Episode 38: In this episode of Critical Thinking - Bug Bounty Podcast, we're thrilled to welcome mobile hacking maestro Sergey Toshin (aka @bagipro). We kick off with Sergey sharing his unexpected journey into mobile security, and how he rose to become the number one hacker in both Google Play Security and Samsung Bug Bounty programs. We then delve into the evolving perception of mobile bugs, a myriad of new and existing attack vectors, and discuss Sergey's creation of mobile security company Oversecured. You’re going to want to make time for this one!
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
Today's Guest:
https://twitter.com/_bagipro
Oversecured
https://oversecured.com/
Oversecured Blog
https://blog.oversecured.com/
jadx
https://github.com/skylot/jadx
'Golden Android Techniques'
https://hackerone.com/reports/431002
Timestamps:
(00:00:00) Introduction
(00:01:28) Sergey Toshin’s hacking journey and achievements
(00:08:20) Mobile hacking: Devices and attack vectors
(00:12:35) Using Jadx
(00:15:40) The creation of Oversecured
(00:23:10) The Oversecured Blog and Sharing Information
(00:28:08) New Spheres and Strategies of Mobile Hacking
(00:35:13) Tips for getting into Mobile Hacking
