Johan Carlsson

Johan Carlsson, a dedicated bug bounty hunter, shares his journey transitioning to full-time bug hunting. He discusses the thrill of discovering vulnerabilities like a CSP bypass in GitHub and a critical flaw in GitLab. Johan highlights his focus on complex bug types like ReDoS and OAuth, emphasizing the unpredictability that accompanies bug hunting. He also offers insights into balancing personal life with his bug bounty career, navigating financial challenges, and the importance of community support in this unique profession.

This week features Sam Curry, a renowned bug bounty hunter known for secondary context bugs, and Johan Carlson, an expert in highly CSP environments. They discuss captivating topics like Blind XSS vulnerabilities, web exploits, and debugging techniques for IoT devices. Matan Bear shares insights on client-side attacks using DevTools, while Mariah Gardner highlights the balance between bug bounty hunting and personal relationships. Together, they explore the dynamic nature of cybersecurity and the importance of continuous learning in the field.