Episode 65: In this episode of Critical Thinking - Bug Bounty Podcast we sit down with Sam Curry to discuss the ethical considerations and effectiveness of hacking, the importance of good intent, and the enjoyment Sam derives from pushing the boundaries to find bugs. He shares stories of his experiences, including hacking Tesla, online casinos,Starbucks, his own is ISP router, and even getting detained at the airport.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: [email protected]

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Project Discovery Conference: https://nux.gg/hss24

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Guest:

https://samcurry.net/

Resources:

Don’t Force Yourself to Become a Bug Bounty Hunter

hackcompute

Starbucks Bug

recollapse

Timestamps:

(00:00:00) Introduction

(00:02:25) Hacking Journey and the limits of Ethical Hacking

(00:28:28) Selecting companies to hack

(00:33:22) Fostering passion vs. Forcing performance

(00:54:06) Collaboration and Hackcompute

(01:00:40) The Efficacy of Bug Bounty

(01:09:20) Secondary Context Bugs

(01:25:01) Mindmaps, note-taking, and Intuition.

(01:46:56) Back-end traversals and Unicode

(01:56:16) Hacking ISP

(02:06:58) Next.js and Crypto

(02:22:24) Dev vs. Prod JWT