Critical Thinking - Bug Bounty Podcast

Episode 91: Zero to LHE in 9 Months (feat gr3pme)

Oct 3, 2024

Brandyn Murtagh, known as gr3pme, is a HackerNotes writer with a decade of cybersecurity experience. He shares his unique journey into bug bounty hunting, discussing the power of mentorship and the importance of emotional regulation. The conversation delves into strategies for selecting targets and the benefits of networking in the hacking community. Murtagh also highlights insights on ecosystem hacking and vulnerability discovery, particularly in fintech, making the complex world of bug hunting both approachable and engaging for listeners.

01:22:50

Creator website

Episode guests

Brandyn Murtagh

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Intentionally selecting products with bug bounty programs enhances both personal security awareness and the opportunity for financial rewards through identified vulnerabilities.

The speaker's journey reflects the importance of mentorship and emotional regulation in overcoming challenges and fostering resilience in the bug hunting process.

Ecosystem hacking involves a deep understanding of interconnected application components, enabling the discovery of subtle vulnerabilities through thorough research and analysis.

Deep dives

The Value of Bug Bounty Programs in Personal Product Selection

Intentionally choosing products that have bug bounty programs can be beneficial from both security and financial perspectives. Users earn bounties by reporting vulnerabilities while having a heightened awareness of security flaws in their chosen products. This approach not only enhances personal security but empowers individuals with the opportunity to contribute to the security of the application. The potential rewards from bug bounties can outweigh the costs associated with subscription-based services.

Intro

2min

A Journey Through Cyber Security: From Blue Team to Bug Hunting

2min

Navigating Bug Bounty: Mentorship and Live Hacking Insights

16min

Navigating the Bug Bounty Landscape

21min

Strategies for Identifying Bug Bounty Targets

6min

Mastering Bug Bounty Hunting

28min

Navigating Ecosystems and Security Vulnerabilities

6min

Exploring Fintech Vulnerabilities and Testing Environments

2min

Episode 91: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner sits down with Critical Thinking’s own HackerNotes writer Brandyn Murtagh (gr3pme) to talk about his journey with Bug Bounty. We cover mentorship, networking and LHEs, ecosystem hacking, emotional regulation, and the need for self-care. Then we wrap up with some fun bugs.

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Find the Hackernotes: https://blog.criticalthinkingpodcast.io/

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Shop our new swag store at ctbb.show/swag

Today’s Sponsor: Project Discovery - tldfinder: https://www.criticalthinkingpodcast.io/tldfinder

Today’s guest: https://x.com/gr3pme

Resources:

Lessons Learned for LHEs

https://x.com/Rhynorater/status/1579499221954473984

Timestamps:

(00:00:00) Introduction

(00:07:02) Mentorship in Bug Bounty

(00:16:30) LHE lessons, takeaways, and the benefit of feedback and networking

(00:41:28) Choosing Targets

(00:49:03) Vuln Classes

(00:58:54) Bug Reports

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Critical Thinking - Bug Bounty Podcast

Episode 91: Zero to LHE in 9 Months (feat gr3pme)

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Value of Bug Bounty Programs in Personal Product Selection

Progression in the Cybersecurity Field

Effective Mentorship and Emotional Regulation

Ecosystem Hacking for Bug Discovery

Utilizing a Structured Approach to Note-taking and Attack Vectors

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

Critical Thinking - Bug Bounty Podcast

Episode 91: Zero to LHE in 9 Months (feat gr3pme)

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Value of Bug Bounty Programs in Personal Product Selection

Progression in the Cybersecurity Field

Effective Mentorship and Emotional Regulation

Ecosystem Hacking for Bug Discovery

Utilizing a Structured Approach to Note-taking and Attack Vectors

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights