Episode 34: Program vs Hacker Debate
Critical Thinking - Bug Bounty Podcast31 Aug 2023

Episode 34: Program vs Hacker Debate

Episode 34: In this episode of Critical Thinking - Bug Bounty Podcast, Justin and Joel have both beaten COVID and now square off against each other in a mega-debate representing hackers and program managers respectively. Among the topics included are Disclosures, Dupes, Zero-Day Policy, payouts, budgets, Triage and Retesting. So, if you want blood-pumping, insult-hurling opinion-invalidating debate…then maybe look somewhere else. But if a thought-provoking discussion about bug bounty is more your style, then take a seat and get ready!

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Prompt Injection Primer for Engineers

https://twitter.com/rez0__/status/1695078576104833291

Portswigger on XSS

https://twitter.com/PortSwiggerRes/status/1691812241375424983

Gunner Andrews talk

https://www.youtube.com/watch?v=aaDe1ADh5KM

Jhaddix live training Givaway

https://tbhmlive.com/

ctbb.show/giveaway

New Website

ctbb.show

Fight music composed by Dayn Leonardson

https://www.daynleo.com/

Timestamps:

(00:00:00) Introduction

(00:02:00) Joel’s DEFCON Recap

(00:04:45) Prompt Injection Primer for Engineers by Rez0

(00:07:00) Portswigger Research and XSS

(00:08:36) Gunnar Andrews' talk on serverless architecture

(00:10:10) ‘Bug Hunter Methodology’ Course Giveaway

The Debate

(00:13:34) Zero-Day Policy and Payment for Vulnerabilities

(00:25:40) Disclosure

(00:33:52) Dupes (00:51:23) CVSS

(01:02:25) Budgets and Payouts

(01:15:00) Triage and Retesting

(01:34:55) Withholding Reports

(01:41:50) Root Cause Analysis

(01:52:25) Interacting with hacker reports from a security standpoint.

(01:58:50) Internal Activity on a Report

(02:01:15) Cost of running Bug Bounty Programs and LHE’s

Episoder(166)

Episode 54: White Box Formulas - Vulnerable Coding Patterns

Episode 54: White Box Formulas - Vulnerable Coding Patterns

Episode 54: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel are back with news items and new projects. Joel shares about his personal scraping project to gather data on bug b...

18 Jan 20241h 12min

Episode 53: 500k/yr as Full-Time Bug Hunter & Content Creator - Nahamsec

Episode 53: 500k/yr as Full-Time Bug Hunter & Content Creator - Nahamsec

Episode 53: In this episode of Critical Thinking - Bug Bounty Podcast,we’re joined by none other than NahamSec. We start by discusses the challenges he faced on his journey in bug bounty hunting and c...

11 Jan 20241h 40min

Episode 52: Best Technical Content from Year 1 of CTBB Podcast

Episode 52: Best Technical Content from Year 1 of CTBB Podcast

Episode 52: In this episode of Critical Thinking - Bug Bounty Podcast we're going back and highlighting some of the best technical moments from the past year! Hope you enjoy this best of 2023 Supercut...

4 Jan 20243h

Episode 51: Hacker Stats 2023 & 2024 Goals

Episode 51: Hacker Stats 2023 & 2024 Goals

Episode 51: In this episode of Critical Thinking - Bug Bounty Podcast, Justin and Joel are back for the last episode of 2023. We discuss some noteworthy news items including a Hacker One Crit, Caido u...

28 Des 20231h 21min

Episode 50: ­Mathias 'Fall in a well' Karlsson - Bug Bounty Prophet

Episode 50: ­Mathias 'Fall in a well' Karlsson - Bug Bounty Prophet

Episode 50: In this episode of Critical Thinking - Bug Bounty Podcast, Justin catches up with hacking master Mathias Karlsson, and talks about burnout, collaboration, and the importance of specializat...

21 Des 20232h 24min

Episode 49: Getting Live Hacking Event Invites & Bug Bounty Collab with Nagli

Episode 49: Getting Live Hacking Event Invites & Bug Bounty Collab with Nagli

Episode 49: In this episode of Critical Thinking - Bug Bounty Podcast, Justin Gardner is once again joined by Nagli to discuss some of their recent hacking discoveries. They talk about finding and exp...

14 Des 202351min

Episode 48: MVH, DEFCON Black Badge, Googler - Sam Erb

Episode 48: MVH, DEFCON Black Badge, Googler - Sam Erb

Episode 48: In this episode, joined by the spectacular Sam Erb, Google Security Engineer and DEFCON Black Badge winner. We talk about the importance of understanding how systems work to find vulnerabi...

7 Des 20231h 36min

Episode 47: CSP Research, Iframe Hopping, and Client-side Shenanigans

Episode 47: CSP Research, Iframe Hopping, and Client-side Shenanigans

Episode 47: In this episode of Critical Thinking - Bug Bounty Podcast, the holidays are fast approaching, and Justin and Joel discuss some of the struggles of getting back into the hacking groove duri...

30 Nov 20231h 31min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
teknisk-sett
nasjonal-sikkerhetsmyndighet-nsm
rss-ki-praten
smart-forklart
energi-og-klima
rss-impressions-2
elektropodden
tomprat-med-gunnar-tjomlid
fornybaren
shifter
rss-alt-vi-kan
i-loopen
rss-fjorsilkebris-podcast
rss-alt-som-gar-pa-strom
rss-heis
rss-ai-forklart
rss-polypod
rss-anleggspraten