The bug bounty platform Intigriti hosted an online conference on cybersecurity. Many different topics were covered: different ways for finding vulnerabilities, information on starting a bug bounty program, creating tools and more! I was invited by Intigriti to give a talk at the conference. I thought it would be fun and interesting to talk about a particular type of vulnerability and how to find it. So I ended up devoting my talk to two-step verification. More and more platforms offer the ability to enable this but in many cases it is not implemented in a secure way. In my talk I elaborate on the different vulnerabilities that can be found in two-step verification implementations and how these vulnerabilities can be prevented.
The video of my presentation at the conference can be seen here: