulnerabilitieshttps://www.yeswehack.com/en/blog/ssti-cache-poisoning-logic-vulnerabilitiesTue, 07 Oct 2025 08:57:00 GMT<![CDATA[Why ‘HTTP/1.1 must die’, Intel exploits, C# Random hack with no maths – ethical hacker news roundup]]>https://www.yeswehack.com/en/blog/http-1-intel-exploits-randomhttps://www.yeswehack.com/en/blog/http-1-intel-exploits-randomFri, 03 Oct 2025 10:52:00 GMT<![CDATA[European Commission’s latest Bug Bounty tender won by YesWeHack]]>https://www.yeswehack.com/en/blog/european-commission-tender-won-yeswehackhttps://www.yeswehack.com/en/blog/european-commission-tender-won-yeswehackThu, 02 Oct 2025 13:20:00 GMT<![CDATA[Concurrency exploits: The ultimate Bug Bounty guide to exploiting race condition vulnerabilities in web applications]]>https://www.yeswehack.com/en/blog/ultimate-guide-race-condition-vulnerabilitieshttps://www.yeswehack.com/en/blog/ultimate-guide-race-condition-vulnerabilitiesFri, 26 Sep 2025 08:45:00 GMT<![CDATA[Dojo challenge #44 Hardware monitor write-up]]>https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-44https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-44Wed, 24 Sep 2025 13:41:00 GMT<![CDATA[YesWeHack authorised as a CVE Numbering Authority (CNA)]]>https://www.yeswehack.com/en/blog/yeswehack-authorised-cve-numbering-authorityhttps://www.yeswehack.com/en/blog/yeswehack-authorised-cve-numbering-authorityTue, 23 Sep 2025 07:00:00 GMT<![CDATA[‘The unpredictability and creativity of actual threat actors’: Energy giant NOV reaps the rewards of Bug Bounty]]>https://www.yeswehack.com/en/blog/threat-actors-energy-nov-rewardshttps://www.yeswehack.com/en/blog/threat-actors-energy-nov-rewardsThu, 18 Sep 2025 13:54:00 GMT<![CDATA[The rabhi route to root: Our all-time #1 hunter shares his Bug Bounty blueprint]]>https://www.yeswehack.com/en/blog/rabhi-root-bug-bounty-blueprinthttps://www.yeswehack.com/en/blog/rabhi-root-bug-bounty-blueprintTue, 16 Sep 2025 11:49:00 GMT<![CDATA[Cross-site request forgery: The ultimate Bug Bounty guide to exploiting CSRF vulnerabilities]]>https://www.yeswehack.com/en/blog/ultimate-guide-csrf-vulnerabilitieshttps://www.yeswehack.com/en/blog/ultimate-guide-csrf-vulnerabilitiesFri, 12 Sep 2025 07:03:00 GMT<![CDATA[‘We wanted a lot of researchers testing our scope’: Entrust’s experience scaling a Bug Bounty Program]]>https://www.yeswehack.com/en/blog/testing-scope-entrust-scaling-programhttps://www.yeswehack.com/en/blog/testing-scope-entrust-scaling-programThu, 11 Sep 2025 07:03:00 GMT<![CDATA[US court ruling on Uber breach slammed, red teamers cautious on AI, OffSec offers ‘strategic edge’ – OffSec roundup for CISOs]]>https://www.yeswehack.com/en/blog/us-ruling-uber-offsec-edgehttps://www.yeswehack.com/en/blog/us-ruling-uber-offsec-edgeWed, 10 Sep 2025 15:42:00 GMT<![CDATA[YesWeHack completes first-ever acquisition with purchase of Sekost, French cybersecurity audit specialist]]>https://www.yeswehack.com/en/blog/yeswehack-completes-first-acquisition-sekosthttps://www.yeswehack.com/en/blog/yeswehack-completes-first-acquisition-sekostTue, 09 Sep 2025 05:30:43 GMT<![CDATA[Putting the ‘success’ into Bug Bounty customer success management: Meet our head of CSM]]>https://www.yeswehack.com/en/blog/customer-success-management-head-csmhttps://www.yeswehack.com/en/blog/customer-success-management-head-csmFri, 29 Aug 2025 08:26:00 GMT<![CDATA[Building an Android Bug Bounty lab: the ultimate guide to configuring emulators, real devices, proxies and other mobile hacking tools (featuring Magisk, Burp, Frida)]]>https://www.yeswehack.com/en/blog/android-lab-mobile-hacking-toolshttps://www.yeswehack.com/en/blog/android-lab-mobile-hacking-toolsTue, 26 Aug 2025 11:39:24 GMT<![CDATA[Nonce CSP bypass using disk cache, ‘quiet side channel’ for request smuggling, Amazon Q and the malicious pull request – ethical hacker news roundup]]>https://www.yeswehack.com/en/blog/csp-bypass-smuggling-amazon-qhttps://www.yeswehack.com/en/blog/csp-bypass-smuggling-amazon-qFri, 22 Aug 2025 07:07:00 GMT<![CDATA[Dojo challenge #43 CCTV Manager winners & writeup]]>https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-43https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-43Thu, 21 Aug 2025 11:48:08 GMT<![CDATA[SQLi: The ultimate Bug Bounty guide to exploiting SQL injection vulnerabilities]]>https://www.yeswehack.com/en/blog/vulnerability-vectors-sql-injectionhttps://www.yeswehack.com/en/blog/vulnerability-vectors-sql-injectionTue, 12 Aug 2025 11:46:00 GMT<![CDATA[‘It was a revelation’: lemonoftroy’s origin story and hacking methodology]]>https://www.yeswehack.com/en/blog/revelation-lemonoftroy-origin-story-hackinghttps://www.yeswehack.com/en/blog/revelation-lemonoftroy-origin-story-hackingFri, 08 Aug 2025 09:15:00 GMT<![CDATA[Continuous threat exposure management (CTEM) series #3: mobilisation and remediation]]>https://www.yeswehack.com/en/blog/ctem-series-mobilisation-remediationhttps://www.yeswehack.com/en/blog/ctem-series-mobilisation-remediationThu, 31 Jul 2025 08:19:00 GMT<![CDATA[‘I have the patience to spend long hours hacking through the night’: g4mb4 on his Bug Bounty career so far]]>https://www.yeswehack.com/en/blog/patience-hacking-g4mb4-bug-bountyhttps://www.yeswehack.com/en/blog/patience-hacking-g4mb4-bug-bountyTue, 22 Jul 2025 10:31:00 GMT<![CDATA[‘The most challenging part is the psychological one’ – leorac on the ups and downs of Bug Bounty hunting]]>https://www.yeswehack.com/en/blog/challenging-psychological-leorac-bug-bountyhttps://www.yeswehack.com/en/blog/challenging-psychological-leorac-bug-bountyWed, 16 Jul 2025 10:32:00 GMT<![CDATA[Dojo challenge #42 - Hex Color Palette winners & writeup]]>https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-42https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-42Fri, 11 Jul 2025 13:02:00 GMT<![CDATA[Recon series recap: The ultimate guide to Bug Bounty reconnaissance and footprinting]]>https://www.yeswehack.com/en/blog/recon-series-recap-reconnaissance-footprintinghttps://www.yeswehack.com/en/blog/recon-series-recap-reconnaissance-footprintingThu, 10 Jul 2025 08:26:00 GMT<![CDATA[Chunked-body parsing flaws, making self-XSS great again, using HTTP redirect loops to achieve non-blind SSRFs – ethical hacker news roundup]]>https://www.yeswehack.com/en/blog/chunked-parsing-self-xss-httphttps://www.yeswehack.com/en/blog/chunked-parsing-self-xss-httpWed, 09 Jul 2025 08:14:00 GMT<![CDATA[‘Bug Bounty has become a security best practice’: Why Ferrero is sweet on crowdsourced testing]]>https://www.yeswehack.com/en/blog/security-best-practice-ferrero-crowdsourcedhttps://www.yeswehack.com/en/blog/security-best-practice-ferrero-crowdsourcedMon, 07 Jul 2025 08:33:00 GMT<![CDATA[‘Feeling close to a critical vulnerability is incredibly addictive’ – YouTuber gregxsunday on the joys of Bug Bounty]]>https://www.yeswehack.com/en/blog/incredibly-addictive-gregxsunday-bug-bountyhttps://www.yeswehack.com/en/blog/incredibly-addictive-gregxsunday-bug-bountyFri, 04 Jul 2025 05:51:00 GMT<![CDATA[OpenAI VDP for bugs found by AI, CVE funding fears persist, ‘shift left’ towards vulnerability overload – OffSec roundup for CISOs]]>https://www.yeswehack.com/en/blog/openai-vdp-cve-shift-lefthttps://www.yeswehack.com/en/blog/openai-vdp-cve-shift-leftMon, 30 Jun 2025 08:21:00 GMT<![CDATA[Flashback to the L’Oréal Live Bug Bounty: Watch last year’s highlights as anticipation builds for leHACK 2025]]>https://www.yeswehack.com/en/blog/flashback-loréal-bug-bounty-lehack-2025https://www.yeswehack.com/en/blog/flashback-loréal-bug-bounty-lehack-2025Thu, 26 Jun 2025 07:59:00 GMT<![CDATA[YesWeCaido: a new Caido plugin for tracking Bug Bounty Programs ]]>https://www.yeswehack.com/en/blog/yeswecaido-plugin-bug-bounty-programshttps://www.yeswehack.com/en/blog/yeswecaido-plugin-bug-bounty-programsTue, 24 Jun 2025 14:38:00 GMT<![CDATA[Ultimate double-clickjacking exploit, novel HTTP/2 request tunnelling techniques, when encryption makes matters worse – ethical hacker news roundup]]>https://www.yeswehack.com/en/blog/double-clickjacking-request-tunnelling-encryptionhttps://www.yeswehack.com/en/blog/double-clickjacking-request-tunnelling-encryptionFri, 20 Jun 2025 11:43:00 GMT<![CDATA[‘Valuable for fast-growing, frequently updated platforms’: Gong OffSec lead on the merits of continuous, crowdsourced security testing]]>https://www.yeswehack.com/en/blog/gong-offsec-lead-crowdsourced-securityhttps://www.yeswehack.com/en/blog/gong-offsec-lead-crowdsourced-securityWed, 18 Jun 2025 11:45:00 GMT<![CDATA[‘AI slop’ bug reports and outsourcing triage, OpenPGP.js signature-spoofing bug, race to combat zero-day exploits – OffSec roundup for CISOs]]>https://www.yeswehack.com/en/blog/ai-slop-openpgp-zero-dayhttps://www.yeswehack.com/en/blog/ai-slop-openpgp-zero-dayMon, 16 Jun 2025 09:19:00 GMT<![CDATA[Recon Series #6: Excavating hidden artifacts with Wayback Machine and other web-archive tools]]>https://www.yeswehack.com/en/blog/recon-wayback-machine-web-archivehttps://www.yeswehack.com/en/blog/recon-wayback-machine-web-archiveFri, 13 Jun 2025 13:00:00 GMT<![CDATA[Critical signature-spoofing vulnerability in OpenPGP.js hits the headlines]]>https://www.yeswehack.com/en/blog/critical-signature-spoofing-vulnerability-openpgpjshttps://www.yeswehack.com/en/blog/critical-signature-spoofing-vulnerability-openpgpjsWed, 11 Jun 2025 11:34:00 GMT<![CDATA[Dojo challenge #41 - Ruby treasure winners & writeup]]>https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-41https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-41Wed, 04 Jun 2025 14:53:00 GMT<![CDATA[Recon series #5: A hacker’s guide to Google dorking]]>https://www.yeswehack.com/en/blog/recon-hackers-guide-google-dorkinghttps://www.yeswehack.com/en/blog/recon-hackers-guide-google-dorkingTue, 27 May 2025 12:26:00 GMT<![CDATA[Continuous threat exposure management (CTEM) series #2: vulnerability prioritisation and validation]]>https://www.yeswehack.com/en/blog/vulnerability-prioritisation-validation-ctem-2https://www.yeswehack.com/en/blog/vulnerability-prioritisation-validation-ctem-2Tue, 20 May 2025 09:28:00 GMT<![CDATA[‘Airborne’ AirPlay attacks, netting $64k from deleted files, triaging AI slop – ethical hacker news roundup]]>https://www.yeswehack.com/en/blog/airborne-airplay-deleted-files-slophttps://www.yeswehack.com/en/blog/airborne-airplay-deleted-files-slopFri, 16 May 2025 13:00:00 GMT<![CDATA[Beyond ‘../../’ - a practical guide to path traversal and arbitrary file read attacks]]>https://www.yeswehack.com/en/blog/practical-guide-path-traversal-attackshttps://www.yeswehack.com/en/blog/practical-guide-path-traversal-attacksThu, 15 May 2025 12:51:00 GMT<![CDATA[Tackling vulnerabilities at source: How to cut the rising cost of DevSecOps]]>https://www.yeswehack.com/en/blog/tackling-vulnerabilities-source-cost-devsecopshttps://www.yeswehack.com/en/blog/tackling-vulnerabilities-source-cost-devsecopsFri, 09 May 2025 12:17:00 GMT<![CDATA[UK retail cyber-attacks a ‘wake-up call’, SaaS overreliance ‘creating single points of failure’, calls for global regulatory alignment – OffSec roundup for CISOs]]>https://www.yeswehack.com/en/blog/uk-retail-attacks-saas-overreliancehttps://www.yeswehack.com/en/blog/uk-retail-attacks-saas-overrelianceFri, 02 May 2025 09:45:00 GMT<![CDATA[Middleware mayhem, Zoolander banter PoC, Malta to pardon hackers over ‘unfair’ charges – ethical hacker news roundup]]>https://www.yeswehack.com/en/blog/middleware-mayhem-zoolander-maltahttps://www.yeswehack.com/en/blog/middleware-mayhem-zoolander-maltaWed, 30 Apr 2025 13:20:00 GMT<![CDATA[New Dojo sandbox environment for creating Ruby CTF challenges]]>https://www.yeswehack.com/en/blog/dojo-sandbox-ruby-ctf-challengeshttps://www.yeswehack.com/en/blog/dojo-sandbox-ruby-ctf-challengesMon, 28 Apr 2025 14:30:00 GMT<![CDATA[Recon series #4: Port scanning – uncovering attack vectors by revealing open ports and hidden services]]>https://www.yeswehack.com/en/blog/recon-port-scanning-attack-vectorshttps://www.yeswehack.com/en/blog/recon-port-scanning-attack-vectorsFri, 25 Apr 2025 12:01:00 GMT<![CDATA[Dojo challenge #40 - Hacker profile winners & writeup]]>https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-40https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-40Wed, 23 Apr 2025 14:31:00 GMT<![CDATA[‘Continuous testing and a real-time understanding of my threat exposure’ – Ooredoo exec on the benefits of Bug Bounty]]>https://www.yeswehack.com/en/blog/continuous-testing-threat-exposure-ooredoohttps://www.yeswehack.com/en/blog/continuous-testing-threat-exposure-ooredooTue, 22 Apr 2025 08:36:00 GMT<![CDATA[UK publishes proposals for NIS 2-equivalent Cyber Security and Resilience Bill]]>https://www.yeswehack.com/en/blog/uk-proposals-nis-resilience-billhttps://www.yeswehack.com/en/blog/uk-proposals-nis-resilience-billWed, 16 Apr 2025 11:59:00 GMT<![CDATA[HTTP header hacks: basic and advanced exploit techniques explored]]>https://www.yeswehack.com/en/blog/http-header-exploitationhttps://www.yeswehack.com/en/blog/http-header-exploitationTue, 15 Apr 2025 12:05:00 GMT<![CDATA[Spyware pact draws distinction between malicious and legitimate use of cyber-intrusion tools]]>https://www.yeswehack.com/en/blog/spyware-pact-malicious-legitimate-usehttps://www.yeswehack.com/en/blog/spyware-pact-malicious-legitimate-useThu, 10 Apr 2025 14:24:00 GMT<![CDATA[Hacking GraphQL endpoints with introspection, query, mutation, batching attacks]]>https://www.yeswehack.com/en/blog/hacking-graphql-endpointshttps://www.yeswehack.com/en/blog/hacking-graphql-endpointsTue, 08 Apr 2025 13:31:00 GMT<![CDATA[EUCC cyber certification scheme enters early adopter phase after vulnerability disclosure rules issued]]>https://www.yeswehack.com/en/blog/eucc-certification-scheme-early-adopterhttps://www.yeswehack.com/en/blog/eucc-certification-scheme-early-adopterWed, 02 Apr 2025 12:00:00 GMT<![CDATA[The art of payload obfuscation: how to mask malicious scripts and bypass defence mechanisms]]>https://www.yeswehack.com/en/blog/payload-obfuscation-techniques-guidehttps://www.yeswehack.com/en/blog/payload-obfuscation-techniques-guideThu, 27 Mar 2025 14:42:00 GMT<![CDATA[Limitations are just an illusion – advanced server-side template exploitation with RCE everywhere]]>https://www.yeswehack.com/en/blog/server-side-template-injection-exploitationhttps://www.yeswehack.com/en/blog/server-side-template-injection-exploitationMon, 24 Mar 2025 09:06:00 GMT<![CDATA[YouTube email leak exploit, Great ‘Wallbleed’ of China, Burp’s overlooked ‘best feature’ – ethical hacker news roundup]]>https://www.yeswehack.com/en/blog/youtube-wallbleed-burp-hacker-rounduphttps://www.yeswehack.com/en/blog/youtube-wallbleed-burp-hacker-roundupFri, 21 Mar 2025 10:28:00 GMT<![CDATA[Mitigating AI cybersecurity risks with Bug Bounty Programs: A deep dive]]>https://www.yeswehack.com/en/blog/ai-cybersecurity-risks-bug-bountyhttps://www.yeswehack.com/en/blog/ai-cybersecurity-risks-bug-bountyWed, 19 Mar 2025 13:30:00 GMT<![CDATA[Recon series #3: HTTP fingerprinting – sleuthing for a web application’s hidden vulnerabilities]]>https://www.yeswehack.com/en/blog/recon-series-http-fingerprintinghttps://www.yeswehack.com/en/blog/recon-series-http-fingerprintingTue, 18 Mar 2025 14:58:00 GMT<![CDATA[US House passes bill mandating vulnerability disclosure policies for federal contractors]]>https://www.yeswehack.com/en/blog/us-house-bill-vulnerability-disclosurehttps://www.yeswehack.com/en/blog/us-house-bill-vulnerability-disclosureTue, 11 Mar 2025 13:33:00 GMT<![CDATA[Dojo challenge #39 - Phishing winners & writeup]]>https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-39https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-39Thu, 06 Mar 2025 14:57:28 GMT<![CDATA[Junior devs ‘can’t actually code’, AI coding risks, security researchers decry inscrutable AI – OffSec roundup for CISOs]]>https://www.yeswehack.com/en/blog/devs-ai-coding-risks-researchers-decryhttps://www.yeswehack.com/en/blog/devs-ai-coding-risks-researchers-decryMon, 03 Mar 2025 11:13:00 GMT<![CDATA[Recon Series #2: Subdomain enumeration – expand attack surfaces with active, passive techniques]]>https://www.yeswehack.com/en/blog/subdomain-enumeration-expand-attack-surfacehttps://www.yeswehack.com/en/blog/subdomain-enumeration-expand-attack-surfaceThu, 20 Feb 2025 18:22:00 GMT<![CDATA[Bounty Grid Boost: Ethical Hackers Invited to Strengthen the Security of the French Government’s Digital Services]]>https://www.yeswehack.com/en/blog/french-government-bounty-grid-boosthttps://www.yeswehack.com/en/blog/french-government-bounty-grid-boostMon, 17 Feb 2025 14:41:00 GMT<![CDATA[Top web hacking techniques of 2024, McDelivery hijack, 4D SOTA jailbreak – ethical hacker news roundup]]>https://www.yeswehack.com/en/blog/web-hacking-techniques-mcdelivery-sotahttps://www.yeswehack.com/en/blog/web-hacking-techniques-mcdelivery-sotaThu, 13 Feb 2025 12:12:00 GMT<![CDATA[XSS attacks and exploitation: The ultimate guide to cross-site scripting]]>https://www.yeswehack.com/en/blog/xss-attacks-exploitation-ultimate-guidehttps://www.yeswehack.com/en/blog/xss-attacks-exploitation-ultimate-guideTue, 11 Feb 2025 12:57:55 GMT<![CDATA[Vulnerability management reboot sought, CISOs more influential in boardroom, Trump’s cyber overhaul – OffSec roundup for CISOs]]>https://www.yeswehack.com/en/blog/vulnerability-management-reboot-cisos-trumphttps://www.yeswehack.com/en/blog/vulnerability-management-reboot-cisos-trumpFri, 07 Feb 2025 15:49:00 GMT<![CDATA[CVE surge: Why the record rise in new vulnerabilities?]]>https://www.yeswehack.com/en/blog/cve-surge-record-jump-vulnerabilitieshttps://www.yeswehack.com/en/blog/cve-surge-record-jump-vulnerabilitiesTue, 28 Jan 2025 15:49:00 GMT<![CDATA[Dojo challenge #38 - Xmas wishlist, winners and writeup]]>https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-38https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-38Thu, 23 Jan 2025 14:56:31 GMT<![CDATA[DORA now in force: 5 ways YesWeHack’s offensive security platform can bolster your Digital Operational Resilience Act compliance]]>https://www.yeswehack.com/en/blog/dora-offensive-security-platform-compliancehttps://www.yeswehack.com/en/blog/dora-offensive-security-platform-complianceWed, 22 Jan 2025 08:43:00 GMT<![CDATA[The YesWeHack Bug Bounty Report 2025]]>https://www.yeswehack.com/en/blog/yeswehack-bug-bounty-report-2025https://www.yeswehack.com/en/blog/yeswehack-bug-bounty-report-2025Tue, 14 Jan 2025 11:41:00 GMT<![CDATA[Recon Series #1: Discovering and mapping hidden endpoints and parameters to expand attack surfaces]]>https://www.yeswehack.com/en/blog/discover-map-hidden-endpoints-parametershttps://www.yeswehack.com/en/blog/discover-map-hidden-endpoints-parametersThu, 09 Jan 2025 12:00:00 GMT<![CDATA[‘There are a lot of vulnerabilities on public programs’: pwnii’s Bug Bounty journey so far]]>https://www.yeswehack.com/en/blog/vulnerabilities-pwnii-bug-bounty-journeyhttps://www.yeswehack.com/en/blog/vulnerabilities-pwnii-bug-bounty-journeyMon, 06 Jan 2025 12:03:00 GMT<![CDATA[‘Hacking is essentially about curiosity’: Blaklis on the art and science of Bug Bounty hunting]]>https://www.yeswehack.com/en/blog/blaklis-art-science-bug-bounty-huntinghttps://www.yeswehack.com/en/blog/blaklis-art-science-bug-bounty-huntingThu, 19 Dec 2024 08:18:00 GMT<![CDATA[DOMPurify bypasses, prompt injecting ChatGPT to shell, AI fuzz finds – ethical hacker news roundup]]>https://www.yeswehack.com/en/blog/dompurify-bypasses-chatgpt-ai-fuzzhttps://www.yeswehack.com/en/blog/dompurify-bypasses-chatgpt-ai-fuzzMon, 16 Dec 2024 14:36:00 GMT<![CDATA[Dojo challenge #37 - Hacker Forum winners and writeup]]>https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-37https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-37Fri, 13 Dec 2024 10:39:38 GMT<![CDATA[‘My best attribute is persistence – technical skills you can learn’: drak3hft7’s Bug Bounty story so far]]>https://www.yeswehack.com/en/blog/attribute-persistence-drak3hft7-bug-bountyhttps://www.yeswehack.com/en/blog/attribute-persistence-drak3hft7-bug-bountyWed, 11 Dec 2024 09:24:00 GMT<![CDATA[Clock ticking on Cyber Resilience Act compliance, Bug Bounty forecasts, intriguing CISA red team find – OffSec roundup for CISOs]]>https://www.yeswehack.com/en/blog/cra-compliance-bug-bounty-forecastshttps://www.yeswehack.com/en/blog/cra-compliance-bug-bounty-forecastsMon, 09 Dec 2024 11:33:00 GMT<![CDATA[‘Collaboration helped me become successful’: Nagli on becoming a world-renowned Bug Bounty hunter]]>https://www.yeswehack.com/en/blog/collaboration-nagli-bug-bounty-hunterhttps://www.yeswehack.com/en/blog/collaboration-nagli-bug-bounty-hunterMon, 02 Dec 2024 12:31:00 GMT<![CDATA[PimpMyBurp #11 – Master Signed Token Exploits with SignSaboteur]]>https://www.yeswehack.com/en/blog/pimpmyburp-signsaboteur-burpsuite-extensionhttps://www.yeswehack.com/en/blog/pimpmyburp-signsaboteur-burpsuite-extensionWed, 27 Nov 2024 14:00:00 GMT<![CDATA[Cyber Resilience Act: compliance countdown set to start for EU law focused on eliminating vulnerabilities]]>https://www.yeswehack.com/en/blog/cyber-resilience-act-compliance-countdownhttps://www.yeswehack.com/en/blog/cyber-resilience-act-compliance-countdownMon, 25 Nov 2024 09:00:00 GMT<![CDATA[Attack surface discovery: mapping your exposed vectors with continuous threat exposure management (CTEM series #1)]]>https://www.yeswehack.com/en/blog/attack-surface-discovery-vectors-ctemhttps://www.yeswehack.com/en/blog/attack-surface-discovery-vectors-ctemFri, 22 Nov 2024 10:55:00 GMT<![CDATA[New tool for finding mutated XSS, $20k Chromium sandbox escape, Live bug bounty results from Ekoparty – ethical hacker news roundup]]>https://www.yeswehack.com/en/blog/Mutated-xss-chromium-sandbox-ekopartyhttps://www.yeswehack.com/en/blog/Mutated-xss-chromium-sandbox-ekopartyMon, 18 Nov 2024 14:02:00 GMT<![CDATA[‘The collective knowledge ATG gets is huge’: cyber chief on Betting brand’s Bug Bounty story]]>https://www.yeswehack.com/en/blog/collective-knowledge-atg-bug-bountyhttps://www.yeswehack.com/en/blog/collective-knowledge-atg-bug-bountyWed, 13 Nov 2024 08:35:00 GMT<![CDATA[NIS 2 in force, Cyber Resilience Act adopted, CISA hails VDP impact – OffSec roundup for CISOs]]>https://www.yeswehack.com/en/blog/nis-2-cisa-vdp-offsec-cisoshttps://www.yeswehack.com/en/blog/nis-2-cisa-vdp-offsec-cisosMon, 11 Nov 2024 08:36:00 GMT<![CDATA[Dojo challenge #36 - Shell Escape winners and writeup]]>https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-36https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-36Fri, 08 Nov 2024 09:00:00 GMT<![CDATA[‘Happy hunters equal happy customers and vice versa’: YesWeHack vulnerability triage chief Adrien Jeanneau on creating a virtuous Bug Bounty circle]]>https://www.yeswehack.com/en/blog/yeswehack-vulnerability-triage-adrien-jeanneauhttps://www.yeswehack.com/en/blog/yeswehack-vulnerability-triage-adrien-jeanneauThu, 07 Nov 2024 08:36:00 GMT<![CDATA[Dom-Explorer tool launched to reveal how browsers parse HTML and find mutated XSS vulnerabilities]]>https://www.yeswehack.com/en/blog/dom-explorer-tool-parse-htmlhttps://www.yeswehack.com/en/blog/dom-explorer-tool-parse-htmlMon, 04 Nov 2024 12:47:00 GMT<![CDATA[‘I like Android apps and open-source code’: HakuPiku on Bug Bounty, CTFs and his favourite targets]]>https://www.yeswehack.com/en/blog/android-apps-hakupiku-bug-bountyhttps://www.yeswehack.com/en/blog/android-apps-hakupiku-bug-bountyMon, 28 Oct 2024 12:48:00 GMT<![CDATA[‘More efficient than a pentest and it generates trust’: TeamViewer’s Bug Bounty story so far]]>https://www.yeswehack.com/en/blog/efficient-pentest-teamviewer-bug-bountyhttps://www.yeswehack.com/en/blog/efficient-pentest-teamviewer-bug-bountyThu, 24 Oct 2024 02:00:00 GMT<![CDATA[White-box penetration testing: How to debug for JavaScript vulnerabilities]]>https://www.yeswehack.com/en/blog/white-box-debug-JavaScript-vulnerabilitieshttps://www.yeswehack.com/en/blog/white-box-debug-JavaScript-vulnerabilitiesTue, 22 Oct 2024 14:32:00 GMT<![CDATA[Tackling tech sprawl, CISO burnout, NIS 2 now enforceable – OffSec roundup for CISOs]]>https://www.yeswehack.com/en/blog/tech-sprawl-nis-2-offsec-rounduphttps://www.yeswehack.com/en/blog/tech-sprawl-nis-2-offsec-roundupFri, 18 Oct 2024 10:13:00 GMT<![CDATA[The NIS 2 Directive is now enforceable: What are the implications for vulnerability management?]]>https://www.yeswehack.com/en/blog/nis-2-directive-vulnerability-managementhttps://www.yeswehack.com/en/blog/nis-2-directive-vulnerability-managementThu, 17 Oct 2024 09:07:00 GMT<![CDATA[Partial SolarWinds reprieve, CrowdStrike lessons, LLM kryptonite – OffSec roundup for CISOs]]>https://www.yeswehack.com/en/blog/solarwinds-crowdStrike-llm-ciso-rounduphttps://www.yeswehack.com/en/blog/solarwinds-crowdStrike-llm-ciso-roundupWed, 16 Oct 2024 15:00:29 GMT<![CDATA[YesWeHack and Ferrero inaugurate Italy’s first live hacking event]]>https://www.yeswehack.com/en/blog/ferrero-live-hacking-eventhttps://www.yeswehack.com/en/blog/ferrero-live-hacking-eventWed, 16 Oct 2024 14:58:00 GMT<![CDATA[Top 5 hacking tools for white-box pentesting]]>https://www.yeswehack.com/en/blog/5-tools-white-box-pentestinghttps://www.yeswehack.com/en/blog/5-tools-white-box-pentestingThu, 10 Oct 2024 13:28:06 GMT<![CDATA[Web timing attacks, Apache HTTP confusion attacks, email parsing discrepancies – ethical hacker news roundup]]>https://www.yeswehack.com/en/blog/web-timing-attacks-http-serverhttps://www.yeswehack.com/en/blog/web-timing-attacks-http-serverMon, 30 Sep 2024 15:25:00 GMT<![CDATA[Dojo challenge #35 winners!]]>https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-35https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-35Wed, 25 Sep 2024 12:17:35 GMT<![CDATA[NIS 2 in brief, security tech hype cycle, Italy’s first ever live Bug Bounty – OffSec roundup for CISOs]]>https://www.yeswehack.com/en/blog/nis-2-hype-cycle-italyhttps://www.yeswehack.com/en/blog/nis-2-hype-cycle-italyFri, 20 Sep 2024 12:41:00 GMT<![CDATA[White-box penetration testing: Debugging for Python vulnerabilities]]>https://www.yeswehack.com/en/blog/penetration-testing-debugging-python-vulnerabilitieshttps://www.yeswehack.com/en/blog/penetration-testing-debugging-python-vulnerabilitiesThu, 12 Sep 2024 12:01:46 GMT<![CDATA[Hacking for €10k rewards and a secure open source ecosystem: Bug Bounty opportunities from the Sovereign Tech Fund]]>https://www.yeswehack.com/en/blog/open-source-sovereign-tech-fundhttps://www.yeswehack.com/en/blog/open-source-sovereign-tech-fundWed, 04 Sep 2024 12:13:00 GMT<![CDATA[ORM leaks, CSRF is alive, lockpicking lessons – ethical hacker news roundup]]>https://www.yeswehack.com/en/blog/orm-leaks-csrf-hacker-rounduphttps://www.yeswehack.com/en/blog/orm-leaks-csrf-hacker-roundupWed, 14 Aug 2024 13:56:00 GMT<![CDATA[Dojo challenge #34 winners!]]>https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-34https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-34Mon, 05 Aug 2024 15:19:47 GMT<![CDATA[Hack Me I’m Famous #2: Louis Vuitton sets trend with first live hacking event in luxury fashion sector]]>https://www.yeswehack.com/en/blog/louis-vuitton-live-hacking-eventhttps://www.yeswehack.com/en/blog/louis-vuitton-live-hacking-eventTue, 30 Jul 2024 10:20:05 GMT<![CDATA[White-box penetration testing with Xdebug: Debugging for PHP vulnerabilities]]>https://www.yeswehack.com/en/blog/white-box-penetration-testing-xdebughttps://www.yeswehack.com/en/blog/white-box-penetration-testing-xdebugFri, 19 Jul 2024 15:29:00 GMT<![CDATA[L'Oréal lauds live Bug Bounty success at LeHack 2024]]>https://www.yeswehack.com/en/blog/loreal-live-hacking-event-lehackhttps://www.yeswehack.com/en/blog/loreal-live-hacking-event-lehackFri, 12 Jul 2024 12:59:00 GMT<![CDATA[Sam Curry modem masterclass, PHP threat to Windows Servers, Calls for AI safety Bug Bounties – ethical hacker news roundup]]>https://www.yeswehack.com/en/blog/sam-curry-php-hacker-rounduphttps://www.yeswehack.com/en/blog/sam-curry-php-hacker-roundupTue, 09 Jul 2024 13:33:00 GMT<![CDATA[Critical infrastructure-level protections for YesWeHack cloud after switch to SecNumCloud-qualified service]]>https://www.yeswehack.com/en/blog/critical-infrastructure-yeswehack-cloud-secnumcloudhttps://www.yeswehack.com/en/blog/critical-infrastructure-yeswehack-cloud-secnumcloudThu, 04 Jul 2024 10:11:00 GMT<![CDATA[Apple declines to pay Kaspersky vuln reward, Bug Bounty ‘extortion’ dispute, Microsoft Recall backlash – OffSec roundup for CISOs]]>https://www.yeswehack.com/en/blog/apple-kaspersky-microsoft-ciso-rounduphttps://www.yeswehack.com/en/blog/apple-kaspersky-microsoft-ciso-roundupTue, 02 Jul 2024 13:06:00 GMT<![CDATA[Dojo challenge #33 winners!]]>https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-33https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-33Tue, 25 Jun 2024 14:56:09 GMT<![CDATA[Countdown to NIS 2 compliance: Key insights and implications for your SecOps strategy]]>https://www.yeswehack.com/en/blog/nis-2-ctem-vulnerability-compliancehttps://www.yeswehack.com/en/blog/nis-2-ctem-vulnerability-complianceTue, 18 Jun 2024 08:59:00 GMT<![CDATA[YesWeHack lève 26 millions d'euros pour accélérer sa croissance et son expansion internationale]]>https://www.yeswehack.com/en/blog/yeswehack-leve-26-million-d-euros-en-serie-Chttps://www.yeswehack.com/en/blog/yeswehack-leve-26-million-d-euros-en-serie-CTue, 11 Jun 2024 06:48:00 GMT<![CDATA[YesWeHack raises 26 million euros to accelerate its growth and international expansion]]>https://www.yeswehack.com/en/blog/yeswehack-fundraising-26-million-euros-series-Chttps://www.yeswehack.com/en/blog/yeswehack-fundraising-26-million-euros-series-CTue, 11 Jun 2024 06:29:00 GMT<![CDATA[‘Our businesses are reassured that we’re protecting their activities’: Les Mousquetaires CISO on leveraging live hacking events]]>https://www.yeswehack.com/en/blog/les-mousquetaires-ciso-hacking-eventshttps://www.yeswehack.com/en/blog/les-mousquetaires-ciso-hacking-eventsThu, 06 Jun 2024 07:55:00 GMT<![CDATA[‘No cheaper way of getting security testing’: financial services Bug Bounty success story]]>https://www.yeswehack.com/en/blog/security-testing-bug-bounty-financialhttps://www.yeswehack.com/en/blog/security-testing-bug-bounty-financialTue, 28 May 2024 07:34:00 GMT<![CDATA[Dojo challenge #32 winners!]]>https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-32https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-32Fri, 17 May 2024 08:23:00 GMT<![CDATA[UK PSTI Act: ‘World first’ IoT security rules offer reminder of VDP virtues]]>https://www.yeswehack.com/en/blog/Uk-psti-act-vdp-virtueshttps://www.yeswehack.com/en/blog/Uk-psti-act-vdp-virtuesFri, 10 May 2024 10:35:00 GMT<![CDATA[‘An efficient way to uncover vulnerabilities’: Doctolib's five years in Bug Bounty]]>https://www.yeswehack.com/en/blog/doctolib-five-years-bug-bountyhttps://www.yeswehack.com/en/blog/doctolib-five-years-bug-bountyTue, 30 Apr 2024 07:46:00 GMT<![CDATA[Bug Bounty hunters mount impressive sprint finish to Caisse des Dépôts marathon]]>https://www.yeswehack.com/en/blog/bug-hunters-caisse-depots-marathonhttps://www.yeswehack.com/en/blog/bug-hunters-caisse-depots-marathonFri, 26 Apr 2024 09:50:56 GMT<![CDATA[Dojo challenge #31 winners!]]>https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-31https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winners-31Tue, 16 Apr 2024 12:55:42 GMT<![CDATA[‘Hunters’ biggest mistake? Expecting immediate results’: ‘RL’ on building a Bug Bounty career]]>https://www.yeswehack.com/en/blog/RL-building-bug-bounty-careerhttps://www.yeswehack.com/en/blog/RL-building-bug-bounty-careerFri, 22 Mar 2024 08:46:00 GMT<![CDATA[‘Large amount of knowhow’: Why Thüringer Aufbaubank harnesses Bug Bounty to bolster customer trust]]>https://www.yeswehack.com/en/blog/knowhow-bug-bounty-thuringer-aufbaubankhttps://www.yeswehack.com/en/blog/knowhow-bug-bounty-thuringer-aufbaubankThu, 21 Mar 2024 08:37:00 GMT<![CDATA[‘I stay on targets for a long, long time’: Chackal and Serizao on passion, persistence and partnerships in Bug Bounty]]>https://www.yeswehack.com/en/blog/bug-bounty-targets-chackal-serizaohttps://www.yeswehack.com/en/blog/bug-bounty-targets-chackal-serizaoWed, 13 Mar 2024 09:06:00 GMT<![CDATA[Dojo challenge #30 winners!]]>https://www.yeswehack.com/en/blog/dojo-ctf-challenge-winnershttps://www.yeswehack.com/en/blog/dojo-ctf-challenge-winnersTue, 12 Mar 2024 12:38:36 GMT<![CDATA[‘Adapt payloads to your targets’: Brumens’ Bug Bounty tips for newbies]]>https://www.yeswehack.com/en/blog/brumens-bug-bounty-tips-newbieshttps://www.yeswehack.com/en/blog/brumens-bug-bounty-tips-newbiesThu, 07 Mar 2024 09:07:00 GMT<![CDATA[How to write an effective Bug Bounty report]]>https://www.yeswehack.com/en/blog/write-effective-bug-bounty-reportshttps://www.yeswehack.com/en/blog/write-effective-bug-bounty-reportsWed, 06 Mar 2024 14:13:11 GMT<![CDATA[‘Be curious, be persistent’: Icare on thriving as a Bug Bounty hunter]]>https://www.yeswehack.com/en/blog/Icare-thriving-bug-bounty-hunterhttps://www.yeswehack.com/en/blog/Icare-thriving-bug-bounty-hunterFri, 01 Mar 2024 09:07:00 GMT<![CDATA[‘We opted for Bug Bounty for agility reasons’: European Community of Alsace CISO]]>https://www.yeswehack.com/en/blog/bug-bounty-european-alsace-cisohttps://www.yeswehack.com/en/blog/bug-bounty-european-alsace-cisoTue, 27 Feb 2024 09:09:00 GMT<![CDATA[YesWeHack hunter achievements: Unveiling the Galactic Guardians series]]>https://www.yeswehack.com/en/blog/new-hacker-achievementshttps://www.yeswehack.com/en/blog/new-hacker-achievementsFri, 23 Feb 2024 14:44:51 GMT<![CDATA[‘Proficiency takes time’: Xel on his best Bug Bounty finds and the primacy of patience in ethical hacking]]>https://www.yeswehack.com/en/blog/Xel-ethical-hacking-interview-advicehttps://www.yeswehack.com/en/blog/Xel-ethical-hacking-interview-adviceThu, 22 Feb 2024 09:12:00 GMT<![CDATA[YesWeHack unveils workflow-friendly revamp of user interface]]>https://www.yeswehack.com/en/blog/yeswehack-workflow-friendly-user-interfacehttps://www.yeswehack.com/en/blog/yeswehack-workflow-friendly-user-interfaceMon, 19 Feb 2024 09:13:00 GMT<![CDATA[‘The red team’s security skills have increased considerably’: Bug Bounty at Bancolombia]]>https://www.yeswehack.com/en/blog/red-team-bancolombia-bug-bountyhttps://www.yeswehack.com/en/blog/red-team-bancolombia-bug-bountyThu, 15 Feb 2024 09:08:00 GMT<![CDATA[Smart Automation With Burp Suite]]>https://www.yeswehack.com/en/blog/smart-automation-with-burp-suitehttps://www.yeswehack.com/en/blog/smart-automation-with-burp-suiteWed, 14 Feb 2024 13:11:50 GMT<![CDATA[‘The level of automation right now is crazy’: GoDiego on why post-auth vulnerabilities are the future of Bug Bounty]]>https://www.yeswehack.com/en/blog/automation-godiego-future-bug-bountyhttps://www.yeswehack.com/en/blog/automation-godiego-future-bug-bountyTue, 13 Feb 2024 09:09:00 GMT<![CDATA[US SEC cyber rules, SolarWinds CISO charges: How a unified OffSec strategy can enhance your SEC disclosures]]>https://www.yeswehack.com/en/blog/sec-cyber-rules-solarwinds-offsechttps://www.yeswehack.com/en/blog/sec-cyber-rules-solarwinds-offsecThu, 08 Feb 2024 09:14:00 GMT<![CDATA[Unveiling Dojo v2: Our new CTF and realistic challenge-building framework]]>https://www.yeswehack.com/en/blog/unveiling-dojo-v2-our-new-ctf-and-realistic-challenge-building-frameworkhttps://www.yeswehack.com/en/blog/unveiling-dojo-v2-our-new-ctf-and-realistic-challenge-building-frameworkWed, 07 Feb 2024 14:33:54 GMT<![CDATA['ROI is easy to justify’: Bug Bounty success story from a luxury goods retailer ]]>https://www.yeswehack.com/en/blog/bug-bounty-success-story-luxury-goods-retailerhttps://www.yeswehack.com/en/blog/bug-bounty-success-story-luxury-goods-retailerThu, 01 Feb 2024 03:00:00 GMT<![CDATA[YesWeHack announces CREST accreditation for pentesting services]]>https://www.yeswehack.com/en/blog/yeswehack-crest-accreditation-pentesting-serviceshttps://www.yeswehack.com/en/blog/yeswehack-crest-accreditation-pentesting-servicesMon, 29 Jan 2024 11:41:00 GMT<![CDATA[Festive Dojo challenge #29: SantaLock winners revealed!]]>https://www.yeswehack.com/en/blog/dojo-challenge-29-santalockhttps://www.yeswehack.com/en/blog/dojo-challenge-29-santalockWed, 03 Jan 2024 15:00:22 GMT<![CDATA[9 rules for a successful first-time Bug Bounty Program]]>https://www.yeswehack.com/en/blog/9-rules-for-a-successful-first-time-bug-bounty-programhttps://www.yeswehack.com/en/blog/9-rules-for-a-successful-first-time-bug-bounty-programThu, 14 Dec 2023 13:23:00 GMT<![CDATA[YesWeHack secures ISO/IEC 27017 certification to boost trust in our cloud-based services]]>https://www.yeswehack.com/en/blog/yeswehack-iso-iec-27017-certification-cloud-trusthttps://www.yeswehack.com/en/blog/yeswehack-iso-iec-27017-certification-cloud-trustThu, 07 Dec 2023 08:59:52 GMT<![CDATA["Triage was world class": Bug Bounty success story from risk-management giant DNV ]]>https://www.yeswehack.com/en/blog/triage-was-world-class-bug-bounty-success-story-from-risk-management-giant-dnvhttps://www.yeswehack.com/en/blog/triage-was-world-class-bug-bounty-success-story-from-risk-management-giant-dnvTue, 05 Dec 2023 13:15:00 GMT<![CDATA[Introducing the YesWeHack Advent Calendar: 24 Days of Challenges and Festive Fun!]]>https://www.yeswehack.com/en/blog/introducing-the-yeswehack-advent-calendar-24-days-of-challenges-and-festive-funhttps://www.yeswehack.com/en/blog/introducing-the-yeswehack-advent-calendar-24-days-of-challenges-and-festive-funFri, 01 Dec 2023 13:15:00 GMT<![CDATA[Busting Bug Bounty misconceptions]]>https://www.yeswehack.com/en/blog/busting-bug-bounty-misconceptionshttps://www.yeswehack.com/en/blog/busting-bug-bounty-misconceptionsThu, 16 Nov 2023 13:15:00 GMT<![CDATA[How Bug Bounty and Attack Surface Management can help you comply with the Digital Operational Resilience Act’s upcoming requirements ]]>https://www.yeswehack.com/en/blog/how-bug-bounty-and-attack-surface-management-can-help-you-comply-with-the-digital-operationalhttps://www.yeswehack.com/en/blog/how-bug-bounty-and-attack-surface-management-can-help-you-comply-with-the-digital-operationalThu, 16 Nov 2023 10:12:00 GMT<![CDATA[DOJO Challenge #28 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-28-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-28-winnersTue, 14 Nov 2023 15:47:54 GMT<![CDATA[Continuous Threat Exposure Management: Unify your Offsec Strategy with YesWeHack]]>https://www.yeswehack.com/en/blog/continuous-threat-exposure-management-unify-your-offsec-strategy-with-yeswehackhttps://www.yeswehack.com/en/blog/continuous-threat-exposure-management-unify-your-offsec-strategy-with-yeswehackThu, 09 Nov 2023 08:31:27 GMT<![CDATA[‘YesWeHack adapted to our needs’: The Bug Bounty story so far for connected health pioneer Withings]]>https://www.yeswehack.com/en/blog/yeswehack-bug-bounty-story-connected-health-pioneer-withingshttps://www.yeswehack.com/en/blog/yeswehack-bug-bounty-story-connected-health-pioneer-withingsThu, 26 Oct 2023 07:08:12 GMT<![CDATA[PimpMyBurp #10: Hackvertor – unleashing the power of Burp Suite]]>https://www.yeswehack.com/en/blog/pimpmyburp-10-Hackvertorhttps://www.yeswehack.com/en/blog/pimpmyburp-10-HackvertorWed, 11 Oct 2023 11:54:42 GMT<![CDATA[DOJO Challenge #27 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-27-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-27-winnersMon, 09 Oct 2023 13:27:00 GMT<![CDATA[Firefly v1.1.0: A smart black-box fuzzer for testing web applications]]>https://www.yeswehack.com/en/blog/firefly-v1-1-0-a-smart-black-box-fuzzer-for-testing-web-applicationshttps://www.yeswehack.com/en/blog/firefly-v1-1-0-a-smart-black-box-fuzzer-for-testing-web-applicationsThu, 14 Sep 2023 13:00:00 GMT<![CDATA[DOJO Challenge #26 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-26-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-26-winnersMon, 04 Sep 2023 12:14:00 GMT<![CDATA[PimpMyBurp #9 – Use BCheck to improve vulnerability scanning]]>https://www.yeswehack.com/en/blog/pimpmyburp-9-use-bcheck-to-improve-vulnerability-scanninghttps://www.yeswehack.com/en/blog/pimpmyburp-9-use-bcheck-to-improve-vulnerability-scanningTue, 01 Aug 2023 13:18:00 GMT<![CDATA[DOJO Challenge #25 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-25-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-25-winnersThu, 27 Jul 2023 12:26:00 GMT<![CDATA[LeHACK recap: hunters push boundaries at YesWeHack Live Bug Bounty with Red Cross and Les Mousquetaires]]>https://www.yeswehack.com/en/blog/lehack-yeswehack-live-bug-bounty-with-red-cross-and-les-mousquetaireshttps://www.yeswehack.com/en/blog/lehack-yeswehack-live-bug-bounty-with-red-cross-and-les-mousquetairesTue, 11 Jul 2023 13:11:00 GMT<![CDATA[Web Application Black-Box Testing]]>https://www.yeswehack.com/en/blog/black-box-testing-techniques-web-applicationhttps://www.yeswehack.com/en/blog/black-box-testing-techniques-web-applicationThu, 06 Jul 2023 14:07:00 GMT<![CDATA[How compliance will increasingly drive adoption of Bug Bounty Programs – YesWeHack at Stockholm cyber-defense event]]>https://www.yeswehack.com/en/blog/compliance-bug-bounty-programs-yeswehack-at-stockholm-cyber-defense-eventhttps://www.yeswehack.com/en/blog/compliance-bug-bounty-programs-yeswehack-at-stockholm-cyber-defense-eventFri, 23 Jun 2023 14:43:00 GMT<![CDATA[DOJO Challenge #24 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-24-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-24-winnersMon, 19 Jun 2023 12:49:00 GMT<![CDATA[YesWeHack integrates the prestigious French Tech 2030 program]]>https://www.yeswehack.com/en/blog/yeswehack-integrates-the-prestigious-french-tech-2030-programhttps://www.yeswehack.com/en/blog/yeswehack-integrates-the-prestigious-french-tech-2030-programThu, 15 Jun 2023 14:48:00 GMT<![CDATA[DOJO CHALLENGE #20 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-20-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-20-winnersTue, 06 Jun 2023 13:37:00 GMT<![CDATA[‘Start small – but start now!’ Inside Orange’s Bug Bounty journey with YesWeHack]]>https://www.yeswehack.com/en/blog/start-small-but-start-now-inside-oranges-bug-bounty-journey-with-yeswehackhttps://www.yeswehack.com/en/blog/start-small-but-start-now-inside-oranges-bug-bounty-journey-with-yeswehackMon, 05 Jun 2023 11:35:00 GMT<![CDATA[DOJO Challenge #23 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-23-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-23-winnersMon, 15 May 2023 12:59:00 GMT<![CDATA[PimpMyBurp #8 – Perform Advanced Fuzzing With Turbo Intruder]]>https://www.yeswehack.com/en/blog/pimpmyburp-8-advanced-fuzzing-turbo-intruderhttps://www.yeswehack.com/en/blog/pimpmyburp-8-advanced-fuzzing-turbo-intruderWed, 03 May 2023 14:13:00 GMT<![CDATA[Raising Awareness Among Development Teams: Hack Day with Scania and YesWeHack in Stockholm]]>https://www.yeswehack.com/en/blog/hack-day-with-scania-and-yeswehack-in-stockholmhttps://www.yeswehack.com/en/blog/hack-day-with-scania-and-yeswehack-in-stockholmThu, 27 Apr 2023 14:54:00 GMT<![CDATA[Navigating the Waters of Bug Bounty: Lessons Learned from Brittany Ferries’ Live Event]]>https://www.yeswehack.com/en/blog/navigating-the-waters-of-bug-bounty-lessons-learned-from-brittany-ferries-live-eventhttps://www.yeswehack.com/en/blog/navigating-the-waters-of-bug-bounty-lessons-learned-from-brittany-ferries-live-eventTue, 18 Apr 2023 15:00:00 GMT<![CDATA[DOJO Challenge #22 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-22-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-22-winnersFri, 07 Apr 2023 08:52:00 GMT<![CDATA[Telenor Sweden uses ethical hackers to dial-up cybersecurity to the max]]>https://www.yeswehack.com/en/blog/telenor-sweden-to-use-ethical-hackers-to-dial-up-cybersecurity-to-the-max-in-partnership-with-yeswehackhttps://www.yeswehack.com/en/blog/telenor-sweden-to-use-ethical-hackers-to-dial-up-cybersecurity-to-the-max-in-partnership-with-yeswehackFri, 10 Mar 2023 10:36:00 GMT<![CDATA[Ooredoo Launches New Cyber-Security Program to Upgrade Security Practices and Enhance Cyber-Security]]>https://www.yeswehack.com/en/blog/ooredoo-launches-new-cyber-security-program-to-upgrade-security-practices-and-enhance-cyber-securityhttps://www.yeswehack.com/en/blog/ooredoo-launches-new-cyber-security-program-to-upgrade-security-practices-and-enhance-cyber-securityTue, 28 Feb 2023 16:14:00 GMT<![CDATA[Server side prototype pollution, how to detect and exploit]]>https://www.yeswehack.com/en/blog/server-side-prototype-pollution-how-to-detect-and-exploithttps://www.yeswehack.com/en/blog/server-side-prototype-pollution-how-to-detect-and-exploitWed, 15 Feb 2023 16:19:00 GMT<![CDATA[DOJO CHALLENGE #21 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-21-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-21-winnersTue, 14 Feb 2023 14:20:00 GMT<![CDATA[Firefly: a smart black-box fuzzer for web applications testing]]>https://www.yeswehack.com/en/blog/firefly-smart-black-box-fuzzer-web-applicationshttps://www.yeswehack.com/en/blog/firefly-smart-black-box-fuzzer-web-applicationsFri, 10 Feb 2023 16:29:00 GMT<![CDATA[PimpMyBurp #7: How HaE Burp Suite extension can help you in your daily hunting session]]>https://www.yeswehack.com/en/blog/pimpmyburp-7-how-hae-burp-suite-extension-help-you-daily-huntinghttps://www.yeswehack.com/en/blog/pimpmyburp-7-how-hae-burp-suite-extension-help-you-daily-huntingWed, 18 Jan 2023 16:48:00 GMT<![CDATA[A sneak peek into Open-Xchange’s public Bug Bounty programs]]>https://www.yeswehack.com/en/blog/a-sneak-peek-into-open-xchange-public-bug-bounty-programshttps://www.yeswehack.com/en/blog/a-sneak-peek-into-open-xchange-public-bug-bounty-programsWed, 18 Jan 2023 16:37:00 GMT<![CDATA[Vulnerability Disclosure Policy as a first step of GfK’s crowdsourced security strategy]]>https://www.yeswehack.com/en/blog/vdp-as-a-first-step-of-gfk-crowdsourced-security-strategyhttps://www.yeswehack.com/en/blog/vdp-as-a-first-step-of-gfk-crowdsourced-security-strategyWed, 11 Jan 2023 16:56:00 GMT<![CDATA[Exploring JavaScript's exploits: A deep dive into XSS vulnerabilities]]>https://www.yeswehack.com/en/blog/javascript-language-made-for-bugshttps://www.yeswehack.com/en/blog/javascript-language-made-for-bugsThu, 08 Dec 2022 08:25:00 GMT<![CDATA[Indonesia’s Largest Fintech OVO kicks off its Public Bug Bounty program on YesWeHack]]>https://www.yeswehack.com/en/blog/ovo-kicks-off-public-bug-bounty-program-on-yeswehackhttps://www.yeswehack.com/en/blog/ovo-kicks-off-public-bug-bounty-program-on-yeswehackMon, 07 Nov 2022 08:21:00 GMT<![CDATA[Turnkey VDP Open Source: making a difference in enhancing cybersecurity as a “public good”]]>https://www.yeswehack.com/en/blog/turnkey-vdp-open-sourcehttps://www.yeswehack.com/en/blog/turnkey-vdp-open-sourceTue, 25 Oct 2022 08:27:00 GMT<![CDATA[Web application firewall bypass]]>https://www.yeswehack.com/en/blog/web-application-firewall-bypasshttps://www.yeswehack.com/en/blog/web-application-firewall-bypassTue, 11 Oct 2022 13:55:00 GMT<![CDATA[Walk me through Open My Heart – Live Bug Bounty event with Lazada]]>https://www.yeswehack.com/en/blog/open-my-heart-live-bug-bounty-with-lazadahttps://www.yeswehack.com/en/blog/open-my-heart-live-bug-bounty-with-lazadaMon, 26 Sep 2022 08:31:00 GMT<![CDATA[Let’s get the IoT landscape less vulnerable for all]]>https://www.yeswehack.com/en/blog/lets-get-the-iot-landscape-less-vulnerable-for-allhttps://www.yeswehack.com/en/blog/lets-get-the-iot-landscape-less-vulnerable-for-allThu, 22 Sep 2022 09:18:00 GMT<![CDATA[Back to Decathlon’s Live Bug Bounty]]>https://www.yeswehack.com/en/blog/back-to-decathlons-live-bug-bountyhttps://www.yeswehack.com/en/blog/back-to-decathlons-live-bug-bountyWed, 15 Jun 2022 09:24:00 GMT<![CDATA[DOJO CHALLENGE #17 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-17-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-17-winnersMon, 13 Jun 2022 14:44:00 GMT<![CDATA[The French government’s digital identity application under Bug Bounty program on YesWeHack]]>https://www.yeswehack.com/en/blog/the-french-governments-digital-identity-application-under-bug-bounty-program-on-yeswehackhttps://www.yeswehack.com/en/blog/the-french-governments-digital-identity-application-under-bug-bounty-program-on-yeswehackMon, 13 Jun 2022 10:14:00 GMT<![CDATA[YesWeHackVR, an immersive hacking game]]>https://www.yeswehack.com/en/blog/yeswehackvr-vr-immersive-hacking-gamehttps://www.yeswehack.com/en/blog/yeswehackvr-vr-immersive-hacking-gameTue, 24 May 2022 10:28:00 GMT<![CDATA[Abusing S3 Bucket Permissions]]>https://www.yeswehack.com/en/blog/abusing-s3-bucket-permissionshttps://www.yeswehack.com/en/blog/abusing-s3-bucket-permissionsWed, 18 May 2022 13:56:00 GMT<![CDATA[Parameter Discovery: A quick guide to start]]>https://www.yeswehack.com/en/blog/parameter-discovery-quick-guide-to-starthttps://www.yeswehack.com/en/blog/parameter-discovery-quick-guide-to-startWed, 20 Apr 2022 14:25:00 GMT<![CDATA[The first live Bug Bounty for European scale-ups and unicorns]]>https://www.yeswehack.com/en/blog/the-first-live-bug-bounty-for-european-scale-ups-and-unicornshttps://www.yeswehack.com/en/blog/the-first-live-bug-bounty-for-european-scale-ups-and-unicornsWed, 06 Apr 2022 10:32:00 GMT<![CDATA[Getting started with smart contract in Bug Bounty]]>https://www.yeswehack.com/en/blog/getting-started-smart-contract-bug-bountyhttps://www.yeswehack.com/en/blog/getting-started-smart-contract-bug-bountyTue, 05 Apr 2022 14:12:00 GMT<![CDATA[Getting Started with iOS Penetration Testing (Part 2)]]>https://www.yeswehack.com/en/blog/getting-started-ios-penetration-testing-part-2https://www.yeswehack.com/en/blog/getting-started-ios-penetration-testing-part-2Fri, 18 Mar 2022 15:30:00 GMT<![CDATA[DOJO CHALLENGE #15 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-15-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-15-winnersMon, 28 Feb 2022 15:55:00 GMT<![CDATA[Subdomains Tools Review: a full and detailed comparison of subdomain enumeration tools]]>https://www.yeswehack.com/en/blog/subdomains-tools-review-full-detailed-comparisonhttps://www.yeswehack.com/en/blog/subdomains-tools-review-full-detailed-comparisonFri, 18 Feb 2022 15:47:00 GMT<![CDATA[DOJO CHALLENGE #19 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-19-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-19-winnersSat, 12 Feb 2022 14:54:00 GMT<![CDATA[DOJO CHALLENGE #18 Winners!]]>https://www.yeswehack.com/en/blog/dojoweb-application-bypass-v2-0https://www.yeswehack.com/en/blog/dojoweb-application-bypass-v2-0Fri, 11 Feb 2022 15:04:00 GMT<![CDATA[Demand for crowdsourced security booms: YesWeHack bug bounty platform continues to thrive]]>https://www.yeswehack.com/en/blog/demand-for-crowdsourced-security-booms-yeswehack-bug-bounty-platform-continues-to-thrivehttps://www.yeswehack.com/en/blog/demand-for-crowdsourced-security-booms-yeswehack-bug-bounty-platform-continues-to-thriveMon, 31 Jan 2022 10:41:00 GMT<![CDATA[Getting Started with iOS Penetration Testing (Part 1)]]>https://www.yeswehack.com/en/blog/getting-started-ios-penetration-testing-part-1https://www.yeswehack.com/en/blog/getting-started-ios-penetration-testing-part-1Wed, 19 Jan 2022 15:37:00 GMT<![CDATA[Log4Shell, Ten Days On: YesWeHack’s Hunters Are at the Forefront of Securing Organisations]]>https://www.yeswehack.com/en/blog/log4shell-yeswehacks-hunters-forefront-securing-organisationshttps://www.yeswehack.com/en/blog/log4shell-yeswehacks-hunters-forefront-securing-organisationsMon, 20 Dec 2021 10:44:00 GMT<![CDATA[ATG uses ethical hackers to rein in cybersecurity challenges]]>https://www.yeswehack.com/en/blog/atg-ethical-hackers-cybersecurity-challenges-partnership-yeswehackhttps://www.yeswehack.com/en/blog/atg-ethical-hackers-cybersecurity-challenges-partnership-yeswehackWed, 01 Dec 2021 12:57:00 GMT<![CDATA[3 Ways Customisable Bug Bounty Programs Improve Flexibility and Agility]]>https://www.yeswehack.com/en/blog/three-ways-customisable-bug-bounty-programs-improve-flexibility-and-agilityhttps://www.yeswehack.com/en/blog/three-ways-customisable-bug-bounty-programs-improve-flexibility-and-agilityTue, 30 Nov 2021 13:10:00 GMT<![CDATA[DOJO CHALLENGE #14 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-14-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-14-winnersMon, 25 Oct 2021 15:06:00 GMT<![CDATA[DANA invites thousands of global security experts to test its e-wallet]]>https://www.yeswehack.com/en/blog/dana-invites-thousands-of-global-security-experts-to-test-its-e-wallet-in-partnership-with-yeswehackhttps://www.yeswehack.com/en/blog/dana-invites-thousands-of-global-security-experts-to-test-its-e-wallet-in-partnership-with-yeswehackThu, 21 Oct 2021 12:15:00 GMT<![CDATA[PimpMyBurp #6 : Generate your reports directly in Burp Suite with RIO]]>https://www.yeswehack.com/en/blog/pimpmyburp-6-generate-reports-directly-burp-suitehttps://www.yeswehack.com/en/blog/pimpmyburp-6-generate-reports-directly-burp-suiteThu, 14 Oct 2021 12:19:00 GMT<![CDATA[ZTE Corporation expands its Bug Bounty in partnership with YesWeHack]]>https://www.yeswehack.com/en/blog/zte-corporation-expands-its-bug-bounty-in-partnership-with-yeswehackhttps://www.yeswehack.com/en/blog/zte-corporation-expands-its-bug-bounty-in-partnership-with-yeswehackMon, 11 Oct 2021 12:19:00 GMT<![CDATA[3 Ways to Increase Profits by Driving Agility with Bug Bounty Programs]]>https://www.yeswehack.com/en/blog/bug-bounty-increase-profits-by-driving-agilityhttps://www.yeswehack.com/en/blog/bug-bounty-increase-profits-by-driving-agilityMon, 04 Oct 2021 12:21:00 GMT<![CDATA[DOJO CHALLENGE #13 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-13-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-13-winnersFri, 24 Sep 2021 15:08:00 GMT<![CDATA[PwnMachine: quick update about fix and new features]]>https://www.yeswehack.com/en/blog/pwnmachine-quick-updatehttps://www.yeswehack.com/en/blog/pwnmachine-quick-updateWed, 22 Sep 2021 12:58:00 GMT<![CDATA[3 Ways to Reduce Overhead Costs and Resources with Bug Bounty Programs]]>https://www.yeswehack.com/en/blog/reduce-overhead-costs-and-resources-with-bug-bountyhttps://www.yeswehack.com/en/blog/reduce-overhead-costs-and-resources-with-bug-bountyMon, 20 Sep 2021 12:27:00 GMT<![CDATA[Tips for writing your best Bug Bounty report]]>https://www.yeswehack.com/en/blog/tips-write-report-bug-bountyhttps://www.yeswehack.com/en/blog/tips-write-report-bug-bountyThu, 16 Sep 2021 14:51:00 GMT<![CDATA[3 Ways to Stretch Your Security Budget Further With Bug Bounty Programs]]>https://www.yeswehack.com/en/blog/3-ways-to-stretch-your-security-budget-further-with-bug-bounty-programshttps://www.yeswehack.com/en/blog/3-ways-to-stretch-your-security-budget-further-with-bug-bounty-programsMon, 13 Sep 2021 12:31:00 GMT<![CDATA[Crowdsourced Security by YesWeHack Helps Swiss Post to Secure Switzerland’s Digital Trust With Rewards up to 230K Euros]]>https://www.yeswehack.com/en/blog/yeswehack-helps-swiss-post-to-secure-switzerlands-digital-trust-with-rewardshttps://www.yeswehack.com/en/blog/yeswehack-helps-swiss-post-to-secure-switzerlands-digital-trust-with-rewardsTue, 07 Sep 2021 12:36:00 GMT<![CDATA[Introduction to postMessage() Vulnerabilities]]>https://www.yeswehack.com/en/blog/introduction-postmessage-vulnerabilitieshttps://www.yeswehack.com/en/blog/introduction-postmessage-vulnerabilitiesWed, 25 Aug 2021 14:52:00 GMT<![CDATA[Give Your Business The Much Needed Security Reality Check With Bug Bounty Programs]]>https://www.yeswehack.com/en/blog/get-a-security-reality-check-with-public-bug-bounty-programshttps://www.yeswehack.com/en/blog/get-a-security-reality-check-with-public-bug-bounty-programsTue, 10 Aug 2021 12:42:00 GMT<![CDATA[DOJO CHALLENGE #12 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-12-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-12-winnersFri, 30 Jul 2021 15:20:00 GMT<![CDATA[Pentesting Electron Applications]]>https://www.yeswehack.com/en/blog/pentesting-electron-applicationshttps://www.yeswehack.com/en/blog/pentesting-electron-applicationsWed, 28 Jul 2021 15:00:00 GMT<![CDATA[YesWeHack raises €16 million to accelerate its international expansion]]>https://www.yeswehack.com/en/blog/yeswehack-raises-e16-million-to-accelerate-its-international-expansionhttps://www.yeswehack.com/en/blog/yeswehack-raises-e16-million-to-accelerate-its-international-expansionThu, 22 Jul 2021 13:18:00 GMT<![CDATA[Benefits of Bug Bounty Programs to Build Transparency and Improve Accountability]]>https://www.yeswehack.com/en/blog/benefits-bug-bounty-build-transparency-and-improve-accountabilityhttps://www.yeswehack.com/en/blog/benefits-bug-bounty-build-transparency-and-improve-accountabilityWed, 21 Jul 2021 13:20:00 GMT<![CDATA[Virtual Patching of Vulnerabilities at the Pace of Business]]>https://www.yeswehack.com/en/blog/virtual-patching-of-vulnerabilities-at-the-pace-of-businesshttps://www.yeswehack.com/en/blog/virtual-patching-of-vulnerabilities-at-the-pace-of-businessThu, 01 Jul 2021 13:26:00 GMT<![CDATA[PimpMyBurp #5 – Intruder: Use the tool to its full advantage]]>https://www.yeswehack.com/en/blog/pimpmyburp-5-burp-suite-intruder-tool-full-advantagehttps://www.yeswehack.com/en/blog/pimpmyburp-5-burp-suite-intruder-tool-full-advantageWed, 30 Jun 2021 12:24:00 GMT<![CDATA[DOJO CHALLENGE #11 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-11-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-11-winnersMon, 28 Jun 2021 15:26:00 GMT<![CDATA[Bug Bounty on Android : setup your Genymotion environment for APK analysis]]>https://www.yeswehack.com/en/blog/bug-bounty-android-setup-genymotion-environment-apk-analysishttps://www.yeswehack.com/en/blog/bug-bounty-android-setup-genymotion-environment-apk-analysisWed, 23 Jun 2021 15:06:00 GMT<![CDATA[Blind XSS : setup your self-hosted XSS Hunter with the PwnMachine]]>https://www.yeswehack.com/en/blog/blind-xss-setup-self-hosted-xss-hunter-pwnmachinehttps://www.yeswehack.com/en/blog/blind-xss-setup-self-hosted-xss-hunter-pwnmachineFri, 18 Jun 2021 15:13:00 GMT<![CDATA[File Upload Attacks (Part 2)]]>https://www.yeswehack.com/en/blog/file-upload-attacks-part-2https://www.yeswehack.com/en/blog/file-upload-attacks-part-2Wed, 16 Jun 2021 15:18:00 GMT<![CDATA[YESWEHACK PROPHILE ON ZAX]]>https://www.yeswehack.com/en/blog/yeswehack-prophile-on-zaxhttps://www.yeswehack.com/en/blog/yeswehack-prophile-on-zaxMon, 14 Jun 2021 13:03:00 GMT<![CDATA[Southeast Asia eCommerce platform Lazada launches public Bug Bounty program with YesWeHack]]>https://www.yeswehack.com/en/blog/ecommerce-platform-lazada-launches-public-bug-bounty-program-with-yeswehackhttps://www.yeswehack.com/en/blog/ecommerce-platform-lazada-launches-public-bug-bounty-program-with-yeswehackThu, 10 Jun 2021 13:30:00 GMT<![CDATA[PwnMachineV2: a new version of the self hosted pwning environment for Bug Bounty]]>https://www.yeswehack.com/en/blog/pwnmachine-new-version-pwn-environmenthttps://www.yeswehack.com/en/blog/pwnmachine-new-version-pwn-environmentWed, 09 Jun 2021 13:07:00 GMT<![CDATA[DOJO CHALLENGE #10 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-10-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-10-winnersTue, 25 May 2021 15:32:00 GMT<![CDATA[How a world-renowned luxury brand implemented a crowdsourced security strategy]]>https://www.yeswehack.com/en/blog/how-a-world-renowned-luxury-brand-implemented-a-crowdsourced-security-strategyhttps://www.yeswehack.com/en/blog/how-a-world-renowned-luxury-brand-implemented-a-crowdsourced-security-strategyFri, 21 May 2021 13:37:00 GMT<![CDATA[PimpMyBurp #4: Burp Suite extensions that should get your attention!]]>https://www.yeswehack.com/en/blog/pimpmyburp-4-burp-suite-extensions-should-get-your-attentionhttps://www.yeswehack.com/en/blog/pimpmyburp-4-burp-suite-extensions-should-get-your-attentionWed, 19 May 2021 12:29:00 GMT<![CDATA[File Upload Attacks (Part 1)]]>https://www.yeswehack.com/en/blog/file-upload-attacks-part-1https://www.yeswehack.com/en/blog/file-upload-attacks-part-1Wed, 12 May 2021 15:22:00 GMT<![CDATA[YesWeBurp 2.0 : A new version of our Burp Suite extension is available]]>https://www.yeswehack.com/en/blog/yesweburp-new-version-burp-suite-extension-availablehttps://www.yeswehack.com/en/blog/yesweburp-new-version-burp-suite-extension-availableMon, 10 May 2021 13:12:00 GMT<![CDATA[YESWEHACK PROPHILE ON S5S]]>https://www.yeswehack.com/en/blog/yeswehack-prophile-on-s5shttps://www.yeswehack.com/en/blog/yeswehack-prophile-on-s5sTue, 04 May 2021 13:15:00 GMT<![CDATA[YesWeHack has received the “Cybersecurity Made in Europe” label issued by ECSO]]>https://www.yeswehack.com/en/blog/yeswehack-has-received-the-cybersecurity-made-in-europe-labelhttps://www.yeswehack.com/en/blog/yeswehack-has-received-the-cybersecurity-made-in-europe-labelWed, 28 Apr 2021 13:43:00 GMT<![CDATA[DOJO CHALLENGE #9 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-9-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-9-winnersMon, 26 Apr 2021 15:38:00 GMT<![CDATA[How-To: Learn how to write a Burp Suite extension in Kotlin – Setting up]]>https://www.yeswehack.com/en/blog/how-to-learn-write-burp-suite-extension-kotlin-setting-uphttps://www.yeswehack.com/en/blog/how-to-learn-write-burp-suite-extension-kotlin-setting-upWed, 21 Apr 2021 13:17:00 GMT<![CDATA[Swiss Post launches public Bug Bounty program with YesWeHack]]>https://www.yeswehack.com/en/blog/swiss-post-launches-public-bug-bounty-program-with-yeswehackhttps://www.yeswehack.com/en/blog/swiss-post-launches-public-bug-bounty-program-with-yeswehackThu, 15 Apr 2021 13:45:00 GMT<![CDATA[Parrot launches its Bug Bounty in partnership with YesWeHack]]>https://www.yeswehack.com/en/blog/parrot-launches-its-bug-bounty-in-partnership-with-yeswehackhttps://www.yeswehack.com/en/blog/parrot-launches-its-bug-bounty-in-partnership-with-yeswehackTue, 06 Apr 2021 14:03:00 GMT<![CDATA[DOJO CHALLENGE #8 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-8-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-8-winnersMon, 29 Mar 2021 09:01:00 GMT<![CDATA[YesWeHack Tracker 2.1 – it’s all about communication and collaboration]]>https://www.yeswehack.com/en/blog/yeswehack-tracker-2-1-communication-and-collaborationhttps://www.yeswehack.com/en/blog/yeswehack-tracker-2-1-communication-and-collaborationThu, 25 Mar 2021 15:06:00 GMT<![CDATA[Achieve Agile Transformation with a Bug Bounty Platform]]>https://www.yeswehack.com/en/blog/achieve-agile-transformation-with-a-bug-bounty-platformhttps://www.yeswehack.com/en/blog/achieve-agile-transformation-with-a-bug-bounty-platformThu, 18 Mar 2021 15:08:00 GMT<![CDATA[DOJO CHALLENGE #7 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-7-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-7-winnersFri, 12 Mar 2021 10:44:00 GMT<![CDATA[PimpMyBurp #3 – AutoRepeater: add automation to your beautiful hunter life]]>https://www.yeswehack.com/en/blog/pimpmyburp-autorepeater-add-automation-burp-suitehttps://www.yeswehack.com/en/blog/pimpmyburp-autorepeater-add-automation-burp-suiteWed, 10 Mar 2021 13:35:00 GMT<![CDATA[PimpMyBurp #2 – Auth Analyzer : How to test horizontal and vertical privileges escalation]]>https://www.yeswehack.com/en/blog/pimpmyburp-auth-analyzer-test-horizontal-vertical-privileges-escalationhttps://www.yeswehack.com/en/blog/pimpmyburp-auth-analyzer-test-horizontal-vertical-privileges-escalationWed, 17 Feb 2021 13:38:00 GMT<![CDATA[Sound policy for a vulnerable-by-default cyberspace]]>https://www.yeswehack.com/en/blog/sound-policy-for-a-vulnerable-by-default-cyberspacehttps://www.yeswehack.com/en/blog/sound-policy-for-a-vulnerable-by-default-cyberspaceThu, 11 Feb 2021 15:12:00 GMT<![CDATA[Ship Innovative Software Faster with YesWeHack Tracker 2.0]]>https://www.yeswehack.com/en/blog/ship-innovative-software-faster-with-yeswehack-tracker-2-0https://www.yeswehack.com/en/blog/ship-innovative-software-faster-with-yeswehack-tracker-2-0Tue, 09 Feb 2021 15:38:00 GMT<![CDATA[PimpMyBurp #1 – PwnFox + Autorize: The perfect combo to find IDOR]]>https://www.yeswehack.com/en/blog/pimpmyburp-pwnfox-autorize-find-idorhttps://www.yeswehack.com/en/blog/pimpmyburp-pwnfox-autorize-find-idorWed, 03 Feb 2021 13:42:00 GMT<![CDATA[Resilience through community: Looking forward to 2021]]>https://www.yeswehack.com/en/blog/resilience-through-community-in-2021https://www.yeswehack.com/en/blog/resilience-through-community-in-2021Thu, 28 Jan 2021 15:41:00 GMT<![CDATA[How cybersecurity players gain customer trust with Bug Bounty]]>https://www.yeswehack.com/en/blog/how-cybersecurity-players-gain-customer-with-bug-bountyhttps://www.yeswehack.com/en/blog/how-cybersecurity-players-gain-customer-with-bug-bountyTue, 26 Jan 2021 15:45:00 GMT<![CDATA[DOJO CHALLENGE #6 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-6-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-6-winnersTue, 22 Dec 2020 11:11:00 GMT<![CDATA[DOJO CHALLENGE #3 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-3-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-3-winnersWed, 25 Nov 2020 13:22:00 GMT<![CDATA[Vulnerability Disclosure Policy through the eyes of a bug hunter]]>https://www.yeswehack.com/en/blog/vulnerability-disclosure-policy-through-the-eyes-of-a-bug-hunterhttps://www.yeswehack.com/en/blog/vulnerability-disclosure-policy-through-the-eyes-of-a-bug-hunterMon, 23 Nov 2020 15:53:00 GMT<![CDATA[DOJO CHALLENGE #2 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-2-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-2-winnersTue, 17 Nov 2020 13:30:00 GMT<![CDATA[Practical vulnerability disclosure: VDP made easy]]>https://www.yeswehack.com/en/blog/practical-vulnerability-disclosure-vdp-made-easyhttps://www.yeswehack.com/en/blog/practical-vulnerability-disclosure-vdp-made-easyThu, 15 Oct 2020 15:35:00 GMT<![CDATA[YesWeHack joins Tech4Trust, Switzerland’s cybersecurity accelerator]]>https://www.yeswehack.com/en/blog/yeswehack-selected-to-join-the-tech4trust-programhttps://www.yeswehack.com/en/blog/yeswehack-selected-to-join-the-tech4trust-programFri, 09 Oct 2020 15:38:00 GMT<![CDATA[Bug Bounty: the business enabler of any DevSecOps toolchain]]>https://www.yeswehack.com/en/blog/bug-bounty-the-business-enabler-of-any-devsecops-toolchainhttps://www.yeswehack.com/en/blog/bug-bounty-the-business-enabler-of-any-devsecops-toolchainThu, 17 Sep 2020 15:39:00 GMT<![CDATA[DOJO CHALLENGE #5 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-5-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-5-winnersSat, 12 Sep 2020 12:04:00 GMT<![CDATA[Cybersecurity spending: fulfil priorities with leaner resources]]>https://www.yeswehack.com/en/blog/cybersecurity-spending-fulfil-priorities-with-leaner-resourceshttps://www.yeswehack.com/en/blog/cybersecurity-spending-fulfil-priorities-with-leaner-resourcesThu, 03 Sep 2020 15:49:00 GMT<![CDATA[How we help our clients step-by-step in their Bug Bounty journey]]>https://www.yeswehack.com/en/blog/how-we-help-our-clients-step-by-step-in-their-bug-bounty-journeyhttps://www.yeswehack.com/en/blog/how-we-help-our-clients-step-by-step-in-their-bug-bounty-journeyWed, 26 Aug 2020 15:53:00 GMT<![CDATA[Learn ethical hacking: Insights from YesWeHackEDU users]]>https://www.yeswehack.com/en/blog/learn-ethical-hacking-insights-from-yeswehackedu-usershttps://www.yeswehack.com/en/blog/learn-ethical-hacking-insights-from-yeswehackedu-usersThu, 20 Aug 2020 15:59:00 GMT<![CDATA[Coordinated Vulnerability Disclosure policy for a safer cyberspace]]>https://www.yeswehack.com/en/blog/coordinated-vulnerability-disclosure-policy-for-a-safer-cyberspacehttps://www.yeswehack.com/en/blog/coordinated-vulnerability-disclosure-policy-for-a-safer-cyberspaceThu, 06 Aug 2020 16:09:00 GMT<![CDATA[DevSecOps: Integrating security from idea to continuous delivery]]>https://www.yeswehack.com/en/blog/devsecops-integrating-security-from-idea-to-continuous-deliveryhttps://www.yeswehack.com/en/blog/devsecops-integrating-security-from-idea-to-continuous-deliveryThu, 30 Jul 2020 16:13:00 GMT<![CDATA[Boosting E-Commerce Security: PrestaShop's Success with YesWeHack's Public Bug Bounty Program]]>https://www.yeswehack.com/en/blog/prestashop-europes-leading-ecommerce-software-moves-to-public-bug-bounty-programmehttps://www.yeswehack.com/en/blog/prestashop-europes-leading-ecommerce-software-moves-to-public-bug-bounty-programmeThu, 23 Jul 2020 01:42:00 GMT<![CDATA[Presenting The Pwning-Machine, a versatile and easy to setup Bug bounty environment.]]>https://www.yeswehack.com/en/blog/the-pwning-machinehttps://www.yeswehack.com/en/blog/the-pwning-machineThu, 16 Jul 2020 01:46:00 GMT<![CDATA[YESWEHACK PROPHILE ON SONNY]]>https://www.yeswehack.com/en/blog/yeswehack-prophile-on-sonnyhttps://www.yeswehack.com/en/blog/yeswehack-prophile-on-sonnyThu, 02 Jul 2020 13:39:00 GMT<![CDATA[A framework for successful vulnerability disclosure policy]]>https://www.yeswehack.com/en/blog/a-framework-for-successful-vulnerability-disclosure-policyhttps://www.yeswehack.com/en/blog/a-framework-for-successful-vulnerability-disclosure-policyThu, 11 Jun 2020 01:48:00 GMT<![CDATA[How cloud providers use bug bounty to increase customer trust]]>https://www.yeswehack.com/en/blog/how-cloud-providers-use-bug-bounty-to-increase-customers-trusthttps://www.yeswehack.com/en/blog/how-cloud-providers-use-bug-bounty-to-increase-customers-trustThu, 04 Jun 2020 01:52:00 GMT<![CDATA[YesWeHack ensures the continuous security of France’s COVID-19 contact tracing app]]>https://www.yeswehack.com/en/blog/yeswehack-ensures-the-continuous-security-of-frances-covid-19-contact-tracing-apphttps://www.yeswehack.com/en/blog/yeswehack-ensures-the-continuous-security-of-frances-covid-19-contact-tracing-appTue, 26 May 2020 02:00:00 GMT<![CDATA[Mobilising collective intelligence for better security]]>https://www.yeswehack.com/en/blog/vulnerability-coordination-mobilising-collective-intelligence-for-better-securityhttps://www.yeswehack.com/en/blog/vulnerability-coordination-mobilising-collective-intelligence-for-better-securityThu, 14 May 2020 02:04:00 GMT<![CDATA[FireBounty x ONYPHE: Surfacing disclosure policies gets a boost]]>https://www.yeswehack.com/en/blog/firebounty-x-onyphe-surfacing-disclosure-policies-gets-a-boosthttps://www.yeswehack.com/en/blog/firebounty-x-onyphe-surfacing-disclosure-policies-gets-a-boostThu, 07 May 2020 02:08:00 GMT<![CDATA[YESWEHACK PROPHILE ON HISXO]]>https://www.yeswehack.com/en/blog/yeswehack-prophile-on-hisxohttps://www.yeswehack.com/en/blog/yeswehack-prophile-on-hisxoThu, 30 Apr 2020 13:40:00 GMT<![CDATA[Olvid, the ultra-secure messaging app, moves to public bug bounty program]]>https://www.yeswehack.com/en/blog/olvid-the-ultra-secure-messaging-app-moves-to-public-bug-bounty-programhttps://www.yeswehack.com/en/blog/olvid-the-ultra-secure-messaging-app-moves-to-public-bug-bounty-programTue, 28 Apr 2020 06:02:00 GMT<![CDATA[Roles and responsibilities for efficient vulnerability disclosure]]>https://www.yeswehack.com/en/blog/roles-and-responsibilities-for-efficient-vulnerability-disclosurehttps://www.yeswehack.com/en/blog/roles-and-responsibilities-for-efficient-vulnerability-disclosureThu, 16 Apr 2020 06:07:00 GMT<![CDATA[ZeroDisclo.com: Vulnerability disclosure done right]]>https://www.yeswehack.com/en/blog/zerodisclo-com-vulnerability-disclosure-done-righthttps://www.yeswehack.com/en/blog/zerodisclo-com-vulnerability-disclosure-done-rightThu, 09 Apr 2020 06:09:00 GMT<![CDATA[How a heavily regulated financial institution implemented Bug Bounty]]>https://www.yeswehack.com/en/blog/how-a-heavily-regulated-financial-institution-implemented-bug-bountyhttps://www.yeswehack.com/en/blog/how-a-heavily-regulated-financial-institution-implemented-bug-bountyThu, 02 Apr 2020 06:20:00 GMT<![CDATA[YesWeHackEDU: Addressing talent shortage through Bug Bounty]]>https://www.yeswehack.com/en/blog/yeswehackedu-addressing-talent-shortage-through-bug-bountyhttps://www.yeswehack.com/en/blog/yeswehackedu-addressing-talent-shortage-through-bug-bountyThu, 26 Mar 2020 06:24:00 GMT<![CDATA[How Outscale secures its sovereign cloud with YesWeHack]]>https://www.yeswehack.com/en/blog/how-outscale-secures-its-sovereign-cloud-with-yeswehackhttps://www.yeswehack.com/en/blog/how-outscale-secures-its-sovereign-cloud-with-yeswehackMon, 09 Mar 2020 06:27:00 GMT<![CDATA[DOJO CHALLENGE #4 Winners!]]>https://www.yeswehack.com/en/blog/dojo-challenge-4-winnershttps://www.yeswehack.com/en/blog/dojo-challenge-4-winnersWed, 12 Feb 2020 13:11:00 GMT<![CDATA[Showcasing your vulnerability disclosure policy to the world]]>https://www.yeswehack.com/en/blog/showcasing-your-vulnerability-disclosure-policy-to-the-worldhttps://www.yeswehack.com/en/blog/showcasing-your-vulnerability-disclosure-policy-to-the-worldThu, 23 Jan 2020 06:31:00 GMT<![CDATA[Deezer protects their artists & users with a public Bug Bounty program]]>https://www.yeswehack.com/en/blog/deezer-protects-their-artists-users-with-a-public-bug-bounty-programhttps://www.yeswehack.com/en/blog/deezer-protects-their-artists-users-with-a-public-bug-bounty-programMon, 20 Jan 2020 06:40:00 GMT<![CDATA[BlaBlaCar leverages crowdsourced security to secure its millions of users’ data]]>https://www.yeswehack.com/en/blog/blablacar-leverages-crowdsourced-security-to-secure-its-millions-of-users-datahttps://www.yeswehack.com/en/blog/blablacar-leverages-crowdsourced-security-to-secure-its-millions-of-users-dataMon, 13 Jan 2020 06:44:00 GMT<![CDATA[YESWEHACK PROPHILE ON EBODA]]>https://www.yeswehack.com/en/blog/yeswehack-prophile-on-ebodahttps://www.yeswehack.com/en/blog/yeswehack-prophile-on-ebodaWed, 11 Dec 2019 14:41:00 GMT<![CDATA[Bug Bounty’s strengths compared to penetration testing]]>https://www.yeswehack.com/en/blog/bug-bounty-strengths-compared-to-penetration-testinghttps://www.yeswehack.com/en/blog/bug-bounty-strengths-compared-to-penetration-testingMon, 25 Nov 2019 06:48:00 GMT<![CDATA[Fighting malware at the roots]]>https://www.yeswehack.com/en/blog/fighting-malware-at-the-rootshttps://www.yeswehack.com/en/blog/fighting-malware-at-the-rootsTue, 12 Nov 2019 06:51:00 GMT<![CDATA[YesWeHack EDU, the world’s first Bug Bounty educational platform]]>https://www.yeswehack.com/en/blog/yeswehack-edu-the-worlds-first-bug-bounty-educational-platformhttps://www.yeswehack.com/en/blog/yeswehack-edu-the-worlds-first-bug-bounty-educational-platformWed, 06 Nov 2019 06:57:00 GMT<![CDATA[Bug bounty is significantly more cost-effective than penetration testing]]>https://www.yeswehack.com/en/blog/bug-bounty-is-much-more-cost-effective-than-penetration-testinghttps://www.yeswehack.com/en/blog/bug-bounty-is-much-more-cost-effective-than-penetration-testingTue, 05 Nov 2019 07:02:00 GMT<![CDATA[Bug bounty agility is key for small organisations]]>https://www.yeswehack.com/en/blog/bug-bounty-agility-is-key-for-small-organisationshttps://www.yeswehack.com/en/blog/bug-bounty-agility-is-key-for-small-organisationsMon, 21 Oct 2019 07:08:00 GMT<![CDATA[We have a small message for the hackers playing with us.]]>https://www.yeswehack.com/en/blog/we-have-a-small-message-for-our-huntershttps://www.yeswehack.com/en/blog/we-have-a-small-message-for-our-huntersThu, 17 Oct 2019 14:02:00 GMT<![CDATA[gitGraber: A tool to monitor GitHub in real-time to find sensitive data]]>https://www.yeswehack.com/en/blog/gitgraber-a-tool-to-monitor-github-in-real-time-to-find-sensitive-datahttps://www.yeswehack.com/en/blog/gitgraber-a-tool-to-monitor-github-in-real-time-to-find-sensitive-dataTue, 08 Oct 2019 07:12:00 GMT<![CDATA[YESWEHACK PROPHILE ON Ak1t4]]>https://www.yeswehack.com/en/blog/yeswehack-prophile-on-ak1t4https://www.yeswehack.com/en/blog/yeswehack-prophile-on-ak1t4Tue, 24 Sep 2019 13:43:00 GMT<![CDATA[Singapore Polytechnic partners with YesWeHack to hold its first-ever bug bounty event]]>https://www.yeswehack.com/en/blog/singapore-polytechnic-partners-with-yeswehackhttps://www.yeswehack.com/en/blog/singapore-polytechnic-partners-with-yeswehackFri, 06 Sep 2019 07:50:00 GMT<![CDATA[A quick update on our ranking point system]]>https://www.yeswehack.com/en/blog/a-quick-update-on-our-point-systemhttps://www.yeswehack.com/en/blog/a-quick-update-on-our-point-systemWed, 24 Jul 2019 08:49:00 GMT<![CDATA[YesWeHack & Alibaba Security Meetup challenge solution]]>https://www.yeswehack.com/en/blog/yeswehack-alibaba-hackinggame-writeuphttps://www.yeswehack.com/en/blog/yeswehack-alibaba-hackinggame-writeupTue, 25 Jun 2019 14:08:00 GMT<![CDATA[Catch the flag, catch the (real!) gold]]>https://www.yeswehack.com/en/blog/catch-the-flag-catch-the-goldhttps://www.yeswehack.com/en/blog/catch-the-flag-catch-the-goldTue, 11 Jun 2019 08:57:00 GMT<![CDATA[Let’s break stuff together Singapore: YesWeHack is coming up with a brand new CTF at Infosec in the City!]]>https://www.yeswehack.com/en/blog/lets-break-stuff-together-singapore-yeswehack-is-coming-up-with-a-brand-new-ctf-at-infosec-in-the-cityhttps://www.yeswehack.com/en/blog/lets-break-stuff-together-singapore-yeswehack-is-coming-up-with-a-brand-new-ctf-at-infosec-in-the-cityFri, 07 Jun 2019 09:30:00 GMT<![CDATA[The Cybersecurity Act: Strengthening coordinated vulnerability disclosure at the European level]]>https://www.yeswehack.com/en/blog/the-cybersecurity-act-strengthening-coordinated-vulnerability-disclosure-at-the-european-levelhttps://www.yeswehack.com/en/blog/the-cybersecurity-act-strengthening-coordinated-vulnerability-disclosure-at-the-european-levelWed, 05 Jun 2019 09:33:00 GMT<![CDATA[YesWeHack – Europe’s leading Bug Bounty platform – is opening an office in Singapore]]>https://www.yeswehack.com/en/blog/yeswehack-europes-leading-bug-bounty-platform-is-opening-an-office-in-singaporehttps://www.yeswehack.com/en/blog/yeswehack-europes-leading-bug-bounty-platform-is-opening-an-office-in-singaporeMon, 27 May 2019 09:37:00 GMT<![CDATA[New YesWeHack Api Extension for Burp]]>https://www.yeswehack.com/en/blog/new-burpsuite-extensionhttps://www.yeswehack.com/en/blog/new-burpsuite-extensionFri, 24 May 2019 09:46:00 GMT<![CDATA[Solution for “A Weird XSS Case”]]>https://www.yeswehack.com/en/blog/solution-for-a-weird-xss-casehttps://www.yeswehack.com/en/blog/solution-for-a-weird-xss-caseMon, 01 Apr 2019 13:47:00 GMT<![CDATA[New features for quicker and improved Bug Reporting!]]>https://www.yeswehack.com/en/blog/new-features-for-quicker-and-improved-bug-reportinghttps://www.yeswehack.com/en/blog/new-features-for-quicker-and-improved-bug-reportingTue, 19 Mar 2019 10:24:00 GMT<![CDATA[Lucas aka BitK: high level bug hunter and the brand new YesWeHack Tech Ambassador.]]>https://www.yeswehack.com/en/blog/lucas-aka-bitk-bug-hunter-and-yeswehack-tech-ambassadorhttps://www.yeswehack.com/en/blog/lucas-aka-bitk-bug-hunter-and-yeswehack-tech-ambassadorFri, 15 Mar 2019 10:33:00 GMT<![CDATA[We are SPARTAns: Re-imagining cybersecurity for the European Union]]>https://www.yeswehack.com/en/blog/we-are-spartans-re-imagining-cybersecurity-for-the-european-unionhttps://www.yeswehack.com/en/blog/we-are-spartans-re-imagining-cybersecurity-for-the-european-unionThu, 28 Feb 2019 10:39:00 GMT<![CDATA[[ITW] Daniel Kalinowski: “Participating in bug bounties improves your skills and increase the overall knowledge.”]]>https://www.yeswehack.com/en/blog/itw-daniel-kalinowskihttps://www.yeswehack.com/en/blog/itw-daniel-kalinowskiMon, 18 Feb 2019 10:44:00 GMT<![CDATA[YesWeHack raises €4 million and plans to disrupt Europe’s cybersecurity market]]>https://www.yeswehack.com/en/blog/yeswehack-raises-e4-million-and-plans-to-disrupt-europes-cybersecurity-markethttps://www.yeswehack.com/en/blog/yeswehack-raises-e4-million-and-plans-to-disrupt-europes-cybersecurity-marketThu, 14 Feb 2019 13:03:00 GMT<![CDATA[French Armed Forces Ministry launches a Bug Bounty program]]>https://www.yeswehack.com/en/blog/french-armed-forces-ministry-launches-a-bug-bounty-programhttps://www.yeswehack.com/en/blog/french-armed-forces-ministry-launches-a-bug-bounty-programFri, 25 Jan 2019 14:41:00 GMT<![CDATA[Incentive Policy for Coordinated Vulnerability Disclosure]]>https://www.yeswehack.com/en/blog/incentive-policy-for-coordinated-vulnerability-disclosurehttps://www.yeswehack.com/en/blog/incentive-policy-for-coordinated-vulnerability-disclosureTue, 18 Apr 2017 08:05:00 GMT