Episode 34: Program vs Hacker Debate
Critical Thinking - Bug Bounty Podcast31 Aug 2023

Episode 34: Program vs Hacker Debate

Episode 34: In this episode of Critical Thinking - Bug Bounty Podcast, Justin and Joel have both beaten COVID and now square off against each other in a mega-debate representing hackers and program managers respectively. Among the topics included are Disclosures, Dupes, Zero-Day Policy, payouts, budgets, Triage and Retesting. So, if you want blood-pumping, insult-hurling opinion-invalidating debate…then maybe look somewhere else. But if a thought-provoking discussion about bug bounty is more your style, then take a seat and get ready!

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Prompt Injection Primer for Engineers

https://twitter.com/rez0__/status/1695078576104833291

Portswigger on XSS

https://twitter.com/PortSwiggerRes/status/1691812241375424983

Gunner Andrews talk

https://www.youtube.com/watch?v=aaDe1ADh5KM

Jhaddix live training Givaway

https://tbhmlive.com/

ctbb.show/giveaway

New Website

ctbb.show

Fight music composed by Dayn Leonardson

https://www.daynleo.com/

Timestamps:

(00:00:00) Introduction

(00:02:00) Joel’s DEFCON Recap

(00:04:45) Prompt Injection Primer for Engineers by Rez0

(00:07:00) Portswigger Research and XSS

(00:08:36) Gunnar Andrews' talk on serverless architecture

(00:10:10) ‘Bug Hunter Methodology’ Course Giveaway

The Debate

(00:13:34) Zero-Day Policy and Payment for Vulnerabilities

(00:25:40) Disclosure

(00:33:52) Dupes (00:51:23) CVSS

(01:02:25) Budgets and Payouts

(01:15:00) Triage and Retesting

(01:34:55) Withholding Reports

(01:41:50) Root Cause Analysis

(01:52:25) Interacting with hacker reports from a security standpoint.

(01:58:50) Internal Activity on a Report

(02:01:15) Cost of running Bug Bounty Programs and LHE’s

Episoder(165)

Episode 21: Chill Chat with Legendary DoD Hacker Corben Leo

Episode 21: Chill Chat with Legendary DoD Hacker Corben Leo

In this episode of Critical Thinking - Bug Bounty Podcast, we chat with Corben Leo about his journey in bug bounty hunting and ethical hacking. We discuss the state of DNS rebinding in 2023, a Twitter...

1 Jun 20231h 13min

Episode 20: Hacker Brain Hacks - Overcoming Bug Bounty's Mental Tolls

Episode 20: Hacker Brain Hacks - Overcoming Bug Bounty's Mental Tolls

Episode 20: In this episode of Critical Thinking - Bug Bounty Podcast, we dive into the world of "hacker brain hacks'' and overcoming challenges in bug bounty hunting. We discuss custom word lists, th...

25 Mai 20231h 6min

Episode 19: Audit Code, Earn Bounties (Part 2) + Zip-Snip, Sitecore, and more!

Episode 19: Audit Code, Earn Bounties (Part 2) + Zip-Snip, Sitecore, and more!

Episode 19: In this episode of Critical Thinking - Bug Bounty Podcast we further discuss some tips and tricks for finding vulns once you’ve got source code and some banger tweets/tools that popped up ...

18 Mai 202353min

Episode 18: Audit Code, Earn Bounties

Episode 18: Audit Code, Earn Bounties

Episode 18: In this episode of Critical Thinking - Bug Bounty Podcast, we dive into everything source-code related: how to get source-code and what to do with it once you have. This episode is packed ...

11 Mai 20231h 6min

Episode 17: LA Live Chat with Five Legendary Hackers

Episode 17: LA Live Chat with Five Legendary Hackers

Episode 17: In this episode of Critical Thinking - Bug Bounty Podcast we talk with five legendary hackers about some of their favorite bugs. Live. From LA.Corben Leo “Lorben CEO” @hacker_Sam “ZLZ” “ZO...

4 Mai 202347min

Episode 16: The Hacker's Toolkit

Episode 16: The Hacker's Toolkit

Episode 16: In this episode of Critical Thinking - Bug Bounty Podcast we talk about the hacker’s toolkit. Joel and Justin talk about their VPS setup, go-to hacking tools, most often used Linux command...

20 Apr 20231h 17min

Episode 15: The Israeli Million-Dollar Hacker

Episode 15: The Israeli Million-Dollar Hacker

Episode 15: In this episode of Critical Thinking - Bug Bounty Podcast we talk with the latest Million-Dollar bug bounty hunter: @naglinagli . He talks about his climb from $1,000 in bounties to $1,000...

13 Apr 20231h 8min

Episode 14: Mobile Hacking Dynamic Analysis w/ Frida + Random Hacker Stuff

Episode 14: Mobile Hacking Dynamic Analysis w/ Frida + Random Hacker Stuff

Episode 14: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Dynamic Analysis within Mobile Hacking and a bunch of random hacker stuff. It's a good time. Enjoy the pod.Follow us...

6 Apr 20231h 21min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
smart-forklart
teknisk-sett
energi-og-klima
rss-ki-praten
nasjonal-sikkerhetsmyndighet-nsm
elektropodden
rss-impressions-2
shifter
tomprat-med-gunnar-tjomlid
rss-praktisk-proptech
rss-ki-til-kaffen
hans-petter-og-co
teknologi-og-mennesker
i-loopen
kunstig-intelligens-med-morten-goodwin
rss-for-alarmen-gar
rss-ai-forklart
rss-heis