Episode 35: King of Collaboration: Douglas Day
Critical Thinking - Bug Bounty Podcast7 Sep 2023

Episode 35: King of Collaboration: Douglas Day

Episode 35: In this episode of Critical Thinking - Bug Bounty Podcast, we're thrilled to welcome Douglas Day, a bug bounty hunter known for his unique methodologies and collaborative spirit. We talk about his approach to finding new endpoints in applications, his ingenious technique of exploiting Intercom widgets, and collaboration preferences and tips at LHEs. We also touch on the struggle of justifying hobbies that don't generate income and the importance of finding enjoyment in the process.We hope you enjoy this episode as much as we did!

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Today’s Guest:

https://twitter.com/ArchAngelDDay

https://hackerone.com/the_arch_angel

https://bugcrowd.com/arch_angel

100 Short Bug Bounty Rules

https://twitter.com/ArchAngelDDay/status/1661924038875435008

Blog about Intercom

https://dday.us/2021/11/03/h1vendorATO.html

Blog about Mapping Hacking

http://dday.us/2021/10/09/Mapyourhacking.html

Timestamps: (00:00:00) Introduction

(00:03:01) Douglas Day’s infosec and LHE intro

(00:10:42) Evolution and philosophy of collaboration

(00:23:08) Balancing Collaboration and Money

(00:29:43) Recap of 100 Short Bug Bounty Rules

(00:37:15) Bug-hunting Methodology

(00:45:45) Using match and replace to find new endpoints in bug hunting

(00:49:07) Exploiting Intercom widgets

(00:52:35) Facing Failure and enjoying the journey

(00:57:00) Managing work-life balance

(01:05:55) Auth-Z testing and documentation

(01:12:25) Vulnerabilities in applications

(01:17:05) Mapping Hacking Sessions

Avsnitt(171)

Episode 155: 2025 Hacker Stats & 2026 Goals

Episode 155: 2025 Hacker Stats & 2026 Goals

Episode 155: In this episode of Critical Thinking - Bug Bounty Podcast Justin, Joseph, and Brandyn reflect on last year of Bug Bounty, and list their goals and predictions for what 2026 holds.Follow u...

1 Jan 1h 32min

Episode 154: Starting a Pentesting Company on Top of Bug Bounty

Episode 154: Starting a Pentesting Company on Top of Bug Bounty

Episode 154: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and Brandyn talk through the transition from Bug Bounty hunting to Pentesting. We cover diversifying income streams, the c...

25 Dec 202541min

Episode 153: Hacking the Robots of the Future: Hardware, AI, and Bug Bounties with Matt Brown

Episode 153: Hacking the Robots of the Future: Hardware, AI, and Bug Bounties with Matt Brown

Episode 153: In this episode of Critical Thinking - Bug Bounty Podcast Matt Brown returns to talk with us about hacking robots, IOT hackbots, and his Zero-to-Hero Hardware Hacking Guide.Follow us on t...

18 Dec 20251h 16min

Episode 152: GeminiJack and Agentic Security with Sasi Levi

Episode 152: GeminiJack and Agentic Security with Sasi Levi

Episode 152: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Sasi Levi from Noma Security to talk about AI and Agentic Security. We also talk about ForcedLeak, a Google Verte...

11 Dec 20251h 21min

Episode 151: Client-side Advanced Topics

Episode 151: Client-side Advanced Topics

Episode 151: In this episode of Critical Thinking - Bug Bounty Podcast we’re covering Client-side advanced topics. Justin talks Joseph (and us) through Third-Party Cookie Nuances, Iframe Tricks, URL P...

4 Dec 20251h 7min

Episode 150: ASP.NET MVC Patterns, Popping Oracle Identity, and Esoteric Subdomain Enumeration

Episode 150: ASP.NET MVC Patterns, Popping Oracle Identity, and Esoteric Subdomain Enumeration

Episode 150: In this episode of Critical Thinking - Bug Bounty Podcast we're highlighting some cool news and research, but not before expressing our gratitude to the Hacker community. We are so thankf...

27 Nov 202557min

Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains

Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains

Episode 149: In this episode of Critical Thinking - Bug Bounty Podcast The DEFCON videos are up, and Justin and Joseph talk through some of their favorites.Follow us on XGot any ideas and suggestions?...

20 Nov 20251h 2min

Episode 148: MCP Hacking Guide

Episode 148: MCP Hacking Guide

Episode 148: In this episode of Critical Thinking - Bug Bounty Podcast Justin gives us a crash course on Model Context Protocol.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and sugg...

13 Nov 202532min

Populärt inom Teknik

uppgang-och-fall
elbilsveckan
bilar-med-sladd
skogsforum-podcast
market-makers
rss-elektrikerpodden
rss-uppgang-och-fall
rss-powerboat-sverige-podcast
gubbar-som-tjotar-om-bilar
rss-veckans-ai
rss-technokratin
hej-bruksbil
har-vi-akt-till-mars-an
developers-mer-an-bara-kod
bli-saker-podden
rss-fabriken-2
rss-en-ai-till-kaffet
rss-laddstationen-med-elbilen-i-sverige
rss-snacka-om-ai
rss-digitala-influencer-podden