Gehen Sie mit der App Player FM offline!
Episode 35: King of Collaboration: Douglas Day
Manage episode 376307156 series 3435922
Episode 35: In this episode of Critical Thinking - Bug Bounty Podcast, we're thrilled to welcome Douglas Day, a bug bounty hunter known for his unique methodologies and collaborative spirit. We talk about his approach to finding new endpoints in applications, his ingenious technique of exploiting Intercom widgets, and collaboration preferences and tips at LHEs. We also touch on the struggle of justifying hobbies that don't generate income and the importance of finding enjoyment in the process.We hope you enjoy this episode as much as we did!
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
Today’s Guest:
https://twitter.com/ArchAngelDDay
https://hackerone.com/the_arch_angel
https://bugcrowd.com/arch_angel
100 Short Bug Bounty Rules
https://twitter.com/ArchAngelDDay/status/1661924038875435008
Blog about Intercom
https://dday.us/2021/11/03/h1vendorATO.html
Blog about Mapping Hacking
http://dday.us/2021/10/09/Mapyourhacking.html
Timestamps: (00:00:00) Introduction
(00:03:01) Douglas Day’s infosec and LHE intro
(00:10:42) Evolution and philosophy of collaboration
(00:23:08) Balancing Collaboration and Money
(00:29:43) Recap of 100 Short Bug Bounty Rules
(00:37:15) Bug-hunting Methodology
(00:45:45) Using match and replace to find new endpoints in bug hunting
(00:49:07) Exploiting Intercom widgets
(00:52:35) Facing Failure and enjoying the journey
(00:57:00) Managing work-life balance
(01:05:55) Auth-Z testing and documentation
(01:12:25) Vulnerabilities in applications
(01:17:05) Mapping Hacking Sessions
94 Episoden
Manage episode 376307156 series 3435922
Episode 35: In this episode of Critical Thinking - Bug Bounty Podcast, we're thrilled to welcome Douglas Day, a bug bounty hunter known for his unique methodologies and collaborative spirit. We talk about his approach to finding new endpoints in applications, his ingenious technique of exploiting Intercom widgets, and collaboration preferences and tips at LHEs. We also touch on the struggle of justifying hobbies that don't generate income and the importance of finding enjoyment in the process.We hope you enjoy this episode as much as we did!
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
Today’s Guest:
https://twitter.com/ArchAngelDDay
https://hackerone.com/the_arch_angel
https://bugcrowd.com/arch_angel
100 Short Bug Bounty Rules
https://twitter.com/ArchAngelDDay/status/1661924038875435008
Blog about Intercom
https://dday.us/2021/11/03/h1vendorATO.html
Blog about Mapping Hacking
http://dday.us/2021/10/09/Mapyourhacking.html
Timestamps: (00:00:00) Introduction
(00:03:01) Douglas Day’s infosec and LHE intro
(00:10:42) Evolution and philosophy of collaboration
(00:23:08) Balancing Collaboration and Money
(00:29:43) Recap of 100 Short Bug Bounty Rules
(00:37:15) Bug-hunting Methodology
(00:45:45) Using match and replace to find new endpoints in bug hunting
(00:49:07) Exploiting Intercom widgets
(00:52:35) Facing Failure and enjoying the journey
(00:57:00) Managing work-life balance
(01:05:55) Auth-Z testing and documentation
(01:12:25) Vulnerabilities in applications
(01:17:05) Mapping Hacking Sessions
94 Episoden
Alle Folgen
×Willkommen auf Player FM!
Player FM scannt gerade das Web nach Podcasts mit hoher Qualität, die du genießen kannst. Es ist die beste Podcast-App und funktioniert auf Android, iPhone und im Web. Melde dich an, um Abos geräteübergreifend zu synchronisieren.