Episode 82: In this episode of Critical Thinking - Bug Bounty Podcast Joel Margolis discusses strategies and tips for part-time bug bounty hunting. He covers things like finding (and enforcing) balance, picking programs and goals, and streamlining your process to optimize productivity.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Sponsor - ThreatLocker

Resources:

Evernote RCE Post

https://0reg.dev/blog/evernote-rce

ServiceNow Bug Chain

https://www.assetnote.io/resources/research/chaining-three-bugs-to-access-all-your-servicenow-data

Douglas Day's Talk on finding 'no's'

https://youtu.be/G1RHa7l1Ys4?si=TY16ULsEIfJ9CMKk

Timestamps:

(00:01:37) Introduction

(00:02:24) Evernote RCE Post

(00:06:47) AssetNote ServiceNow Bug Chain

(00:12:16) Part-Time Bug Bounty: Balance and Accountability

(00:18:04) Picking programs: Impact and Payout

(00:28:46) Streamline your process