This video is my interview with a full-time bug bounty hunter that had a great success at recent Live Hacking Events - Victor “doomerhunter” Poucheret. We're talking about his bug bounty methodology, choosing a bug bounty program, tools and much more.

In this interview, I'm talking with Louis Nyffenegger who's been teaching people websecurity since 13 years by creating Pentesterlab - web security learning platform, as well as by giving multiple talks and guiding people through their careers.

📧 Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on Twitter: https://bbre.dev/tw
📣 Follow Douglas on Twitter: https://twitter.com/ArchAngelDDay
In this interview, we're talking with Douglas Day about his bug hunting methodlogy, about quitting his job to become a full-time bug bounty hunter and many more.
BBRD podcast is also available on most popular podcast platforms:
https://open.spotify.com/show/6tLoJ5foOoZPPELwrHPBO4 
https://podcasts.google.com/feed/aHR0cHM6Ly93d3cuc3ByZWFrZXIuY29tL3Nob3cvNTA3Mzc4MS9lcGlzb2Rlcy9mZWVk 
https://podcasts.apple.com/us/podcast/bug-bounty-reports-discussed/id1583400215?uo=4

Timestamps:
00:00 Intro
0:29 Going full-time bug bounty
9:12 Douglas' bug bounty methodology
28:13 Bug Bounty tools you need
43:04 The benefits of collaboration in bug bounty
54:23 How to deal with having a similar bug on many endpoints?
1:11:37 How to select a bug bounty program?

📧 Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on Twitter: https://bbre.dev/tw
📣 Follow Joel on Twitter: https://x.com/0xteknogeek
In this interview, we're talking with Joel about bug bounty hunting on mobile apps, about being a program manager, about Live Hacking Events and more.

BBRD podcast is also available on most popular podcast platforms:
https://open.spotify.com/show/6tLoJ5foOoZPPELwrHPBO4 
https://podcasts.google.com/feed/aHR0cHM6Ly93d3cuc3ByZWFrZXIuY29tL3Nob3cvNTA3Mzc4MS9lcGlzb2Rlcy9mZWVk 
https://podcasts.apple.com/us/podcast/bug-bounty-reports-discussed/id1583400215?uo=4

Links mentioned during the interview:
https://www.timeshifter.com
https://codeshare.frida.re/@teknogeek/android-universal-ssl-unpin/
https://gitlab.com/newbit/rootAVD
https://github.com/Ch0pin/medusa
https://github.com/teknogeek/get_schemas
Timestamps:
00:00 Intro
00:22 Getting into bug bounty
11:04 Live Hacking Events
24:58 Mobile bug bounty
48:34 Lessons from being a bug bounty program manager
1:03:54 The plans for the Critical Thinking Bug Bounty podcast

📧 Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on Twitter: https://bbre.dev/tw
📣 Follow Alex on Twitter: https://x.com/ajxchapman
In this episode I'm interviewing Alex Chapman - a full-time bug bounty hunter known for finding many high-impact bugs and very little medium and low-impact ones.

BBRD podcast is also available on most popular podcast platforms:
https://open.spotify.com/show/6tLoJ5foOoZPPELwrHPBO4 
https://podcasts.google.com/feed/aHR0cHM6Ly93d3cuc3ByZWFrZXIuY29tL3Nob3cvNTA3Mzc4MS9lcGlzb2Rlcy9mZWVk 
https://podcasts.apple.com/us/podcast/bug-bounty-reports-discussed/id1583400215?uo=4

Timestamps:
00:00 Intro
0:22 How did Alex start with cybersecurity and bug bounty?
3:05 Alex' uique hacking style
19:18 Source code review tips
28:37 How to write a good bug bounty report?
45:52 Finding bugs in desktop applications
52:15 LHEs
1:00:57 Live of a full-time bug bounty hunter

In this episode, I'm talking about my story of getting into cybersecurity - what got me interested, how I became a pentester, what motivated my to create my channel and finally, how I became a bug bounty hunter.

In this episode of the podcast, I'm interviewing Cristi Vlad about bug bounty and pentesting - the differences, ways to build your network of clients, continuous learning and more.

In this episode of the podcast, I interview Justin Gardner, the host of the Critical Thinking Bug Bounty Podcast who's been a full-time hunter for about 4 years. We talk about his methodology, tooling and many more!

📧 Subscribe to BBRE Premium: https://bbre.dev/premium
📖 Check out AppSecEngineer, the sponsor of today's video: https://www.appsecengineer.com
📣 Follow GUEST on Twitter: https://twitter.com/@rez0
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on Twitter: https://bbre.dev/tw
In this interview we are discussing with rez0 a range of topics around AI - the new vulnerability opportunities it created, how can I help us in hacking and if it will replace us in the future.
Resources and people mentioned in the podcast:
https://olickel.com/everything-i-know-about-prompting-llms
https://www.anthropic.com/index/prompting-long-context
https://simonwillison.net
https://llm-attacks.org/zou2023universal.pdf
http://llm-attacks.org
BBRD podcast is also available on most popular podcast platforms:
https://open.spotify.com/show/6tLoJ5foOoZPPELwrHPBO4
https://podcasts.google.com/feed/aHR0cHM6Ly93d3cuc3ByZWFrZXIuY29tL3Nob3cvNTA3Mzc4MS9lcGlzb2Rlcy9mZWVk
https://podcasts.apple.com/us/podcast/bug-bounty-reports-discussed/id1583400215?uo=4

Timestamps:
00:00 Intro
00:32 Check out AppSecEngineer, the sponsor of this podcast
01:36 rez0's regular bug bounty hacking style
22:39 AI and hacking

In this episode, I interview Michał Bentkowski who specializes in crazy XSS bugs and now works on improving security of the browsers at Google.