Episode 30: Recon Legend Shubs - From Burgers to Bounties

Episode 30: In this episode of Critical Thinking - Bug Bounty Podcast, we're thrilled to be joined by renowned bug bounty hunter Shubs. We kick off with him sharing his journey from burgers to bugs, and how his friendly rivalry with a fellow hacker fueled his passion for reconnaissance, as well as his love of collaboration. We then shift gears to talk about the art of debugging, ethics and economics of bug bounty hunting, the transition to Entrepreneur, and the evolution of Assetnote from a reconnaissance tool to enterprise security software suite. This one’s a banger, and we don’t want you to miss it!Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynoraterToday’s Guest:@infosec_auIntro Shoutoutshttps://twitter.com/bebiksiorhttps://cvssadvisor.com/Assetnotehttps://www.assetnote.io/https://twitter.com/assetnoteBishop Foxhttps://bishopfox.com/Shortscanhttps://github.com/bitquark/shortscanXXE Payloadhttps://gist.github.com/Rhynorater/d0d19f757221a916a22476c3a5c6aba2Timestamps(00:00:00) Introduction(00:05:48) History as a Hacker: Recon, rivalries, and Riot Games(00:12:13) Collaboration and Community in Bug Bounty(00:18:19) The Art of Debugging(00:21:48) Assetnote News and overview(00:30:43) CVE reversing(00:32:58) Zero-day vulns(00:42:48) Bug Bounty Ethics and Economics(00:52:53) Bug Bounty and Entrepreneurship(01:03:58) Business lessons learned(01:07:48) Advice for Hunters looking to grow(01:12:38) IIS Server Techniques