<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:itunes="http://www.itunes.com/dtds/podcast-1.0.dtd" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:podcast="https://podcastindex.org/namespace/1.0" xmlns:media="http://search.yahoo.com/mrss/" version="2.0"><channel><title>Bug Bounty Reports Discussed</title><link>https://www.spreaker.com/podcast/bug-bounty-reports-discussed--5073781</link><description><![CDATA[From Bug Bounty Reports Discussed podcast you can learn from the best bug bounty hunters in the world. I ask them about their methodologies, tools they use, the advice they give to beginners and many more... Subscribe to never miss an episode!]]></description><atom:link href="https://www.spreaker.com/show/5073781/episodes/feed" rel="self" type="application/rss+xml"/><language>en</language><category>Technology</category><copyright>Copyright Grzegorz Niedziela</copyright><image><url>https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/68348cf83d2c163f176e5d5c33503fb5.jpg</url><title>Bug Bounty Reports Discussed</title><link>https://www.spreaker.com/podcast/bug-bounty-reports-discussed--5073781</link></image><lastBuildDate>Tue, 10 Jun 2025 14:32:41 +0000</lastBuildDate><itunes:author>Grzegorz Niedziela</itunes:author><itunes:owner><itunes:name>Grzegorz Niedziela</itunes:name><itunes:email>greg@bugbountyexplained.com</itunes:email></itunes:owner><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/68348cf83d2c163f176e5d5c33503fb5.jpg"/><itunes:subtitle>From Bug Bounty Reports Discussed podcast you can learn from the best bug bounty hunters in the world. I ask them about their methodologies, tools they use, the advice they give to beginners and many more... Subscribe to never miss an episode!</itunes:subtitle><itunes:summary><![CDATA[From Bug Bounty Reports Discussed podcast you can learn from the best bug bounty hunters in the world. I ask them about their methodologies, tools they use, the advice they give to beginners and many more... Subscribe to never miss an episode!]]></itunes:summary><itunes:category text="Technology"/><itunes:explicit>false</itunes:explicit><itunes:type>episodic</itunes:type><item><title>Bug bounty tools that actually land bugs with Arthur Aires</title><link>https://www.spreaker.com/episode/bug-bounty-tools-that-actually-land-bugs-with-arthur-aires--66494195</link><description><![CDATA[In this podcast, my guest is Arthur Aires, part-time bug bounty hunter and cybersecurity pro from Brazil. He has an amazing approach that combines manual hacking with using a lot of tools for recon and fuzzing.<br /><br />Some links mentioned in the video: https://github.com/pwntester/SerialKillerBypassGadgetCollection https://book.hacktricks.wiki/en/index.html https://portswigger.net/bappstore/e4e0f6c4f0274754917dcb5f4937bb9e https://portswigger.net/bappstore/594a49bb233748f2bc80a9eb18a2e08f https://portswigger.net/bappstore/0e61c786db0c4ac787a08c4516d52ccf https://github.com/PortSwigger/403-bypasser https://github.com/projectdiscovery/nuclei https://github.com/SeifElsallamy/Blind-XSS-Manager/tree/main https://github.com/trufflesecurity/xsshunter https://infosecwriteups.com/easy-xsshunter-discord-alerts-33fcff24a8f7 https://github.com/elkokc/reflector https://portswigger.net/burp/documentation/desktop/tools/dom-invader https://urlscan.io/<br /><br />Timestamps:<br />00:00 Intro<br />01:30 Balancing part-time bug bounty with full-time job<br />02:56 Mixing manual bug bounty hunting with automation<br />22:04 The most useful Burp extensions<br />33:25 Fuzzing in bug bounty<br />46:34 Live Hacking Events]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/66494195</guid><pubDate>Tue, 10 Jun 2025 14:30:00 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/66494195/bbre_24_mp3.mp3" length="79606080" type="audio/mpeg"/><podcast:transcript url="http://www.bugbountyexplained.com/wp-content/uploads/2025/06/BBRE-24_mp3.srt" type="application/x-subrip" language="en"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>In this podcast, my guest is Arthur Aires, part-time bug bounty hunter and cybersecurity pro from Brazil. He has an amazing approach that combines manual hacking with using a lot of tools for recon and fuzzing.

Some links mentioned in the video:...</itunes:subtitle><itunes:summary><![CDATA[In this podcast, my guest is Arthur Aires, part-time bug bounty hunter and cybersecurity pro from Brazil. He has an amazing approach that combines manual hacking with using a lot of tools for recon and fuzzing.<br /><br />Some links mentioned in the video: https://github.com/pwntester/SerialKillerBypassGadgetCollection https://book.hacktricks.wiki/en/index.html https://portswigger.net/bappstore/e4e0f6c4f0274754917dcb5f4937bb9e https://portswigger.net/bappstore/594a49bb233748f2bc80a9eb18a2e08f https://portswigger.net/bappstore/0e61c786db0c4ac787a08c4516d52ccf https://github.com/PortSwigger/403-bypasser https://github.com/projectdiscovery/nuclei https://github.com/SeifElsallamy/Blind-XSS-Manager/tree/main https://github.com/trufflesecurity/xsshunter https://infosecwriteups.com/easy-xsshunter-discord-alerts-33fcff24a8f7 https://github.com/elkokc/reflector https://portswigger.net/burp/documentation/desktop/tools/dom-invader https://urlscan.io/<br /><br />Timestamps:<br />00:00 Intro<br />01:30 Balancing part-time bug bounty with full-time job<br />02:56 Mixing manual bug bounty hunting with automation<br />22:04 The most useful Burp extensions<br />33:25 Fuzzing in bug bounty<br />46:34 Live Hacking Events]]></itunes:summary><itunes:duration>3317</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/6aca86743a7c7ecefc79f2fe3d303eb4.jpg"/><itunes:season>1</itunes:season><itunes:episode>22</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>The mindset for finding highs and crits in bug bounty with JR0ch17</title><link>https://www.spreaker.com/episode/the-mindset-for-finding-highs-and-crits-in-bug-bounty-with-jr0ch17--66085130</link><description><![CDATA[Interview with Jasmin “JR0ch17” Landry, a former triager and security manager, now a full-time bug bounty hunter. We discuss bug bounty strategy, mindset, and finding high and critical vulnerabilities.]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/66085130</guid><pubDate>Wed, 14 May 2025 13:57:13 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/66085130/bbre_23_audio.mp3" length="104271552" type="audio/mpeg"/><podcast:transcript url="http://www.bugbountyexplained.com/wp-content/uploads/2025/05/BBRE-23.srt" type="application/x-subrip" language="en"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>Interview with Jasmin “JR0ch17” Landry, a former triager and security manager, now a full-time bug bounty hunter. We discuss bug bounty strategy, mindset, and finding high and critical vulnerabilities.</itunes:subtitle><itunes:summary><![CDATA[Interview with Jasmin “JR0ch17” Landry, a former triager and security manager, now a full-time bug bounty hunter. We discuss bug bounty strategy, mindset, and finding high and critical vulnerabilities.]]></itunes:summary><itunes:duration>4345</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/8bbcc1ffe4000fafcab55a653d88afe6.jpg"/><itunes:season>1</itunes:season><itunes:episode>21</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>How to become an XSS expert with renniepak</title><link>https://www.spreaker.com/episode/how-to-become-an-xss-expert-with-renniepak--64837443</link><description><![CDATA[This video is an interview with René de Sain, known as renniepak. We talk about XSS, CSP bypasses, privilege escalation, speeding up the workflow with tricks like JS bookmarks and we discuss if there's such thing as bug bounty methodology.]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/64837443</guid><pubDate>Wed, 12 Mar 2025 13:24:05 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/64837443/bbre_renniepak_audio.mp3" length="77549760" type="audio/mpeg"/><podcast:transcript url="http://www.bugbountyexplained.com/wp-content/uploads/2025/03/BBRE-22_renniepak_video.srt" type="application/x-subrip" language="en"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>This video is an interview with René de Sain, known as renniepak. We talk about XSS, CSP bypasses, privilege escalation, speeding up the workflow with tricks like JS bookmarks and we discuss if there's such thing as bug bounty methodology.</itunes:subtitle><itunes:summary><![CDATA[This video is an interview with René de Sain, known as renniepak. We talk about XSS, CSP bypasses, privilege escalation, speeding up the workflow with tricks like JS bookmarks and we discuss if there's such thing as bug bounty methodology.]]></itunes:summary><itunes:duration>3232</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/7ac2d6cd4ab27adc0b200c4beb3f508d.jpg"/><itunes:season>1</itunes:season><itunes:episode>20</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>From 0 to a top bug bounty hunter - Johan Carlsson's journey to GitLab TOP1 on Hackerone</title><link>https://www.spreaker.com/episode/from-0-to-a-top-bug-bounty-hunter-johan-carlsson-s-journey-to-gitlab-top1-on-hackerone--63782504</link><description><![CDATA[This episode is the interview with Johan Carlsson, a full-time bug bounty hunter who specialises in client-side bugs and is currently the TOP1 hunter on GitLab.]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/63782504</guid><pubDate>Tue, 21 Jan 2025 14:08:13 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/63782504/bbre_19_audio.mp3" length="113287104" type="audio/mpeg"/><podcast:transcript url="http://www.bugbountyexplained.com/wp-content/uploads/2025/01/BBRE-19-audio.srt" type="application/x-subrip" language="en"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>This episode is the interview with Johan Carlsson, a full-time bug bounty hunter who specialises in client-side bugs and is currently the TOP1 hunter on GitLab.</itunes:subtitle><itunes:summary><![CDATA[This episode is the interview with Johan Carlsson, a full-time bug bounty hunter who specialises in client-side bugs and is currently the TOP1 hunter on GitLab.]]></itunes:summary><itunes:duration>4721</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/f4bdc69e1829226239b8398c8a1a70f3.jpg"/><itunes:season>1</itunes:season><itunes:episode>19</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>Finding criticals on well-tested targets - Victor “doomerhunter” Poucheret</title><link>https://www.spreaker.com/episode/finding-criticals-on-well-tested-targets-victor-doomerhunter-poucheret--63446798</link><description><![CDATA[This video is my interview with a full-time bug bounty hunter that had a great success at recent Live Hacking Events - Victor “doomerhunter” Poucheret. We're talking about his bug bounty methodology, choosing a bug bounty program, tools and much more.]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/63446798</guid><pubDate>Mon, 23 Dec 2024 12:12:58 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/63446798/bbre_17_audio.mp3" length="130318272" type="audio/mpeg"/><podcast:transcript url="http://www.bugbountyexplained.com/wp-content/uploads/2024/12/BBRE-17-audio.srt" type="application/x-subrip" language="en"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>This video is my interview with a full-time bug bounty hunter that had a great success at recent Live Hacking Events - Victor “doomerhunter” Poucheret. We're talking about his bug bounty methodology, choosing a bug bounty program, tools and much more.</itunes:subtitle><itunes:summary><![CDATA[This video is my interview with a full-time bug bounty hunter that had a great success at recent Live Hacking Events - Victor “doomerhunter” Poucheret. We're talking about his bug bounty methodology, choosing a bug bounty program, tools and much more.]]></itunes:summary><itunes:duration>5430</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/ea20a1bc7e73c73030d211d31b9793f5.jpg"/><itunes:season>1</itunes:season><itunes:episode>18</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>How not to get stuck when learning web security? Louis Nyffenegger from PentesterLab</title><link>https://www.spreaker.com/episode/how-not-to-get-stuck-when-learning-web-security-louis-nyffenegger-from-pentesterlab--62639537</link><description><![CDATA[In this interview, I'm talking with Louis Nyffenegger who's been teaching people websecurity since 13 years by creating Pentesterlab - web security learning platform, as well as by giving multiple talks and guiding people through their careers.]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/62639537</guid><pubDate>Wed, 06 Nov 2024 13:20:29 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/62639537/bbre_17.mp3" length="79580610" type="audio/mpeg"/><podcast:transcript url="http://www.bugbountyexplained.com/wp-content/uploads/2024/11/subs.srt" type="application/x-subrip" language="en"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>In this interview, I'm talking with Louis Nyffenegger who's been teaching people websecurity since 13 years by creating Pentesterlab - web security learning platform, as well as by giving multiple talks and guiding people through their careers.</itunes:subtitle><itunes:summary><![CDATA[In this interview, I'm talking with Louis Nyffenegger who's been teaching people websecurity since 13 years by creating Pentesterlab - web security learning platform, as well as by giving multiple talks and guiding people through their careers.]]></itunes:summary><itunes:duration>3316</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/c8bbc98b87036cf27efc8f906cc988b9.jpg"/><itunes:season>1</itunes:season><itunes:episode>17</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>Going full-time bug bounty, privilege escalation bugs and more with Douglas Day</title><link>https://www.spreaker.com/episode/going-full-time-bug-bounty-privilege-escalation-bugs-and-more-with-douglas-day--61037958</link><description><![CDATA[📧 Subscribe to BBRE Premium: https://bbre.dev/premium<br />✉️ Sign up for the mailing list: https://bbre.dev/nl<br />📣 Follow me on Twitter: https://bbre.dev/tw<br />📣 Follow Douglas on Twitter: https://twitter.com/ArchAngelDDay<br />In this interview, we're talking with Douglas Day about his bug hunting methodlogy, about quitting his job to become a full-time bug bounty hunter and many more.<br />BBRD podcast is also available on most popular podcast platforms:<br />https://open.spotify.com/show/6tLoJ5foOoZPPELwrHPBO4 <br />https://podcasts.google.com/feed/aHR0cHM6Ly93d3cuc3ByZWFrZXIuY29tL3Nob3cvNTA3Mzc4MS9lcGlzb2Rlcy9mZWVk <br />https://podcasts.apple.com/us/podcast/bug-bounty-reports-discussed/id1583400215?uo=4<br /><br />Timestamps:<br />00:00 Intro<br />0:29 Going full-time bug bounty<br />9:12 Douglas' bug bounty methodology<br />28:13 Bug Bounty tools you need<br />43:04 The benefits of collaboration in bug bounty<br />54:23 How to deal with having a similar bug on many endpoints?<br />1:11:37 How to select a bug bounty program?]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/61037958</guid><pubDate>Thu, 15 Aug 2024 13:26:39 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/61037958/bbre_16.mp3" length="131405877" type="audio/mpeg"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>📧 Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on Twitter: https://bbre.dev/tw
📣 Follow Douglas on Twitter: https://twitter.com/ArchAngelDDay
In this interview, we're talking with...</itunes:subtitle><itunes:summary><![CDATA[📧 Subscribe to BBRE Premium: https://bbre.dev/premium<br />✉️ Sign up for the mailing list: https://bbre.dev/nl<br />📣 Follow me on Twitter: https://bbre.dev/tw<br />📣 Follow Douglas on Twitter: https://twitter.com/ArchAngelDDay<br />In this interview, we're talking with Douglas Day about his bug hunting methodlogy, about quitting his job to become a full-time bug bounty hunter and many more.<br />BBRD podcast is also available on most popular podcast platforms:<br />https://open.spotify.com/show/6tLoJ5foOoZPPELwrHPBO4 <br />https://podcasts.google.com/feed/aHR0cHM6Ly93d3cuc3ByZWFrZXIuY29tL3Nob3cvNTA3Mzc4MS9lcGlzb2Rlcy9mZWVk <br />https://podcasts.apple.com/us/podcast/bug-bounty-reports-discussed/id1583400215?uo=4<br /><br />Timestamps:<br />00:00 Intro<br />0:29 Going full-time bug bounty<br />9:12 Douglas' bug bounty methodology<br />28:13 Bug Bounty tools you need<br />43:04 The benefits of collaboration in bug bounty<br />54:23 How to deal with having a similar bug on many endpoints?<br />1:11:37 How to select a bug bounty program?]]></itunes:summary><itunes:duration>5476</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/45b434a9c7d3639ff344467db06e488f.jpg"/><itunes:season>1</itunes:season><itunes:episode>16</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>Finding criticals in mobile apps - Joel Margolis (0xteknogeek) from the Critical Thinking Bug Bounty podcast</title><link>https://www.spreaker.com/episode/finding-criticals-in-mobile-apps-joel-margolis-0xteknogeek-from-the-critical-thinking-bug-bounty-podcast--60787946</link><description><![CDATA[📧 Subscribe to BBRE Premium: https://bbre.dev/premium<br />✉️ Sign up for the mailing list: https://bbre.dev/nl<br />📣 Follow me on Twitter: https://bbre.dev/tw<br />📣 Follow Joel on Twitter: https://x.com/0xteknogeek<br />In this interview, we're talking with Joel about bug bounty hunting on mobile apps, about being a program manager, about Live Hacking Events and more.<br /><br />BBRD podcast is also available on most popular podcast platforms:<br />https://open.spotify.com/show/6tLoJ5foOoZPPELwrHPBO4 <br />https://podcasts.google.com/feed/aHR0cHM6Ly93d3cuc3ByZWFrZXIuY29tL3Nob3cvNTA3Mzc4MS9lcGlzb2Rlcy9mZWVk <br />https://podcasts.apple.com/us/podcast/bug-bounty-reports-discussed/id1583400215?uo=4<br /><br />Links mentioned during the interview:<br />https://www.timeshifter.com<br />https://codeshare.frida.re/@teknogeek/android-universal-ssl-unpin/<br />https://gitlab.com/newbit/rootAVD<br />https://github.com/Ch0pin/medusa<br />https://github.com/teknogeek/get_schemas<br />Timestamps:<br />00:00 Intro<br />00:22 Getting into bug bounty<br />11:04 Live Hacking Events<br />24:58 Mobile bug bounty<br />48:34 Lessons from being a bug bounty program manager<br />1:03:54 The plans for the Critical Thinking Bug Bounty podcast<br />]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/60787946</guid><pubDate>Wed, 24 Jul 2024 13:19:08 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/60787946/bbre_15_teknogeek.mp3" length="99164297" type="audio/mpeg"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>📧 Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on Twitter: https://bbre.dev/tw
📣 Follow Joel on Twitter: https://x.com/0xteknogeek
In this interview, we're talking with Joel about...</itunes:subtitle><itunes:summary><![CDATA[📧 Subscribe to BBRE Premium: https://bbre.dev/premium<br />✉️ Sign up for the mailing list: https://bbre.dev/nl<br />📣 Follow me on Twitter: https://bbre.dev/tw<br />📣 Follow Joel on Twitter: https://x.com/0xteknogeek<br />In this interview, we're talking with Joel about bug bounty hunting on mobile apps, about being a program manager, about Live Hacking Events and more.<br /><br />BBRD podcast is also available on most popular podcast platforms:<br />https://open.spotify.com/show/6tLoJ5foOoZPPELwrHPBO4 <br />https://podcasts.google.com/feed/aHR0cHM6Ly93d3cuc3ByZWFrZXIuY29tL3Nob3cvNTA3Mzc4MS9lcGlzb2Rlcy9mZWVk <br />https://podcasts.apple.com/us/podcast/bug-bounty-reports-discussed/id1583400215?uo=4<br /><br />Links mentioned during the interview:<br />https://www.timeshifter.com<br />https://codeshare.frida.re/@teknogeek/android-universal-ssl-unpin/<br />https://gitlab.com/newbit/rootAVD<br />https://github.com/Ch0pin/medusa<br />https://github.com/teknogeek/get_schemas<br />Timestamps:<br />00:00 Intro<br />00:22 Getting into bug bounty<br />11:04 Live Hacking Events<br />24:58 Mobile bug bounty<br />48:34 Lessons from being a bug bounty program manager<br />1:03:54 The plans for the Critical Thinking Bug Bounty podcast<br />]]></itunes:summary><itunes:duration>4132</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/ec2a2e269d53d213a70d1bde309aca0e.jpg"/><itunes:season>1</itunes:season><itunes:episode>15</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>The secret to finding many Criticals - Alex Chapman</title><link>https://www.spreaker.com/episode/the-secret-to-finding-many-criticals-alex-chapman--60502262</link><description><![CDATA[📧 Subscribe to BBRE Premium: https://bbre.dev/premium<br />✉️ Sign up for the mailing list: https://bbre.dev/nl<br />📣 Follow me on Twitter: https://bbre.dev/tw<br />📣 Follow Alex on Twitter: https://x.com/ajxchapman<br />In this episode I'm interviewing Alex Chapman - a full-time bug bounty hunter known for finding many high-impact bugs and very little medium and low-impact ones.<br /><br />BBRD podcast is also available on most popular podcast platforms:<br />https://open.spotify.com/show/6tLoJ5foOoZPPELwrHPBO4 <br />https://podcasts.google.com/feed/aHR0cHM6Ly93d3cuc3ByZWFrZXIuY29tL3Nob3cvNTA3Mzc4MS9lcGlzb2Rlcy9mZWVk <br />https://podcasts.apple.com/us/podcast/bug-bounty-reports-discussed/id1583400215?uo=4<br /><br />Timestamps:<br />00:00 Intro<br />0:22 How did Alex start with cybersecurity and bug bounty?<br />3:05 Alex' uique hacking style<br />19:18 Source code review tips<br />28:37 How to write a good bug bounty report?<br />45:52 Finding bugs in desktop applications<br />52:15 LHEs<br />1:00:57 Live of a full-time bug bounty hunter<br />]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/60502262</guid><pubDate>Tue, 25 Jun 2024 12:25:36 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/60502262/bbre_14_audio.mp3" length="110912588" type="audio/mpeg"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>📧 Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on Twitter: https://bbre.dev/tw
📣 Follow Alex on Twitter: https://x.com/ajxchapman
In this episode I'm interviewing Alex Chapman - a...</itunes:subtitle><itunes:summary><![CDATA[📧 Subscribe to BBRE Premium: https://bbre.dev/premium<br />✉️ Sign up for the mailing list: https://bbre.dev/nl<br />📣 Follow me on Twitter: https://bbre.dev/tw<br />📣 Follow Alex on Twitter: https://x.com/ajxchapman<br />In this episode I'm interviewing Alex Chapman - a full-time bug bounty hunter known for finding many high-impact bugs and very little medium and low-impact ones.<br /><br />BBRD podcast is also available on most popular podcast platforms:<br />https://open.spotify.com/show/6tLoJ5foOoZPPELwrHPBO4 <br />https://podcasts.google.com/feed/aHR0cHM6Ly93d3cuc3ByZWFrZXIuY29tL3Nob3cvNTA3Mzc4MS9lcGlzb2Rlcy9mZWVk <br />https://podcasts.apple.com/us/podcast/bug-bounty-reports-discussed/id1583400215?uo=4<br /><br />Timestamps:<br />00:00 Intro<br />0:22 How did Alex start with cybersecurity and bug bounty?<br />3:05 Alex' uique hacking style<br />19:18 Source code review tips<br />28:37 How to write a good bug bounty report?<br />45:52 Finding bugs in desktop applications<br />52:15 LHEs<br />1:00:57 Live of a full-time bug bounty hunter<br />]]></itunes:summary><itunes:duration>4593</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/64fdce9dfbe7f5de0ca58909d49d9845.jpg"/><itunes:season>1</itunes:season><itunes:episode>14</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>How I got into cybersecurity and bug bounty?</title><link>https://www.spreaker.com/episode/how-i-got-into-cybersecurity-and-bug-bounty--58674083</link><description><![CDATA[In this episode, I'm talking about my story of getting into cybersecurity - what got me interested, how I became a pentester, what motivated my to create my channel and finally, how I became a bug bounty hunter.]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/58674083</guid><pubDate>Tue, 13 Feb 2024 15:02:50 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/58674083/bbre_7.mp3" length="55391263" type="audio/mpeg"/><podcast:transcript url="https://bbre.s3.eu-central-1.amazonaws.com/subs.srt" type="application/x-subrip" language="en"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>In this episode, I'm talking about my story of getting into cybersecurity - what got me interested, how I became a pentester, what motivated my to create my channel and finally, how I became a bug bounty hunter.</itunes:subtitle><itunes:summary><![CDATA[In this episode, I'm talking about my story of getting into cybersecurity - what got me interested, how I became a pentester, what motivated my to create my channel and finally, how I became a bug bounty hunter.]]></itunes:summary><itunes:duration>2288</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/c988efc19aff13dec02c564309d828d2.jpg"/><itunes:season>1</itunes:season><itunes:episode>13</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>Find more clients and improve in pentesting - Cristi Vlad</title><link>https://www.spreaker.com/episode/find-more-clients-and-improve-in-pentesting-cristi-vlad--58240841</link><description><![CDATA[In this episode of the podcast, I'm interviewing Cristi Vlad about bug bounty and pentesting - the differences, ways to build your network of clients, continuous learning and more.]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/58240841</guid><pubDate>Tue, 09 Jan 2024 15:14:22 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/58240841/bbre_6_audio.mp3" length="104663844" type="audio/mpeg"/><podcast:transcript url="http://www.bugbountyexplained.com/wp-content/uploads/2024/01/subs.srt" type="application/x-subrip" language="en"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>In this episode of the podcast, I'm interviewing Cristi Vlad about bug bounty and pentesting - the differences, ways to build your network of clients, continuous learning and more.</itunes:subtitle><itunes:summary><![CDATA[In this episode of the podcast, I'm interviewing Cristi Vlad about bug bounty and pentesting - the differences, ways to build your network of clients, continuous learning and more.]]></itunes:summary><itunes:duration>4338</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/0f076fab04eff418d979ed38a7e719ea.jpg"/><itunes:season>1</itunes:season><itunes:episode>12</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>All you need to know about being a full-time bug bounty hunter - Justin “rhynorater” Gardner</title><link>https://www.spreaker.com/episode/all-you-need-to-know-about-being-a-full-time-bug-bounty-hunter-justin-rhynorater-gardner--57747839</link><description><![CDATA[In this episode of the podcast, I interview Justin Gardner, the host of the Critical Thinking Bug Bounty Podcast who's been a full-time hunter for about 4 years. We talk about his methodology, tooling and many more!]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/57747839</guid><pubDate>Tue, 21 Nov 2023 13:05:23 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/57747839/odc_5_bbre.mp3" length="117831335" type="audio/mpeg"/><podcast:transcript url="http://www.bugbountyexplained.com/wp-content/uploads/2023/11/transcript.txt" type="text/plain" language="en"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>In this episode of the podcast, I interview Justin Gardner, the host of the Critical Thinking Bug Bounty Podcast who's been a full-time hunter for about 4 years. We talk about his methodology, tooling and many more!</itunes:subtitle><itunes:summary><![CDATA[In this episode of the podcast, I interview Justin Gardner, the host of the Critical Thinking Bug Bounty Podcast who's been a full-time hunter for about 4 years. We talk about his methodology, tooling and many more!]]></itunes:summary><itunes:duration>4892</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/aae1b1c8003ae5ab2905940be4026517.jpg"/><itunes:season>1</itunes:season><itunes:episode>11</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>AI and hacking - opportunities and threats - Joseph “rez0” Thacker</title><link>https://www.spreaker.com/episode/ai-and-hacking-opportunities-and-threats-joseph-rez0-thacker--57321996</link><description><![CDATA[📧 Subscribe to BBRE Premium: https://bbre.dev/premium<br />📖 Check out AppSecEngineer, the sponsor of today's video: https://www.appsecengineer.com<br />📣 Follow GUEST on Twitter: https://twitter.com/@rez0<br />✉️ Sign up for the mailing list: https://bbre.dev/nl<br />📣 Follow me on Twitter: https://bbre.dev/tw<br />In this interview we are discussing with rez0 a range of topics around AI - the new vulnerability opportunities it created, how can I help us in hacking and if it will replace us in the future.<br />Resources and people mentioned in the podcast:<br />https://olickel.com/everything-i-know-about-prompting-llms<br />https://www.anthropic.com/index/prompting-long-context<br />https://simonwillison.net<br />https://llm-attacks.org/zou2023universal.pdf<br />http://llm-attacks.org<br />BBRD podcast is also available on most popular podcast platforms:<br />https://open.spotify.com/show/6tLoJ5foOoZPPELwrHPBO4 <br />https://podcasts.google.com/feed/aHR0cHM6Ly93d3cuc3ByZWFrZXIuY29tL3Nob3cvNTA3Mzc4MS9lcGlzb2Rlcy9mZWVk <br />https://podcasts.apple.com/us/podcast/bug-bounty-reports-discussed/id1583400215?uo=4<br /><br />Timestamps:<br />00:00 Intro<br />00:32 Check out AppSecEngineer, the sponsor of this podcast<br />01:36 rez0's regular bug bounty hacking style<br />22:39 AI and hacking]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/57321996</guid><pubDate>Fri, 20 Oct 2023 15:39:42 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/57321996/full_podcast.mp3" length="167467776" type="audio/mpeg"/><podcast:transcript url="http://www.bugbountyexplained.com/wp-content/uploads/2023/10/transcript.txt" type="text/plain" language="en"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>📧 Subscribe to BBRE Premium: https://bbre.dev/premium
📖 Check out AppSecEngineer, the sponsor of today's video: https://www.appsecengineer.com
📣 Follow GUEST on Twitter: https://twitter.com/@rez0
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣...</itunes:subtitle><itunes:summary><![CDATA[📧 Subscribe to BBRE Premium: https://bbre.dev/premium<br />📖 Check out AppSecEngineer, the sponsor of today's video: https://www.appsecengineer.com<br />📣 Follow GUEST on Twitter: https://twitter.com/@rez0<br />✉️ Sign up for the mailing list: https://bbre.dev/nl<br />📣 Follow me on Twitter: https://bbre.dev/tw<br />In this interview we are discussing with rez0 a range of topics around AI - the new vulnerability opportunities it created, how can I help us in hacking and if it will replace us in the future.<br />Resources and people mentioned in the podcast:<br />https://olickel.com/everything-i-know-about-prompting-llms<br />https://www.anthropic.com/index/prompting-long-context<br />https://simonwillison.net<br />https://llm-attacks.org/zou2023universal.pdf<br />http://llm-attacks.org<br />BBRD podcast is also available on most popular podcast platforms:<br />https://open.spotify.com/show/6tLoJ5foOoZPPELwrHPBO4 <br />https://podcasts.google.com/feed/aHR0cHM6Ly93d3cuc3ByZWFrZXIuY29tL3Nob3cvNTA3Mzc4MS9lcGlzb2Rlcy9mZWVk <br />https://podcasts.apple.com/us/podcast/bug-bounty-reports-discussed/id1583400215?uo=4<br /><br />Timestamps:<br />00:00 Intro<br />00:32 Check out AppSecEngineer, the sponsor of this podcast<br />01:36 rez0's regular bug bounty hacking style<br />22:39 AI and hacking]]></itunes:summary><itunes:duration>5234</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/16fd74e0758535c7903be81eb6443ade.jpg"/><itunes:season>1</itunes:season><itunes:episode>10</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>From reporting self-XSSes to improving browser security mechanisms - Michał Bentkowski</title><link>https://www.spreaker.com/episode/from-reporting-self-xsses-to-improving-browser-security-mechanisms-michal-bentkowski--56712917</link><description><![CDATA[In this episode, I interview Michał Bentkowski who specializes in crazy XSS bugs and now works on improving security of the browsers at Google.]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/56712917</guid><pubDate>Wed, 06 Sep 2023 14:38:36 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/56712917/full_podcast.mp3" length="173700864" type="audio/mpeg"/><podcast:transcript url="http://www.bugbountyexplained.com/wp-content/uploads/2023/09/transcript.txt" type="text/plain" language="en"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>In this episode, I interview Michał Bentkowski who specializes in crazy XSS bugs and now works on improving security of the browsers at Google.</itunes:subtitle><itunes:summary><![CDATA[In this episode, I interview Michał Bentkowski who specializes in crazy XSS bugs and now works on improving security of the browsers at Google.]]></itunes:summary><itunes:duration>5429</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/b55c4b7aac2d24ca1e5abeea273d2e2e.jpg"/><itunes:season>1</itunes:season><itunes:episode>9</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>The key to succeed in bug bounty - NahamSec</title><link>https://www.spreaker.com/episode/the-key-to-succeed-in-bug-bounty-nahamsec--56228300</link><description><![CDATA[In this episode with @NahamSec we are talking about bug bounty. Ben has a unique insight into mistakes beginners make since he's the biggest content creator in the bug bounty space and gets asked a lot of questions. We are talking about his methodology, the role of recon and much more.]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/56228300</guid><pubDate>Wed, 26 Jul 2023 12:40:22 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/56228300/audio.mp3" length="67528455" type="audio/mpeg"/><podcast:transcript url="http://www.bugbountyexplained.com/wp-content/uploads/2023/07/transcript.txt" type="text/plain" language="en"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>In this episode with @NahamSec we are talking about bug bounty. Ben has a unique insight into mistakes beginners make since he's the biggest content creator in the bug bounty space and gets asked a lot of questions. We are talking about his...</itunes:subtitle><itunes:summary><![CDATA[In this episode with @NahamSec we are talking about bug bounty. Ben has a unique insight into mistakes beginners make since he's the biggest content creator in the bug bounty space and gets asked a lot of questions. We are talking about his methodology, the role of recon and much more.]]></itunes:summary><itunes:duration>4221</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/7dd912d5b1fa6c4f414ca1d1b9713eb3.jpg"/><itunes:season>1</itunes:season><itunes:episode>8</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>Road to Most Valuable Hacker and working while travelling the world - Yassine Aboukir</title><link>https://www.spreaker.com/episode/road-to-most-valuable-hacker-and-working-while-travelling-the-world-yassine-aboukir--54523655</link><description><![CDATA[In this podcast, I interview Yassine Aboukir - the winner of Most Valuable Hacker award at H1-303 Live hacking event. We talk about his bug bounty methodology, bounty vs pentesting as well as travelling, digital nomad lifestyle and doing sports.]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/54523655</guid><pubDate>Tue, 27 Jun 2023 06:40:09 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/54523655/audio.mp3" length="65108889" type="audio/mpeg"/><podcast:transcript url="http://www.bugbountyexplained.com/wp-content/uploads/2023/06/transcript.txt" type="text/plain" language="en"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>In this podcast, I interview Yassine Aboukir - the winner of Most Valuable Hacker award at H1-303 Live hacking event. We talk about his bug bounty methodology, bounty vs pentesting as well as travelling, digital nomad lifestyle and doing sports.</itunes:subtitle><itunes:summary><![CDATA[In this podcast, I interview Yassine Aboukir - the winner of Most Valuable Hacker award at H1-303 Live hacking event. We talk about his bug bounty methodology, bounty vs pentesting as well as travelling, digital nomad lifestyle and doing sports.]]></itunes:summary><itunes:duration>4070</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/84cccf0aef2a3f46573fec177016ea5f.jpg"/><itunes:season>1</itunes:season><itunes:episode>7</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>Security source code review expert - Shubham Shah</title><link>https://www.spreaker.com/episode/security-source-code-review-expert-shubham-shah--54030613</link><description><![CDATA[In this podcast episode, I interview Shubham Shah - one of my biggest authorities in bug bounty space and expert in source code review who regularly finds 0days.<br /><br />📧 Subscribe to BBRE Premium: https://bbre.dev/premium <br />✉️ Sign up for the mailing list: https://bbre.dev/nl<br />📣Follow me on Twitter: https://bbre.dev/tw<br />📣 Follow Shubs on Twitter: http://twitter.com/infosec_au/<br /><br /><br />Timestamps:<br />00:00 Intro<br />00:18 Shubs' background<br />13:04 Choosing good targets for finding 0days<br />20:41 How to audit the source code?<br />33:34 Who should consider a career as a full-time bug bounty hunter?<br />38:04 Sharing knowledge and disclosing 0days<br />45:54 What skills does Shubs pay attention to when recruiting security researchers?<br />48:48 AI in security research]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/54030613</guid><pubDate>Mon, 29 May 2023 12:49:34 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/54030613/full_video.mp3" length="53044079" type="audio/mpeg"/><podcast:transcript url="http://www.bugbountyexplained.com/wp-content/uploads/2023/05/transcript.txt" type="text/plain" language="en"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>In this podcast episode, I interview Shubham Shah - one of my biggest authorities in bug bounty space and expert in source code review who regularly finds 0days.

📧 Subscribe to BBRE Premium: https://bbre.dev/premium 
✉️ Sign up for the mailing list:...</itunes:subtitle><itunes:summary><![CDATA[In this podcast episode, I interview Shubham Shah - one of my biggest authorities in bug bounty space and expert in source code review who regularly finds 0days.<br /><br />📧 Subscribe to BBRE Premium: https://bbre.dev/premium <br />✉️ Sign up for the mailing list: https://bbre.dev/nl<br />📣Follow me on Twitter: https://bbre.dev/tw<br />📣 Follow Shubs on Twitter: http://twitter.com/infosec_au/<br /><br /><br />Timestamps:<br />00:00 Intro<br />00:18 Shubs' background<br />13:04 Choosing good targets for finding 0days<br />20:41 How to audit the source code?<br />33:34 Who should consider a career as a full-time bug bounty hunter?<br />38:04 Sharing knowledge and disclosing 0days<br />45:54 What skills does Shubs pay attention to when recruiting security researchers?<br />48:48 AI in security research]]></itunes:summary><itunes:duration>3316</itunes:duration><itunes:keywords>bounty,bug,bugbounty,code,review,source</itunes:keywords><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/540ec27d27b30b481d790861670c728e.jpg"/><itunes:season>1</itunes:season><itunes:episode>6</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>Inside the Mind of the TOP1 Facebook Bug Bounty Hunter - Youssef Sammouda</title><link>https://www.spreaker.com/episode/inside-the-mind-of-the-top1-facebook-bug-bounty-hunter-youssef-sammouda--53727666</link><description><![CDATA[In this podcast, I interview Youssef Sammouda - top Facebook/Meta bug bounty hunter in 2020, 2021 and 2022. He has found numerous bugs on Facebook, including account takeovers. We talk about his methodology, tools he uses, productivity tips and many more!]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/53727666</guid><pubDate>Wed, 03 May 2023 12:27:09 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/53727666/fullpodcast.mp3" length="63979982" type="audio/mpeg"/><podcast:transcript url="http://www.bugbountyexplained.com/wp-content/uploads/2023/05/Full-Video.srt" type="application/x-subrip" language="en"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>In this podcast, I interview Youssef Sammouda - top Facebook/Meta bug bounty hunter in 2020, 2021 and 2022. He has found numerous bugs on Facebook, including account takeovers. We talk about his methodology, tools he uses, productivity tips and many more!</itunes:subtitle><itunes:summary><![CDATA[In this podcast, I interview Youssef Sammouda - top Facebook/Meta bug bounty hunter in 2020, 2021 and 2022. He has found numerous bugs on Facebook, including account takeovers. We talk about his methodology, tools he uses, productivity tips and many more!]]></itunes:summary><itunes:duration>3999</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/539b0880f74f4f9ce016dda28e081138.jpg"/><itunes:season>1</itunes:season><itunes:episode>5</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>Bug bounty automation and scaling 0days - Michael Ness</title><link>https://www.spreaker.com/episode/bug-bounty-automation-and-scaling-0days-michael-ness--53118689</link><description><![CDATA[In this podcast, I interview Michael Ness about bug bounty automation and scaling 0 days to get multiple payouts for a single bug. We also talk about how to make the automation better and about some tips to upcoming bug hunters.<br /><br />📧 Subscribe to BBRE Premium: https://bbre.dev/premium<br />✉️ Sign up for the mailing list: https://bbre.dev/nl<br />📣Follow me on Twitter: https://bbre.dev/tw<br />📣 Follow Michael on Twitter: https://twitter.com/mikey96_bh<br />Check out Overcast Security: https://search.overcast-security.app]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/53118689</guid><pubDate>Tue, 07 Mar 2023 09:31:49 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/53118689/bbre_4_audio.mp3" length="65844880" type="audio/mpeg"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>In this podcast, I interview Michael Ness about bug bounty automation and scaling 0 days to get multiple payouts for a single bug. We also talk about how to make the automation better and about some tips to upcoming bug hunters.

📧 Subscribe to BBRE...</itunes:subtitle><itunes:summary><![CDATA[In this podcast, I interview Michael Ness about bug bounty automation and scaling 0 days to get multiple payouts for a single bug. We also talk about how to make the automation better and about some tips to upcoming bug hunters.<br /><br />📧 Subscribe to BBRE Premium: https://bbre.dev/premium<br />✉️ Sign up for the mailing list: https://bbre.dev/nl<br />📣Follow me on Twitter: https://bbre.dev/tw<br />📣 Follow Michael on Twitter: https://twitter.com/mikey96_bh<br />Check out Overcast Security: https://search.overcast-security.app]]></itunes:summary><itunes:duration>2737</itunes:duration><itunes:keywords>bounty,bug,bugbounty</itunes:keywords><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/605eed1baf89e88f3216e64ea8eb683f.jpg"/><itunes:season>1</itunes:season><itunes:episode>4</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>From zero to 6-digit bug bounty earnings in 1 year - Johan Carlsson</title><link>https://www.spreaker.com/episode/from-zero-to-6-digit-bug-bounty-earnings-in-1-year-johan-carlsson--52550483</link><description><![CDATA[📧 Subscribe to BBRE Premium: https://bbre.dev/premium<br />✉️ Sign up for the mailing list: https://bbre.dev/nl<br />📣 Follow me on Twitter: https://bbre.dev/tw<br />📣 Follow Johan on Twitter: https://twitter.com/joaxcar<br />In this podcast I interview one of bug bounty hunters who started very recently but already is having a lot of success - Johan Carlsson. We talk about his hacking methodology, his journey with GitLab and his tips for bug bounty hunters.<br /><br />🖥 Get $100 in credits for Digital Ocean: https://bbre.dev/do]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/52550483</guid><pubDate>Fri, 27 Jan 2023 13:52:22 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/52550483/bbre3.mp3" length="98643828" type="audio/mpeg"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>📧 Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on Twitter: https://bbre.dev/tw
📣 Follow Johan on Twitter: https://twitter.com/joaxcar
In this podcast I interview one of bug bounty...</itunes:subtitle><itunes:summary><![CDATA[📧 Subscribe to BBRE Premium: https://bbre.dev/premium<br />✉️ Sign up for the mailing list: https://bbre.dev/nl<br />📣 Follow me on Twitter: https://bbre.dev/tw<br />📣 Follow Johan on Twitter: https://twitter.com/joaxcar<br />In this podcast I interview one of bug bounty hunters who started very recently but already is having a lot of success - Johan Carlsson. We talk about his hacking methodology, his journey with GitLab and his tips for bug bounty hunters.<br /><br />🖥 Get $100 in credits for Digital Ocean: https://bbre.dev/do]]></itunes:summary><itunes:duration>4117</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/4ec40c152069dc015a26f4d9aab7e680.jpg"/><itunes:season>1</itunes:season><itunes:episode>3</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>Accidentally finding a $50,000 vulnerability - Augusto Zanellato - Bug Bounty Reports Discussed #2</title><link>https://www.spreaker.com/episode/accidentally-finding-a-50-000-vulnerability-augusto-zanellato-bug-bounty-reports-discussed-2--46754261</link><description><![CDATA[✉️ Sign up for the newsletter: https://mailing.bugbountyexplained.com/<br /><br />This podcast is an interview with Augusto Zanellato, the hacker who submitted report with a GitHub rest API token leaked which had access to Shopify's Github account. It was reported on Hackerone to Shopify and Augusto got $50,000 for it. The best thing is that he didn't even look for a security issue.<br /><br />Link to the report explained: https://youtu.be/TOgIgD0KUVs<br />The report on Hackerone: https://hackerone.com/reports/1087489<br />Subscribe to Bug Bounty Reports Explained on YouTube: https://www.youtube.com/c/BugBountyReportsExplained/<br /><br />Augusto's media:<br />https://twitter.com/auguzanellato<br />https://hackerone.com/augustozanellato?type=user<br />https://github.com/augustozanellato]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/46754261</guid><pubDate>Thu, 30 Sep 2021 08:00:36 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/46754261/bbrd_auphonic.mp3" length="25505048" type="audio/mpeg"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>✉️ Sign up for the newsletter: https://mailing.bugbountyexplained.com/

This podcast is an interview with Augusto Zanellato, the hacker who submitted report with a GitHub rest API token leaked which had access to Shopify's Github account. It was...</itunes:subtitle><itunes:summary><![CDATA[✉️ Sign up for the newsletter: https://mailing.bugbountyexplained.com/<br /><br />This podcast is an interview with Augusto Zanellato, the hacker who submitted report with a GitHub rest API token leaked which had access to Shopify's Github account. It was reported on Hackerone to Shopify and Augusto got $50,000 for it. The best thing is that he didn't even look for a security issue.<br /><br />Link to the report explained: https://youtu.be/TOgIgD0KUVs<br />The report on Hackerone: https://hackerone.com/reports/1087489<br />Subscribe to Bug Bounty Reports Explained on YouTube: https://www.youtube.com/c/BugBountyReportsExplained/<br /><br />Augusto's media:<br />https://twitter.com/auguzanellato<br />https://hackerone.com/augustozanellato?type=user<br />https://github.com/augustozanellato]]></itunes:summary><itunes:duration>1575</itunes:duration><itunes:keywords>accidentaly,augusto,bbre,bounty,bug,critical,discussed,explained,finding,gh_token,github,hackerone,leak,lucky,podcast,reports,shopify,token,zanellato</itunes:keywords><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/4702ae389fb9eb1f87e8fa87b35309ad.jpg"/><itunes:season>1</itunes:season><itunes:episode>2</itunes:episode><itunes:episodeType>full</itunes:episodeType></item><item><title>Finding bugs in Google VRP without recon - David Schütz - BBRD #01</title><link>https://www.spreaker.com/episode/finding-bugs-in-google-vrp-without-recon-david-schutz-bbrd-01--46275893</link><description><![CDATA[The video with David's bug: https://youtu.be/miQvovD3c04<br />Original writeup: https://bugs.xdavidhu.me/google/2021/04/05/i-built-a-tv-that-plays-all-of-your-private-youtube-videos/<br /><br />✉️ Sign up for the newsletter to receive the best hacking info right to your inbox: https://mailing.bugbountyexplained.com/<br /><br />In this episode I interview David Schütz, the 19-years old Google VRP hacker who constantly finds bugs in functionalities we use often like private videos on YouTube. We talk about his career, learning process, methodology, tooling and many more aspects that might help beginner bug bounty hunters.]]></description><guid isPermaLink="false">https://api.spreaker.com/episode/46275893</guid><pubDate>Sat, 28 Aug 2021 15:21:06 +0000</pubDate><enclosure url="https://api.spreaker.com/download/episode/46275893/podcast_01_synced_auphonic.mp3" length="50597497" type="audio/mpeg"/><itunes:author>Grzegorz Niedziela</itunes:author><itunes:subtitle>The video with David's bug: https://youtu.be/miQvovD3c04
Original writeup: https://bugs.xdavidhu.me/google/2021/04/05/i-built-a-tv-that-plays-all-of-your-private-youtube-videos/

✉️ Sign up for the newsletter to receive the best hacking info right to...</itunes:subtitle><itunes:summary><![CDATA[The video with David's bug: https://youtu.be/miQvovD3c04<br />Original writeup: https://bugs.xdavidhu.me/google/2021/04/05/i-built-a-tv-that-plays-all-of-your-private-youtube-videos/<br /><br />✉️ Sign up for the newsletter to receive the best hacking info right to your inbox: https://mailing.bugbountyexplained.com/<br /><br />In this episode I interview David Schütz, the 19-years old Google VRP hacker who constantly finds bugs in functionalities we use often like private videos on YouTube. We talk about his career, learning process, methodology, tooling and many more aspects that might help beginner bug bounty hunters.]]></itunes:summary><itunes:duration>3144</itunes:duration><itunes:keywords>bugbounty,googlebugbounty,googlevrp,hackinggoogle</itunes:keywords><itunes:explicit>false</itunes:explicit><itunes:image href="https://d3wo5wojvuv7l.cloudfront.net/t_rss_itunes_square_1400/images.spreaker.com/original/5e6747cfdf0c64cfaff63d273fff41f7.jpg"/><itunes:season>1</itunes:season><itunes:episode>1</itunes:episode><itunes:episodeType>full</itunes:episodeType></item></channel></rss>
