Episode 30: Recon Legend Shubs - From Burgers to Bounties
Critical Thinking - Bug Bounty Podcast3 Aug 2023

Episode 30: Recon Legend Shubs - From Burgers to Bounties

Episode 30: In this episode of Critical Thinking - Bug Bounty Podcast, we're thrilled to be joined by renowned bug bounty hunter Shubs. We kick off with him sharing his journey from burgers to bugs, and how his friendly rivalry with a fellow hacker fueled his passion for reconnaissance, as well as his love of collaboration. We then shift gears to talk about the art of debugging, ethics and economics of bug bounty hunting, the transition to Entrepreneur, and the evolution of Assetnote from a reconnaissance tool to enterprise security software suite. This one’s a banger, and we don’t want you to miss it!

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Today’s Guest:

@infosec_au

Intro Shoutouts

https://twitter.com/bebiksior

https://cvssadvisor.com/

Assetnote

https://www.assetnote.io/

https://twitter.com/assetnote

Bishop Fox

https://bishopfox.com/

Shortscan

https://github.com/bitquark/shortscan

XXE Payload

https://gist.github.com/Rhynorater/d0d19f757221a916a22476c3a5c6aba2

Timestamps

(00:00:00) Introduction

(00:05:48) History as a Hacker: Recon, rivalries, and Riot Games

(00:12:13) Collaboration and Community in Bug Bounty

(00:18:19) The Art of Debugging

(00:21:48) Assetnote News and overview

(00:30:43) CVE reversing

(00:32:58) Zero-day vulns

(00:42:48) Bug Bounty Ethics and Economics

(00:52:53) Bug Bounty and Entrepreneurship

(01:03:58) Business lessons learned

(01:07:48) Advice for Hunters looking to grow

(01:12:38) IIS Server Techniques

Episoder(161)

Episode 137: How We Do AI-Assisted Whitebox Review, New CSPT Gadgets, and Tools from SLCyber

Episode 137: How We Do AI-Assisted Whitebox Review, New CSPT Gadgets, and Tools from SLCyber

Episode 137: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner and Joseph Thacker reunite to talk about AI Hacking Assistants, CSPT and cache deception, and a bunch of tools lik...

28 Aug 202549min

Episode 136: Hacking Cluely, AI Prod Sec, and How To Not Get Sued with Jack Cable

Episode 136: Hacking Cluely, AI Prod Sec, and How To Not Get Sued with Jack Cable

Episode 136: In this episode of Critical Thinking - Bug Bounty Podcast, Joseph Thacker sits down with Jack Cable to get the scoop on a significant bug in Cluely’s desktop application, as well as the r...

21 Aug 202550min

Episode 135: Akamai's Ryan Barnett on WAFs, Unicode Confusables, and Triage Stories

Episode 135: Akamai's Ryan Barnett on WAFs, Unicode Confusables, and Triage Stories

Episode 135: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Ryan Barnett for a deep dive on WAFs. We also recap his Exploiting Unicode Normalization talk from DEFCON, ...

14 Aug 20251h 26min

Episode 134: XBOW - AI Hacking Agent and Human in the Loop with Diego Djurado

Episode 134: XBOW - AI Hacking Agent and Human in the Loop with Diego Djurado

Episode 134: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Diego Djurado to give us the scoop on XBOW. We cover a little about its architecture and approach to hunting, the...

4 Aug 20251h 53min

Episode 133: Building Hacker Communities - Bug Bounty Village, getDisclosed, and the LHE Squad

Episode 133: Building Hacker Communities - Bug Bounty Village, getDisclosed, and the LHE Squad

Episode 133: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Harley and Ari from H1 to talk some about community management roles within Bug Bounty, as well as discuss the ev...

31 Jul 20251h 16min

Episode 132: Archive Testing Methodology with Mathias Karlsson

Episode 132: Archive Testing Methodology with Mathias Karlsson

Episode 132: In this episode of Critical Thinking - Bug Bounty Podcast, Justin Gardner is joined by Mathias Karlsson to discuss vulnerabilities associated with archives. They talk about his new tool, ...

24 Jul 20251h 49min

Episode 131: SL Cyber Writeups, Bug Bounty Metastrategy, and Orphaned Github Commits

Episode 131: SL Cyber Writeups, Bug Bounty Metastrategy, and Orphaned Github Commits

Episode 131: In this episode of Critical Thinking - Bug Bounty Podcast we're covering Christmas in July with several banger articles from Searchlight Cyber, as well as covering things like Raycast for...

17 Jul 202550min

Episode 130: Minecraft Hacks to Google Hacking Star - Valentino

Episode 130: Minecraft Hacks to Google Hacking Star - Valentino

Episode 130: In this episode of Critical Thinking - Bug Bounty Podcast Justin is joined by Valentino, who shares his journey from hacking Minecraft to becoming a Google hunter. He talks us through sev...

10 Jul 20251h 8min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
smart-forklart
rss-avskiltet
tomprat-med-gunnar-tjomlid
nasjonal-sikkerhetsmyndighet-nsm
teknisk-sett
energi-og-klima
rss-impressions-2
shifter
rss-alt-vi-kan
elektropodden
teknologi-og-mennesker
fornybaren
pedagogisk-intelligens
rss-fjorsilkebris-podcast
hans-petter-og-co
kunstig-intelligens-med-morten-goodwin
rss-byggepodden
rss-for-alarmen-gar