Reversing Bytecode into Bounties: Uncovering Vulnerabilities in Jira and Confluence Plugins
by Giuliana & Jamal | - 11:45am
Whitebox assessments are like unlocking the entire game map, and it’s totally up to you to decide what’s worth exploring. Understanding how to decompile apps and navigate them will equip you with the skills to uncover vulnerabilities that are often overlooked and collect those coins.
We’ll guide you through picking the right targets, decompiling Java bytecode, identifying critical routes, and running effective scanners. During this talk we’ll demonstrate vulnerabilities we have found with these techniques, and give you all the tools you need to get started on your journey along the rainbow road of Jira and Confluence plugins. Basically, this is our power-up JAR gift to you.
Whether you’re a seasoned security plumber (internal security team, bug bounty hunter, hobbyist) or just starting out, this interactive session will level up your ability to turn bytecode into bounties.
About Giuliana & Jamal
Giuliana and Jamal are best friends and Security Engineers at Atlassian. Giuliana likes poking at things on her laptop until it does something it isn’t suppose to, alongside a healthy dose of food and fashion. Jamal likes computers and masquerading as a farmer. Both like making new friends and wholesome security vibes, so come say hi!