Saddam Hussain

Saddam Hussain
Saddam works as a Security Engineer at PhonePe. He is a part time bug bounty hunter and an enchanted traveller. He loves finding business logics issues.

Talk / Workshop
Description
Talk

Business Logic Issues : The unexplored dark areas with plethora of bugs

In today's world, the internet is a powerful tool for resources, making it easier to identify and understand technical vulnerabilities. But what about the business logic issues that can range from very low to critical impacts on organizations? In this talk, we will discuss how we found business logic issues, the vulnerabilities that were identified and our approach to hunting for these bugs. We will explore the importance of understanding the logic in place and how it can be abused to create a impact on the business. Get ready to dive into the world of business logic vulnerabilities and the potential risks they can pose to organizations.

The talk will not only discuss the issues but also the patches implemented by developers and their bypasses.

The outline of the talk will be as follows:
- Understanding business logic issues
- Approaching applications
- Where to look and what to look for
- Examples of issues found
- Patches made by developers
- Bypass for the patches

Subscribe and get our news and updates.