Bug Bounty Reports Discussed

This video is an interview with René de Sain, known as renniepak. We talk about XSS, CSP bypasses, privilege escalation, speeding up the workflow with tricks like JS bookmarks and we discuss if there's such thing as bug bounty methodology.

This episode is the interview with Johan Carlsson, a full-time bug bounty hunter who specialises in client-side bugs and is currently the TOP1 hunter on GitLab.

Victor “doomerhunter” Poucheret, a full-time bug bounty hunter with a background in pharmacy and marketing, shares his journey into cybersecurity. He reveals his bug hunting methodology and discusses transitioning from server-side to client-side vulnerabilities, emphasizing diverse testing approaches. The conversation delves into the nuances of bug bounty programs, ethical considerations in reporting DoS vulnerabilities, and the role of AI in improving hacking workflows. Poucheret also highlights the importance of mindset and collaboration in this competitive field.

Louis Nyffenegger, founder of PentesterLab and a veteran in web security education, dives into the complexities of mastering web security. He stresses the importance of deep code reviews and offers insight into setting up Capture the Flag labs. The conversation touches on the intersection of AI and security, explaining the need for human oversight. Louis discusses common misunderstandings in web security and the vital role of thorough documentation in security write-ups. He encourages perseverance and community engagement as keys to overcoming challenges in the learning process.

Douglas Day, a former professional turned full-time bug bounty hunter, shares his journey and innovative bug hunting methodology. He discusses the financial and personal sacrifices involved in making this transition. Listeners will be intrigued by his informal note-taking strategies and the organized approach to privilege escalation testing. Douglas also emphasizes the power of collaboration in hacking, revealing how teamwork can enhance vulnerability discovery. With insights on automation and UUID vulnerabilities, his tips are invaluable for anyone in the cybersecurity space.

In this engaging discussion, Joel Margolis, a bug bounty hunter and program manager, shares his journey from programming to cybersecurity. He dives into the world of mobile app vulnerabilities, emphasizing techniques for identifying critical risks. Joel also discusses the excitement and challenges of live hacking events and the importance of effective communication in the bug bounty landscape. He highlights innovative tools for mobile testing and reflects on the essential qualities of successful bounty hunters. Tune in for insights and inspiration from the field!

Alex Chapman, a bug bounty hunter known for finding high-impact bugs, shares tips on source code review, writing bug bounty reports, finding bugs in desktop apps, and the life of a full-time bug bounty hunter. He discusses his unique hacking style, exploiting CI/CD pipelines, manual hacking approach, investigating functionality issues, bug bounty reporting strategies, exploring JavaScript quirks, and future hacking plans.

In this episode, I'm talking about my story of getting into cybersecurity - what got me interested, how I became a pentester, what motivated my to create my channel and finally, how I became a bug bounty hunter.

In this episode of the podcast, I'm interviewing Cristi Vlad about bug bounty and pentesting - the differences, ways to build your network of clients, continuous learning and more.

In this episode of the podcast, I interview Justin Gardner, the host of the Critical Thinking Bug Bounty Podcast who's been a full-time hunter for about 4 years. We talk about his methodology, tooling and many more!