Episode 98: Team 82 Sharon Brizinov - The Live Hacking Polymath
Critical Thinking - Bug Bounty Podcast21 Nov 2024

Episode 98: Team 82 Sharon Brizinov - The Live Hacking Polymath

Episode 98: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner sits down with Sharon,to discuss his journey from early iOS development to leading a research team at Claroty. They address the differences between HackerOne and Pwn2Own, and talk through some intricacies of IoT security, and some less common IoT attack surfaces.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Sponsor - ThreatLocker: Check out Network Control!

https://www.criticalthinkingpodcast.io/tl-nc

And AssetNote: Check out their ASMR board (no not that kind!)

https://assetnote.io/asmr

Today’s Guest: https://sharonbrizinov.com/

Resources

The Claroty Research Team

https://claroty.com/team82

Pwntools

https://github.com/Gallopsled/pwntools

Scan My SMS

http://scanmysms.com

Gotta Catch 'Em All: Phishing, Smishing, and the birth of ScanMySMS

https://www.youtube.com/watch?v=EhNsXXbDp3U

Timestamps

(00:00:00) Introduction

(00:03:31) Sharon's Origin Story

(00:21:58) Transition to Bug Bounty and Pwn2Own vs HackerOne

(00:47:05) IoT/ICS Hacking Methodology

(01:10:13) Cloud to Device Communication

(01:18:15) Bug replication and uncommon attack surfaces

(01:30:58) Documentation tracker, reCaptcha bypass, and ScanMySMS

Episoder(165)

Episode 109: Creative Recon - Alternative Techniques

Episode 109: Creative Recon - Alternative Techniques

Episode 109: In this episode of Critical Thinking - Bug Bounty Podcast we start off with a quick recap of some of the DeepSeek Drama that’s been going down, and discuss AI in CAPTCHA and 2FA as well. ...

6 Feb 20251h 1min

Episode 108: How to Hack Salesforce, ServiceNow, and Other SaaS Products With Aaron Costello

Episode 108: How to Hack Salesforce, ServiceNow, and Other SaaS Products With Aaron Costello

Episode 108: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph bring on Aaron Costello to discuss SaaS security and misconfigurations as a bug class. He also gives some in-de...

30 Jan 20251h 31min

Episode 107: Bypassing Cross-Origin Browser Headers

Episode 107: Bypassing Cross-Origin Browser Headers

Episode 107: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph are tackling the subject of cross-origin security headers. They also cover some news items including Google’s O...

23 Jan 20251h 6min

Episode 106: Announcing our new cohost...

Episode 106: Announcing our new cohost...

Episode 106: In this episode of Critical Thinking - Bug Bounty Podcast we are pleased to announce our new co-host of the podcast: Joseph Thacker Aka Rez0! We discuss Joseph's transition to full-time b...

16 Jan 202558min

Episode 105: Best Critical Thinking Moments from 2024

Episode 105: Best Critical Thinking Moments from 2024

Episode 105: In this episode of Critical Thinking - Bug Bounty Podcast we're back with another Best-of episode recapping some of our top moments of 2024.Follow us on twitter at: @ctbbpodcastSsend us a...

9 Jan 20252h 17min

Episode 104: 2024 Hacker Stats & 2025 Goals

Episode 104: 2024 Hacker Stats & 2025 Goals

Episode 104: In this episode of Critical Thinking - Bug Bounty Podcast Justin reflects upon the past year and walks through some of the bug bounty goals he had for 2024, and how he feels like he did. ...

2 Jan 202529min

Episode 103: Getting ANSI about Unicode Normalization

Episode 103: Getting ANSI about Unicode Normalization

Episode 103: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph delve into the vulnerabilities associated with ANSI codes and large language models (LLMs), as well as talk thr...

26 Des 20241h

Episode 102: Building Web Hacking Micro Agents with Jason Haddix

Episode 102: Building Web Hacking Micro Agents with Jason Haddix

Episode 102: In this episode of Critical Thinking - Bug Bounty Podcast Justin grabs Jason Haddix to help brainstorm the concept of AI micro-agents in hacking, particularly in terms of web fuzzing, WAF...

19 Des 20241h 2min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
smart-forklart
tomprat-med-gunnar-tjomlid
teknisk-sett
energi-og-klima
rss-impressions-2
nasjonal-sikkerhetsmyndighet-nsm
elektropodden
shifter
rss-ki-praten
rss-praktisk-proptech
pedagogisk-intelligens
kunstig-intelligens-med-morten-goodwin
hans-petter-og-co
rss-ki-til-kaffen
rss-heis
fornybaren
i-loopen
rss-nerding-med-netlife