Bug Bounty Reports Discussed

Finding criticals in mobile apps - Joel Margolis (0xteknogeek) from the Critical Thinking Bug Bounty podcast

Jul 24, 2024

In this engaging discussion, Joel Margolis, a bug bounty hunter and program manager, shares his journey from programming to cybersecurity. He dives into the world of mobile app vulnerabilities, emphasizing techniques for identifying critical risks. Joel also discusses the excitement and challenges of live hacking events and the importance of effective communication in the bug bounty landscape. He highlights innovative tools for mobile testing and reflects on the essential qualities of successful bounty hunters. Tune in for insights and inspiration from the field!

01:08:52

Creator website

Episode guests

Joel Margolis

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Joel Margolis emphasizes the significance of live hacking events for learning and networking within the hacker community.

Preparation is key for live hacking events, including familiarizing with target companies and setting realistic goals for success.

Effective communication and understanding between researchers and companies are essential for fostering positive relationships in bug bounty programs.

Deep dives

Joel Margolis's Journey into Cybersecurity

Joel Margolis, also known as TechnoGeek, unintentionally entered the field of cybersecurity through his passion for programming and gaming. His journey began when he created a software tool for a popular social media API that eventually broke, leading him to join a community focused on reverse engineering mobile apps. This exposure ignited his interest in security fundamentals and prompted him to accidentally major in computing security during college. Working on various tools and participating in competitions further solidified his skills, ultimately resulting in his involvement in bug bounty hunting.

Intro

4min

From CTF to Career: My Cybersecurity Journey

16min

Traveling for Hacking Events: Tips and Tools

5min

Navigating Mobile Hacking: Risks and Techniques

15min

Rooting Emulators and Mobile Testing Insights

8min

Navigating the Bug Bounty Landscape

18min

Reflecting on Insights and Connections

2min

📧 Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on Twitter: https://bbre.dev/tw
📣 Follow Joel on Twitter: https://x.com/0xteknogeek
In this interview, we're talking with Joel about bug bounty hunting on mobile apps, about being a program manager, about Live Hacking Events and more.

BBRD podcast is also available on most popular podcast platforms:
https://open.spotify.com/show/6tLoJ5foOoZPPELwrHPBO4
https://podcasts.google.com/feed/aHR0cHM6Ly93d3cuc3ByZWFrZXIuY29tL3Nob3cvNTA3Mzc4MS9lcGlzb2Rlcy9mZWVk
https://podcasts.apple.com/us/podcast/bug-bounty-reports-discussed/id1583400215?uo=4

Links mentioned during the interview:
https://www.timeshifter.com
https://codeshare.frida.re/@teknogeek/android-universal-ssl-unpin/
https://gitlab.com/newbit/rootAVD
https://github.com/Ch0pin/medusa
https://github.com/teknogeek/get_schemas
Timestamps:
00:00 Intro
00:22 Getting into bug bounty
11:04 Live Hacking Events
24:58 Mobile bug bounty
48:34 Lessons from being a bug bounty program manager
1:03:54 The plans for the Critical Thinking Bug Bounty podcast

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Bug Bounty Reports Discussed

Finding criticals in mobile apps - Joel Margolis (0xteknogeek) from the Critical Thinking Bug Bounty podcast

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Joel Margolis's Journey into Cybersecurity

The Impact of Capture The Flag (CTF) Events

Preparing for Live Hacking Events

Balancing Bug Bounty Hunting with Program Management

Building Relationships in Bug Bounty Programs

Remember Everything You Learn from Podcasts