Speaker

Ryan Bonner

Ryan Bonner

Senior Security Consultant

Enid, Oklahoma, United States

Actions

Ryan 'Roll4Combat' Bonner is a penetration tester and educator who gets his kicks from breaking things and sharing the knowledge. By day, he's a Senior Cybersecurity Consultant, testing the defenses of web apps and corporate networks. By night, he dives into AI and bug bounty hunting

A firm believer that we all get better by sharing, Ryan is a community speaker at events like BSides and DEF CON. He is committed to paying forward the mentorship that launched his career by helping others get their start in the community.

Area of Expertise

  • Consumer Goods & Services
  • Finance & Banking
  • Government, Social Sector & Education
  • Health & Medical
  • Information & Communications Technology

Topics

  • cybersecurity

A Series of Unfortunate Event (Listeners)

Modern applications are complex chains of events and listeners.
In bug bounty, a single insecure listener is all it takes. This talk dives deep into client-side exploit chains, all starting from one simple mistake, a bad listener. We'll walk through 3-5 bug bounty findings, showing how to turn a postMessage listener into exfiltration, abuse trusting iFrames' onmessage handler, and escalate a prototype pollution flaw. This is a quick, practical guide to finding, exploiting, and understanding these types of bugs and how to look for maximum payout.

Plumbing The Plumber: A Playbook for Integration Servers

This will be your field guide for hunting down and finding the complex plumbing of integration servers. From Webmethods, Oracle Integrations and other similar integration servers, we are going to look at ways to find them exposed to the internet and how to identify common misconfigurations through reconnaissance.

Toolkit - Discover methods to identify various integration technologies in the wild, even those trying to stay hidden

Endpoints - learn about forgotten management consoles, exposed API's and how these mostly forgotten plumbing can lead to big wins (bug bounty)

Actionable - Walk away with recon techniques that you can immediately apply for offensive assessments or bolster your defensive posture finding your own organizations hidden infrastructure.

My A-Z approach will cover techniques from dorking, Shodan/Censys queries, HTTP header analysis, and favicon hashing, demonstrating the immense value (both offensive and defensive) of meticulously hunting these hubs. I'll showcase 4-5 distinct methodologies to effectively find these servers.

To aid your hunts, I will also share a custom tool developed for identifying and fingerprinting exposed integration servers."

Fuck Your Integrations: A Practical Guide To Breaking IBM WebMethods

Talk about attacking IBM WebMethods via a mix of default credentials + misconfigured API's.

GRRCon

Beyond The Perimeter: Recon (an intro)

Introduction to Recon and how to think about it when working through as well as a simple and effective playbook to use.

BsidesDSM

Recon Village @ DEFCON 2025 Sessionize Event

August 2025 Las Vegas, Nevada, United States

Ryan Bonner

Senior Security Consultant

Enid, Oklahoma, United States

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top