Bug Bounty Reports Discussed

This video is an interview with René de Sain, known as renniepak. We talk about XSS, CSP bypasses, privilege escalation, speeding up the workflow with tricks like JS bookmarks and we discuss if there's such thing as bug bounty methodology.

This episode is the interview with Johan Carlsson, a full-time bug bounty hunter who specialises in client-side bugs and is currently the TOP1 hunter on GitLab.

This video is my interview with a full-time bug bounty hunter that had a great success at recent Live Hacking Events - Victor “doomerhunter” Poucheret. We're talking about his bug bounty methodology, choosing a bug bounty program, tools and much more.

In this interview, I'm talking with Louis Nyffenegger who's been teaching people websecurity since 13 years by creating Pentesterlab - web security learning platform, as well as by giving multiple talks and guiding people through their careers.

In this episode, I'm talking about my story of getting into cybersecurity - what got me interested, how I became a pentester, what motivated my to create my channel and finally, how I became a bug bounty hunter.

In this episode of the podcast, I'm interviewing Cristi Vlad about bug bounty and pentesting - the differences, ways to build your network of clients, continuous learning and more.

In this episode of the podcast, I interview Justin Gardner, the host of the Critical Thinking Bug Bounty Podcast who's been a full-time hunter for about 4 years. We talk about his methodology, tooling and many more!

In this episode, I interview Michał Bentkowski who specializes in crazy XSS bugs and now works on improving security of the browsers at Google.

In this episode with @NahamSec we are talking about bug bounty. Ben has a unique insight into mistakes beginners make since he's the biggest content creator in the bug bounty space and gets asked a lot of questions. We are talking about his methodology, the role of recon and much more.

In this podcast, I interview Yassine Aboukir - the winner of Most Valuable Hacker award at H1-303 Live hacking event. We talk about his bug bounty methodology, bounty vs pentesting as well as travelling, digital nomad lifestyle and doing sports.

In this podcast episode, I interview Shubham Shah - one of my biggest authorities in bug bounty space and expert in source code review who regularly finds 0days.

In this podcast, I interview Youssef Sammouda - top Facebook/Meta bug bounty hunter in 2020, 2021 and 2022. He has found numerous bugs on Facebook, including account takeovers. We talk about his methodology, tools he uses, productivity tips and many more!

In this podcast, I interview Michael Ness about bug bounty automation and scaling 0 days to get multiple payouts for a single bug. We also talk about how to make the automation better and about some tips to upcoming bug hunters.

✉️ Sign up for the newsletter: https://mailing.bugbountyexplained.com/This podcast is an interview with Augusto Zanellato, the hacker who submitted report with a GitHub rest API token leaked which had access to Shopify's Github account. It was reported on Hackerone to Shopify and Augusto got $50,000 for it. The best thing is that he didn't even look for a security issue.Link to the report explained: https://youtu.be/TOgIgD0KUVsThe report on Hackerone: https://hackerone.com/reports/1087489Subscribe to Bug Bounty Reports Explained on YouTube: https://www.youtube.com/c/BugBountyReportsExplained/Augusto's media:https://twitter.com/auguzanellatohttps://hackerone.com/augustozanellato?type=userhttps://github.com/augustozanellato

The video with David's bug: https://youtu.be/miQvovD3c04Original writeup: https://bugs.xdavidhu.me/google/2021/04/05/i-built-a-tv-that-plays-all-of-your-private-youtube-videos/✉️ Sign up for the newsletter to receive the best hacking info right to your inbox: https://mailing.bugbountyexplained.com/In this episode I interview David Schütz, the 19-years old Google VRP hacker who constantly finds bugs in functionalities we use often like private videos on YouTube. We talk about his career, learning process, methodology, tooling and many more aspects that might help beginner bug bounty hunters.