Episode 56: Using Data Science to win Bug Bounty - Mayonaise (aka Jon Colston)
Critical Thinking - Bug Bounty Podcast1 Feb 2024

Episode 56: Using Data Science to win Bug Bounty - Mayonaise (aka Jon Colston)

Episode 56: Using Data Science to win Bug Bounty - Mayonaise (aka Jon Colston)

Episode 56: In this episode of Critical Thinking - Bug Bounty Podcast, Justin sits down with Jon Colston to discuss how his background in digital marketing and data science has influenced his hunting methodology. We dive into subjects like data sources, automation, working backwards from vulnerabilities, applying conversion funnels to bug bounty, and the mayonaise signature 'Mother of All Bugs'

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

WordFence - Sign up as a researcher! https://ctbb.show/wf

Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Guest:

https://hackerone.com/mayonaise?type=user

Timestamps:

(00:00:00) Introduction

(00:12:07) Evolving Hacking Methodologies & B2B Hacking

(00:23:57) Data Science + Bug Bounty

(00:34:37) 'Lead Generation for Vulns'

(00:41:39) Ingredients and Recipes

(00:49:45) Keyword Categorization

(00:54:30) Manual Processes and Recap

(01:07:08) Data Sources

(01:19:59) Digital Marketing + Bug Bounty

(01:32:22) M.O.A.B.s

(01:41:02) Burnout Protection and Dupe Analysis

Avsnitt(171)

Episode 139: James Kettle - Pwning in Prod & How to do Web Security Research

Episode 139: James Kettle - Pwning in Prod & How to do Web Security Research

Episode 139: In this episode of Critical Thinking - Bug Bounty Podcast Justin finally sits down with the great James Kettle to talk about HTTP Proxys, metagaming research, avoiding burnout, and why HT...

11 Sep 20252h 21min

Episode 138: Caido Tools and Workflows

Episode 138: Caido Tools and Workflows

Episode 138: In this episode of Critical Thinking - Bug Bounty Podcast We’re talking Caido tools and workflows. Justin gives us a list of some of the Caido tools that have caught his interest, as well...

4 Sep 202522min

Episode 137: How We Do AI-Assisted Whitebox Review, New CSPT Gadgets, and Tools from SLCyber

Episode 137: How We Do AI-Assisted Whitebox Review, New CSPT Gadgets, and Tools from SLCyber

Episode 137: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner and Joseph Thacker reunite to talk about AI Hacking Assistants, CSPT and cache deception, and a bunch of tools lik...

28 Aug 202549min

Episode 136: Hacking Cluely, AI Prod Sec, and How To Not Get Sued with Jack Cable

Episode 136: Hacking Cluely, AI Prod Sec, and How To Not Get Sued with Jack Cable

Episode 136: In this episode of Critical Thinking - Bug Bounty Podcast, Joseph Thacker sits down with Jack Cable to get the scoop on a significant bug in Cluely’s desktop application, as well as the r...

21 Aug 202550min

Episode 135: Akamai's Ryan Barnett on WAFs, Unicode Confusables, and Triage Stories

Episode 135: Akamai's Ryan Barnett on WAFs, Unicode Confusables, and Triage Stories

Episode 135: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Ryan Barnett for a deep dive on WAFs. We also recap his Exploiting Unicode Normalization talk from DEFCON, ...

14 Aug 20251h 26min

Episode 134: XBOW - AI Hacking Agent and Human in the Loop with Diego Djurado

Episode 134: XBOW - AI Hacking Agent and Human in the Loop with Diego Djurado

Episode 134: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Diego Djurado to give us the scoop on XBOW. We cover a little about its architecture and approach to hunting, the...

4 Aug 20251h 53min

Episode 133: Building Hacker Communities - Bug Bounty Village, getDisclosed, and the LHE Squad

Episode 133: Building Hacker Communities - Bug Bounty Village, getDisclosed, and the LHE Squad

Episode 133: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Harley and Ari from H1 to talk some about community management roles within Bug Bounty, as well as discuss the ev...

31 Juli 20251h 16min

Episode 132: Archive Testing Methodology with Mathias Karlsson

Episode 132: Archive Testing Methodology with Mathias Karlsson

Episode 132: In this episode of Critical Thinking - Bug Bounty Podcast, Justin Gardner is joined by Mathias Karlsson to discuss vulnerabilities associated with archives. They talk about his new tool, ...

24 Juli 20251h 49min

Populärt inom Teknik

uppgang-och-fall
natets-morka-sida
bilar-med-sladd
market-makers
elbilsveckan
rss-technokratin
skogsforum-podcast
rss-laddstationen-med-elbilen-i-sverige
rss-uppgang-och-fall
har-vi-akt-till-mars-an
rss-elektrikerpodden
rss-veckans-ai
bli-saker-podden
rss-powerboat-sverige-podcast
developers-mer-an-bara-kod
hej-bruksbil
rss-it-sakerhetspodden
rss-snacka-om-ai
rss-fabriken-2
rss-en-ai-till-kaffet