Katie Paxton-Fear: The Bug Bounty Hunter & YouTube Creator

Dr. Katie Paxton-Fear is a Cybersecurity Lecturer at Manchester Metropolitan University and Technical Community Manager at Bugcrowd, but she’s probably most well known for her hobby: In her free time, she’s a hacker and a YouTube educator. Since 2019, she has found more than 30 vulnerabilities in real software in production, when she first got into hacking “accidentally.” She got her start in security thanks to a mentorship at a HackerOne live hacking event in 2019 where she found her first two bugs in Uber, despite it being her first-time hacking. After being invited as a mentee again in Vegas during DEFCON, she realized the privilege she had and once she got home, she started making videos teaching others how to get into hacking. Since then, she has made more than 50 educational videos on a range of topics, explaining beginner vulnerabilities, tools, APIs, note-taking, and mobile hacking. She is interested in the intersection of data and web application vulnerabilities and developing understanding from noise. In this interview, we will dive into: Katie's journey and experience of being a bug bounty hunter How OSINT plays a role in Kaite's projects Katie's aspiration of teaching and creating educational content Three of the most important things that helped Katie become who she is 0:00 Welcome! 2:03 Tell us about yourself! 4:33 How did you feel when you found your first bug bounty? 8:02 Is OSINT revelant to your work? 10:54 How should a person choose their targets? 13:46 How do you establish and maintain your motivation? 18:24 Could you tell us a bit about your recent projects? 21:31 What motivated you to start creating and sharing content on YouTube? 30:07 What learning resources would you recommend for anyone interested in OSINT or bug bounty? 36:19 What are your plans for the future? 39:44 What are the 3 most important things that helped you along the way and that you would share with fellow practitioners? ■ About The Pivot Brought to you by Maltego, The Pivot deep dives into topics pivoting from information security to the criminal underground. Each episode features interviews with experts from the industry and research fields and explores how they connect the dots. ■ About Maltego Used by investigators worldwide, Maltego is a graphical link analysis tool that allows users to mine, merge, and map data from OSINT and third-party data integrations for all sorts of investigations—cybersecurity, person of interest, fraud, and more. The podcast streams free on Spotify. You can also watch it all go down on YouTube. Don't forget to subscribe to our Twitter and LinkedIn to stay on top of our latest updates, tutorials, webinars, and deep dives. For more information about Maltego, visit our website.