Critical Thinking – Bug Bounty Podcast
Episode 36: In this episode of Critical Thinking - Bug Bounty Podcast, Justin and Joel take a break from LHE prep to answer questions about the ethics of bug bounty and share their recent bug finds. We talk Iframes, mobile intercept proxies, open redirects, and that time Justin got shot at…
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
Timeshifter:
Tweet about Google Open Redirect
https://twitter.com/Rhynorater/status/1697357773690818844
Tweet about XSS Exploitation
https://twitter.com/Rhynorater/status/1698059391700701424
Request Minimizer
https://portswigger.net/bappstore/cc16f37549ff416b990d4312490f5fd1
Timestamps:
(00:00:00) Introduction
(00:02:45) Hacker One LHE Preview
(00:05:40) Is Bug Bounty Inherently Ethical
(00:19:25) Ethics of Going out of scope
(00:27:56) Justin’s story of getting shot at
(00:30:22) Setting up a mobile intercept proxy
(00:33:40) How to approach a new target
(00:40:30) Google Open Redirect
(00:43:35) Recent XSS Exploitation
(00:46:28) ATO Trick
(00:50:25) Joel’s Bug Report
(00:55:40) Justin’s Bug Report