Episode 15: The Israeli Million-Dollar Hacker
Critical Thinking - Bug Bounty Podcast13 Apr 2023

Episode 15: The Israeli Million-Dollar Hacker

Episode 15: In this episode of Critical Thinking - Bug Bounty Podcast we talk with the latest Million-Dollar bug bounty hunter: @naglinagli . He talks about his climb from $1,000 in bounties to $1,000,000, recon tips and tricks, and some bug reports that made the news and landed him the "Best Bug" award at a H1 Live Hacking event.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Follow Nagli and his new startup Shockwave:

https://twitter.com/naglinagli

https://twitter.com/shockwave_sec

HackMD Collaborative Notes:

https://hackmd.io/

Ian Carroll's Airline Miles Website:

https://seats.aero

Nagli's Tweet in ChatGPT Web Cache Deception:

https://twitter.com/naglinagli/status/1639343866313601024

Timestamps:

(00:00:00) Intro

(00:04:40) Nagli’s Climb

(00:05:40) What kind of vulns do you look for?

(00:09:25) Working with other hackers

(00:10:20) Bug Bounty Hunter’s Guild

(00:12:35) Shockwave product

(00:14:12) Outsourcing tool development

(00:18:46) What got you started?

(00:21:13) Manual hacking vs recon suite + LHE focus

(00:25:00) How do you take notes

(00:29:42) Biggest things that you’ve learned over the past 2 years

(00:31:29) How do you ingest new techniques?

(00:31:50) Collaboration

(00:37:20) Justin Ranting about “Trained Eyes”

(00:40:18) Time spent coding vs hacking

(00:45:28) Travel and spending habits

(00:54:16) Grep is Nagli’s database

(00:56:20) Nagli’s ChatGPT Web Cache Deception

(00:58:44) What does your alerting look like?

(01:01:50) Nagli’s “Most Critical” SSRF

(01:04:30) Burp Active Scan

Avsnitt(166)

Episode 38: Mobile Hacking Maestro: Sergey Toshin

Episode 38: Mobile Hacking Maestro: Sergey Toshin

Episode 38: In this episode of Critical Thinking - Bug Bounty Podcast, we're thrilled to welcome mobile hacking maestro Sergey Toshin (aka @bagipro). We kick off with Sergey sharing his unexpected jou...

28 Sep 202343min

Episode 37: Tokyo Hacking & Interview with 0xLupin

Episode 37: Tokyo Hacking & Interview with 0xLupin

Episode 37: In this episode of Critical Thinking - Bug Bounty Podcast we're joined by none other than Lupin himself! We recap the Tokyo LHE and the lessons we learned from it before diving into his le...

21 Sep 20231h 15min

Episode 36: Bug Bounty Ethics & CT Exclusive Bug Reports

Episode 36: Bug Bounty Ethics & CT Exclusive Bug Reports

Episode 36: In this episode of Critical Thinking - Bug Bounty Podcast, Justin and Joel take a break from LHE prep to answer questions about the ethics of bug bounty and share their recent bug finds. W...

14 Sep 20231h 3min

Episode 35: King of Collaboration: Douglas Day

Episode 35: King of Collaboration: Douglas Day

Episode 35: In this episode of Critical Thinking - Bug Bounty Podcast, we're thrilled to welcome Douglas Day, a bug bounty hunter known for his unique methodologies and collaborative spirit. We talk a...

7 Sep 20231h 25min

Episode 34: Program vs Hacker Debate

Episode 34: Program vs Hacker Debate

Episode 34: In this episode of Critical Thinking - Bug Bounty Podcast, Justin and Joel have both beaten COVID and now square off against each other in a mega-debate representing hackers and program ma...

31 Aug 20232h 10min

Episode 33: The Master of Hacker Show&Tell: Inti De Ceukelaire

Episode 33: The Master of Hacker Show&Tell: Inti De Ceukelaire

Episode 33: In this episode of Critical Thinking - Bug Bounty Podcast, we welcome Inti De Ceukelaire, a seasoned bug hunter known for his creative storytelling and impactful show-and-tell bugs…and let...

24 Aug 20231h 22min

Episode 32: The Great Write-up Low-down

Episode 32: The Great Write-up Low-down

Episode 32: In this episode of Critical Thinking - Bug Bounty Podcast, Joel caught a nasty bug (no, not that kind) so Justin is flying solo, and catches us up to speed on what's been happening in hack...

17 Aug 20231h 1min

Episode 31: Alex Chapman - The Man of Many Crits

Episode 31: Alex Chapman - The Man of Many Crits

Episode 31: In this episode of Critical Thinking - Bug Bounty Podcast, we're thrilled to be joined by Alex Chapman, a seasoned InfoSec hacker and bug bounty hunter. We kick off with Alex sharing his h...

10 Aug 20231h 24min

Populärt inom Teknik

uppgang-och-fall
elbilsveckan
market-makers
rss-elektrikerpodden
skogsforum-podcast
rss-laddstationen-med-elbilen-i-sverige
natets-morka-sida
gubbar-som-tjotar-om-bilar
har-vi-akt-till-mars-an
bilar-med-sladd
rss-technokratin
rss-it-sakerhetspodden
rss-veckans-ai
ai-sweden-podcast
bli-saker-podden
rss-uppgang-och-fall
developers-mer-an-bara-kod
rss-snacka-om-ai
rss-ai-med-katarina-gospic-och-viggo-cavling
rss-fabriken-2