Johan Carlsson

Johan Carlsson, a top bug bounty hunter on GitLab, shares his thrilling journey from newbie to expert in the bug bounty world. He discusses the challenges and triumphs of identifying vulnerabilities in client-side code, browser hacking, and the complexities of Content Security Policy. Johan emphasizes the importance of personal growth, adaptability, and community collaboration in the rapidly evolving field of cybersecurity. From playful proof of concepts to tackling server-side vulnerabilities, his insights provide a captivating look into the life of a full-time bug bounty hunter.

Johan Carlsson, a dedicated bug bounty hunter, shares his journey transitioning to full-time bug hunting. He discusses the thrill of discovering vulnerabilities like a CSP bypass in GitHub and a critical flaw in GitLab. Johan highlights his focus on complex bug types like ReDoS and OAuth, emphasizing the unpredictability that accompanies bug hunting. He also offers insights into balancing personal life with his bug bounty career, navigating financial challenges, and the importance of community support in this unique profession.

This week features Sam Curry, a renowned bug bounty hunter known for secondary context bugs, and Johan Carlson, an expert in highly CSP environments. They discuss captivating topics like Blind XSS vulnerabilities, web exploits, and debugging techniques for IoT devices. Matan Bear shares insights on client-side attacks using DevTools, while Mariah Gardner highlights the balance between bug bounty hunting and personal relationships. Together, they explore the dynamic nature of cybersecurity and the importance of continuous learning in the field.