Video 🐝

Note that during these interviews I also moderate so quality may vary.

Profile 🐝

Very active, always giving back, and spearheaded Bugcrowd university bugcrowd.com/university/

His BBHM was my intro to recon. It was invaluable and made me fall in love with it.

  • 2005 Started hacking
  • 2009 Vulnerability Assessment β†’ Pentester at Redspin
  • 2010 HP Pentest - on forefront of mobile
  • 2014 Bugcrowd leaderboard #1 or #2, battle with bitcork
  • 2016 Head of Trust and Security at Bugcrowd
  • Head of Security and Risk Management at Ubisoft

How to shot web origin 🐝

  • Having a methodology is always better
  • A checklist prevents you from missing/overlooking things

Recon methodology 🐝

  1. Check out scope for project
    • Check clauses in scope, e.g. Tesla even if not in scope tell us.
  2. Amass, Subfinder, MassDNS
  3. GitHub dork while tools above are running
  4. Look at acquisitions last 3 years
    1. Chrunchbase
  5. … Re-watch stream
digitalocean logo

The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Favorite tools 🐝

  • Aquatone
  • Amass
  • Nmap
  • Burp
  • turbo intruder
    • faster than any other
    • not recursive
    • lacking capabilities vs CLI
  • Masscan

Routine 🐝

  • If invite is brand I know it sparks my interest
  • Put on EDM
  • Make sure tools are updated

Learning 🐝

  • Twitter
  • Put fuzzing strings, links into Evernote under each Bug Type
  • Google

Videos 🐝

  • Jason Haddix - How to Shot Web: Web and mobile hacking in 2015
  • Methodology 1, 2 and 3
  • Pentesterlab
  • Hacker101
  • Bugcrowd University
  • OWASP vulnerable machines collection

Tips 🐝

  • Web applications handbook
  • Test new tools on VDP with wildcard scopes

Coding 🐝

  • You don’t need to know how to code
  • Coding β‰  finding bugs
  • Programming β‰  scripting
  • Know basics, e.g. html, js etc

Wish he knew 🐝

  • Report write up is more important than the bug itself
    • Assume you’re writing it for someone who doesn’t know anything
    • What is the impact for the company in specific?
      • Make templates for each bug type being contextual risk for a company
        • Data disclosure
        • Explain how you found the bug
  • Take a video or screenshot showing the exploitation of the bug
  • Automation, know what to automate

Future 🐝

  • All distributed
  • Less heavy handed approach
  • More in the hands of hackers

Enjoy my content?

You can support me in a couple of ways:

Buy me a Coffee or share it with your friends

Select links throughout the site are affiliates. They give me a small kickback, don't cost you anything extra and are always curated.

More from the beelog

  1. Nahamsec interviews Masonhck357

    Fast-rising bug bounty hunter and Dominican US navy vet, Daniel Marte, started hacking full-time in 2020.

  2. How To Start Bug Bounty For Beginners

    Starting bug bounty hunting can be overwhelming. Here are the best resources on how to choose a bug bounty program and find your first bug.

Don't bee a stranger

If you want to work together, have a question, or if you just want to say hi, feel free to reach out!

You can find me on Twitter, Discord, and Instagram.