Critical Thinking - Bug Bounty Podcast Episode 75: *Rerun* of The OG Bug Bounty King - Frans Rosen
Jun 13, 2024
Frans Rosen, The OG Bug Bounty King, discusses S3 subdomain takeovers, attacking modern web technologies, account hijacking using Dirty Dancing in OAuth flows, and bug bounty methodologies. Topics include bug hunting strategies, automation, entrepreneurship, and managing growth in the cybersecurity field.
Chapters
Transcript
Episode notes
1 2 3 4 5 6 7 8 9 10 11 12
Intro
00:00 • 2min
Overcoming Obstacles in Bug Bounty Hunting
01:52 • 24min
Bug Bounty Hunting Techniques and Automation
25:53 • 31min
Bug Bounty Hunting Strategies and Threat Model Validation
56:46 • 4min
S3 Bucket Takeover and Decloaking Exploits
01:01:03 • 10min
Impactful Bug Discoveries and Automation Challenges in AWS
01:11:17 • 3min
Navigating the Journey of Writing Blog Posts and Managing Business Growth
01:13:50 • 25min
Attacking Modern Web Technologies with App Caches, Service Workers, Post Message and S3 Policies
01:38:36 • 14min
Exploration of Vulnerabilities and Security Risks in Web Technologies
01:52:41 • 3min
Challenges and Solutions with postMessage Listeners in Payment Providers
01:56:00 • 13min
Bash Scripting, Collaboration in Live Hacking, and OAuth Exploits
02:08:43 • 28min
Uncovering Bugs and Balancing Bug Bounties with Parenthood
02:36:16 • 9min