Episode 37: In this episode of Critical Thinking - Bug Bounty Podcast we're joined by none other than Lupin himself! We recap the Tokyo LHE and the lessons we learned from it before diving into his legendary journey into security research and bug bounty. We also talk collaboration of all kinds: pair hacking, joining a team, and starting a business together. We even touch on some great tools that can collaborate with each other! This was a fun one, and we don't want you to miss it!

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: [email protected]

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Today’s Guest:

https://twitter.com/0xLupin

Lupin and Holmes

https://landh.tech/

JSWZL

https://jswzl.io/

Cursor

https://cursor.so/

Clairvoyance

https://github.com/nikitastupin/clairvoyance

Tweet about Command Injections

https://twitter.com/win3zz/status/1703702550372078074

James Kettle article on security research

https://portswigger.net/research/so-you-want-to-be-a-web-security-researcher

Timestamps:

(00:00:00) Introduction

(00:01:00) Lessons learned from the latest LHE

(00:09:30) JSWZL and the Cursor Combo

(00:19:15) The Legend of Lupin

(00:34:35) Code and Collaborating

(00:38:48) Requests, Automation, and Testing

(00:50:28) Joel's Helper scripts

(00:52:50) Teamwork and Pair Hacking

(00:57:29) Tips for learning to Hack

(01:00:35) UUID and CTF

(01:08:35) Dynamics of Collaboration with French Team