Episode 33: In this episode of Critical Thinking - Bug Bounty Podcast, we welcome Inti De Ceukelaire, a seasoned bug hunter known for his creative storytelling and impactful show-and-tell bugs…and let us tell you, his stories do not disappoint! From his bug bounty journey to some pretty wild hacks, Inti captivates us as only Inti can. We discuss the potential life-saving impact of bug bounty reports, especially in areas such as transportation and medical devices. We also cover hacker mentality, the benefits of objective-based challenges, and the need for collaboration and alignment within the bug bounty community. It’s a mesmerizing episode, so sit back and be swept away by Inti’s tales.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
Today’s Guest:
https://twitter.com/securinti
Inti's Shopify Show-and-Tell
https://hackerone.com/reports/1086108
Hakluke's article on Bug Bounty Standards
https://github.com/hakluke/bug-bounty-standards
Researching MissingNo Glitch in Pokemon
https://youtu.be/p8OBktd42GI
Intigriti
https://www.intigriti.com/
Timestamps:
(00:00:00) Introduction
(00:03:01) Show-and-Tells and Storytelling in Live Hacking Events
(00:08:30) Impact Assessment and the potential real-life significance of reporting vulnerabilities.
(00:13:50) Ethical dilemmas, gaming the systems, and safe harbor.
(00:23:30) Inti’s Hacking Journey
(00:27:26) Hacker mentality, brainstorming, and goal-setting.
(00:46:28) The benefit of mental resets, fresh perspectives, and ‘surprise collaboration’
(00:52:55) Inti’s Story 1: CSS Injection bugs
(01:06:20) Inti’s Story 2: The Ticket Trick
(01:14:00) Inti’s Story 3: The Gotcha PasswordBug
(01:18:30) Upcoming Intigriti Live Hacking Event
