Episode 35: King of Collaboration: Douglas Day
Critical Thinking - Bug Bounty Podcast7 Sep 2023

Episode 35: King of Collaboration: Douglas Day

Episode 35: In this episode of Critical Thinking - Bug Bounty Podcast, we're thrilled to welcome Douglas Day, a bug bounty hunter known for his unique methodologies and collaborative spirit. We talk about his approach to finding new endpoints in applications, his ingenious technique of exploiting Intercom widgets, and collaboration preferences and tips at LHEs. We also touch on the struggle of justifying hobbies that don't generate income and the importance of finding enjoyment in the process.We hope you enjoy this episode as much as we did!

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Today’s Guest:

https://twitter.com/ArchAngelDDay

https://hackerone.com/the_arch_angel

https://bugcrowd.com/arch_angel

100 Short Bug Bounty Rules

https://twitter.com/ArchAngelDDay/status/1661924038875435008

Blog about Intercom

https://dday.us/2021/11/03/h1vendorATO.html

Blog about Mapping Hacking

http://dday.us/2021/10/09/Mapyourhacking.html

Timestamps: (00:00:00) Introduction

(00:03:01) Douglas Day’s infosec and LHE intro

(00:10:42) Evolution and philosophy of collaboration

(00:23:08) Balancing Collaboration and Money

(00:29:43) Recap of 100 Short Bug Bounty Rules

(00:37:15) Bug-hunting Methodology

(00:45:45) Using match and replace to find new endpoints in bug hunting

(00:49:07) Exploiting Intercom widgets

(00:52:35) Facing Failure and enjoying the journey

(00:57:00) Managing work-life balance

(01:05:55) Auth-Z testing and documentation

(01:12:25) Vulnerabilities in applications

(01:17:05) Mapping Hacking Sessions

Avsnitt(165)

Episode 157: Crushing Pwn2Own & H1 with Kernel Driver Exploits

Episode 157: Crushing Pwn2Own & H1 with Kernel Driver Exploits

Episode 157: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Hypr to talk about hacking Mediatek and his experiences with HackerOne and Pwn2Own Ecosystems.Follow us on twitte...

15 Jan 1h 34min

Episode 156: Chill AMA from bugbounty.forum

Episode 156: Chill AMA from bugbounty.forum

Episode 156: In this episode of Critical Thinking - Bug Bounty Podcast we answer some fantastic questions from over at bugbounty.forumFollow us on twitter at: https://x.com/ctbbpodcastGot any ideas an...

8 Jan 1h 23min

Episode 155: 2025 Hacker Stats & 2026 Goals

Episode 155: 2025 Hacker Stats & 2026 Goals

Episode 155: In this episode of Critical Thinking - Bug Bounty Podcast Justin, Joseph, and Brandyn reflect on last year of Bug Bounty, and list their goals and predictions for what 2026 holds.Follow u...

1 Jan 1h 32min

Episode 154: Starting a Pentesting Company on Top of Bug Bounty

Episode 154: Starting a Pentesting Company on Top of Bug Bounty

Episode 154: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and Brandyn talk through the transition from Bug Bounty hunting to Pentesting. We cover diversifying income streams, the c...

25 Dec 202541min

Episode 153: Hacking the Robots of the Future: Hardware, AI, and Bug Bounties with Matt Brown

Episode 153: Hacking the Robots of the Future: Hardware, AI, and Bug Bounties with Matt Brown

Episode 153: In this episode of Critical Thinking - Bug Bounty Podcast Matt Brown returns to talk with us about hacking robots, IOT hackbots, and his Zero-to-Hero Hardware Hacking Guide.Follow us on t...

18 Dec 20251h 16min

Episode 152: GeminiJack and Agentic Security with Sasi Levi

Episode 152: GeminiJack and Agentic Security with Sasi Levi

Episode 152: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Sasi Levi from Noma Security to talk about AI and Agentic Security. We also talk about ForcedLeak, a Google Verte...

11 Dec 20251h 21min

Episode 151: Client-side Advanced Topics

Episode 151: Client-side Advanced Topics

Episode 151: In this episode of Critical Thinking - Bug Bounty Podcast we’re covering Client-side advanced topics. Justin talks Joseph (and us) through Third-Party Cookie Nuances, Iframe Tricks, URL P...

4 Dec 20251h 7min

Episode 150: ASP.NET MVC Patterns, Popping Oracle Identity, and Esoteric Subdomain Enumeration

Episode 150: ASP.NET MVC Patterns, Popping Oracle Identity, and Esoteric Subdomain Enumeration

Episode 150: In this episode of Critical Thinking - Bug Bounty Podcast we're highlighting some cool news and research, but not before expressing our gratitude to the Hacker community. We are so thankf...

27 Nov 202557min

Populärt inom Teknik

uppgang-och-fall
bilar-med-sladd
market-makers
elbilsveckan
rss-elektrikerpodden
rss-veckans-ai
skogsforum-podcast
rss-technokratin
developers-mer-an-bara-kod
har-vi-akt-till-mars-an
rss-laddstationen-med-elbilen-i-sverige
natets-morka-sida
bli-saker-podden
rss-uppgang-och-fall
rss-it-sakerhetspodden
garagehang
ai-sweden-podcast
rss-powerboat-sverige-podcast
gubbar-som-tjotar-om-bilar
rss-fabriken-2