Episode 33: The Master of Hacker Show&Tell: Inti De Ceukelaire
Critical Thinking - Bug Bounty Podcast24 Elo 2023

Episode 33: The Master of Hacker Show&Tell: Inti De Ceukelaire

Episode 33: In this episode of Critical Thinking - Bug Bounty Podcast, we welcome Inti De Ceukelaire, a seasoned bug hunter known for his creative storytelling and impactful show-and-tell bugs…and let us tell you, his stories do not disappoint! From his bug bounty journey to some pretty wild hacks, Inti captivates us as only Inti can. We discuss the potential life-saving impact of bug bounty reports, especially in areas such as transportation and medical devices. We also cover hacker mentality, the benefits of objective-based challenges, and the need for collaboration and alignment within the bug bounty community. It’s a mesmerizing episode, so sit back and be swept away by Inti’s tales.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Today’s Guest:

https://twitter.com/securinti

Inti's Shopify Show-and-Tell

https://hackerone.com/reports/1086108

Hakluke's article on Bug Bounty Standards

https://github.com/hakluke/bug-bounty-standards

Researching MissingNo Glitch in Pokemon

https://youtu.be/p8OBktd42GI

Intigriti

https://www.intigriti.com/

Timestamps:

(00:00:00) Introduction

(00:03:01) Show-and-Tells and Storytelling in Live Hacking Events

(00:08:30) Impact Assessment and the potential real-life significance of reporting vulnerabilities.

(00:13:50) Ethical dilemmas, gaming the systems, and safe harbor.

(00:23:30) Inti’s Hacking Journey

(00:27:26) Hacker mentality, brainstorming, and goal-setting.

(00:46:28) The benefit of mental resets, fresh perspectives, and ‘surprise collaboration’

(00:52:55) Inti’s Story 1: CSS Injection bugs

(01:06:20) Inti’s Story 2: The Ticket Trick

(01:14:00) Inti’s Story 3: The Gotcha PasswordBug

(01:18:30) Upcoming Intigriti Live Hacking Event

Jaksot(161)

Episode 129: Is this how Bug Bounty Ends?

Episode 129: Is this how Bug Bounty Ends?

Episode 129: In this episode of Critical Thinking - Bug Bounty Podcast we chat about the future of hack bots and human-AI collaboration, the challenges posed by tokenization, and the need for cybersec...

3 Heinä 202536min

Episode 128: New Research in Blind SSRF and Self-XSS, and How to Architect Source-code Review AI Bots

Episode 128: New Research in Blind SSRF and Self-XSS, and How to Architect Source-code Review AI Bots

Episode 128: In this episode of Critical Thinking - Bug Bounty Podcast we talking Blind SSRF and Self-XSS, as well as Reversing massive minified JS with AI and a wild Google Logo Ligature BugFollow us...

26 Kesä 202558min

Episode 127: Drama, PDF as JS Chaos, Bounty Profile Apps, And More

Episode 127: Drama, PDF as JS Chaos, Bounty Profile Apps, And More

Episode 127: In this episode of Critical Thinking - Bug Bounty Podcast we address some recent bug bounty controversy before jumping into a slew of news itemsFollow us on XShoutout to YTCracker for the...

19 Kesä 20251h 7min

Episode 126: Hacking AI Series: Vulnus ex Machina - Part 3

Episode 126: Hacking AI Series: Vulnus ex Machina - Part 3

Episode 126: In this episode of Critical Thinking - Bug Bounty Podcast we wrap up Rez0’s AI miniseries ‘Vulnus Ex Machina’. Part 3 includes a showcase of AI Vulns that Rez0 himself has found, and how ...

12 Kesä 202538min

Episode 125: How to Win Live Hacking Events

Episode 125: How to Win Live Hacking Events

Episode 125: In this episode of Critical Thinking - Bug Bounty Podcast Justin shares insights on how to succeed at live hacking events. We cover pre-event preparations, challenges of collaboration, on...

5 Kesä 202547min

Episode 124: Bug Bounty Lifestyle = Less Hacking Time?

Episode 124: Bug Bounty Lifestyle = Less Hacking Time?

Episode 124: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph cover some news from around the community, hitting on Joseph’s Anthropic safety testing, Justin’s guest appeara...

29 Touko 202545min

Episode 123: Hacking AI Series: Vulnus ex Machina - Part 2

Episode 123: Hacking AI Series: Vulnus ex Machina - Part 2

Episode 123: In this episode of Critical Thinking - Bug Bounty Podcast we’re back with part 2 of Rez0’s miniseries. Today we talk about mastering Prompt Injection, taxonomy of impact, and both trigger...

22 Touko 202544min

Episode 122: We Won Google's AI Hacking Event in Tokyo - Main Takeaways

Episode 122: We Won Google's AI Hacking Event in Tokyo - Main Takeaways

Episode 122: In this episode of Critical Thinking - Bug Bounty Podcast your boys are MVH winners! First we’re joined by Zak, to discuss the Google LHE as well as surprising us with a bug of his own! T...

15 Touko 20251h 45min