Episode 30: In this episode of Critical Thinking - Bug Bounty Podcast, we're thrilled to be joined by renowned bug bounty hunter Shubs. We kick off with him sharing his journey from burgers to bugs, and how his friendly rivalry with a fellow hacker fueled his passion for reconnaissance, as well as his love of collaboration. We then shift gears to talk about the art of debugging, ethics and economics of bug bounty hunting, the transition to Entrepreneur, and the evolution of Assetnote from a reconnaissance tool to enterprise security software suite. This one’s a banger, and we don’t want you to miss it!
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
Today’s Guest:
@infosec_au
Intro Shoutouts
https://twitter.com/bebiksior
https://cvssadvisor.com/
Assetnote
https://www.assetnote.io/
https://twitter.com/assetnote
Bishop Fox
https://bishopfox.com/
Shortscan
https://github.com/bitquark/shortscan
XXE Payload
https://gist.github.com/Rhynorater/d0d19f757221a916a22476c3a5c6aba2
Timestamps
(00:00:00) Introduction
(00:05:48) History as a Hacker: Recon, rivalries, and Riot Games
(00:12:13) Collaboration and Community in Bug Bounty
(00:18:19) The Art of Debugging
(00:21:48) Assetnote News and overview
(00:30:43) CVE reversing
(00:32:58) Zero-day vulns
(00:42:48) Bug Bounty Ethics and Economics
(00:52:53) Bug Bounty and Entrepreneurship
(01:03:58) Business lessons learned
(01:07:48) Advice for Hunters looking to grow
(01:12:38) IIS Server Techniques
