The internet is changing, at a much faster pace today with cloud computing being so easily accessible. As the attack surface of the internet (IPv4) changes there are periods of time where vulnerabilities are present but dissipate quickly.
By being able to monitor an organisation and effectively determine these changes, we’ve found a number of critical vulnerabilities within networks and applications that are only present for a short period of time. This presentation will detail multiple critical vulnerabilities found by participating in bug bounty programs that we classify as ephemeral vulnerabilities, and the details on how we identified and exploited them in the first place.