Security source code review expert - Shubham Shah

  Рет қаралды 9,515

Bug Bounty Reports Explained

Bug Bounty Reports Explained

Күн бұрын

📧 Subscribe to BBRE Premium: bbre.dev/premium
✉️ Sign up for the mailing list: bbre.dev/nl
📣 Follow me on Twitter: bbre.dev/tw
📣 Follow Shubs on Twitter: / infosec_au
📖 Assetnote blog: blog.assetnote.io
In this podcast episode, I interview Shubham Shah - one of my biggest authorities in bug bounty space and expert in source code review who regularly finds 0days.
BBRD podcast is also available on most popular podcast platforms:
open.spotify.com/show/6tLoJ5f...
podcasts.google.com/feed/aHR0...
podcasts.apple.com/us/podcast...
Timestamps:
00:00 Intro
00:18 Shubs' background
13:04 Choosing good targets for finding 0days
20:41 How to audit the source code?
33:34 Who should consider a career as a full-time bug bounty hunter?
38:04 Sharing knowledge and disclosing 0days
45:54 What skills does Shubs pay attention to when recruiting security researchers?
48:48 AI in security research

Пікірлер: 17
@BugBountyReportsExplained
@BugBountyReportsExplained Жыл бұрын
Welcome to the comment section! Let me know what tips from this podcast are the most important ones for you!
@stanleyruheza
@stanleyruheza Жыл бұрын
Hey @Bug Bounty Reports Explained is there a way we can get those samples of take-home tests (docker containers) that are used for recruiting researchers ?
@BugBountyReportsExplained
@BugBountyReportsExplained Жыл бұрын
@@stanleyruheza Rather ask Shubs on Twitter but I doubt they disclose current ones
@CristiVladZ
@CristiVladZ Жыл бұрын
You ask very good questions
@bigbooduh
@bigbooduh Жыл бұрын
Your channel is under rated, this interview is gold and so is the other videos you do Thank you and Shubham for this.
@user-dj9ys9tq4x
@user-dj9ys9tq4x Жыл бұрын
Amazing guest and very interesting interview, thanks
@_CryptoCat
@_CryptoCat Жыл бұрын
Excellent interview! 💜
@himansh0715
@himansh0715 Жыл бұрын
Good questions with Good answers, awesome video, thanks to both of you for doing this :)
@0xhhhhff
@0xhhhhff 10 ай бұрын
Great interview. Great questions
@gojo1825
@gojo1825 22 күн бұрын
Hey- I love your interviews. Can you please interview Tomasz Bojarski.
@neiltsakatsa
@neiltsakatsa Жыл бұрын
Shubs! 🔥🔥🔥🔥
@halchalram4585
@halchalram4585 Жыл бұрын
please share the link of Shubham shah blog post
@BugBountyReportsExplained
@BugBountyReportsExplained Жыл бұрын
The Assetnote blog is in the description ;)
@mereemail8352
@mereemail8352 Жыл бұрын
He doesn't lool shubs, yoo he has changed a lot
@united1206
@united1206 Жыл бұрын
1st
@uttarkhandcooltech1237
@uttarkhandcooltech1237 Жыл бұрын
Can u give free write up who r poor for money how I buy ur subriber
@himansh0715
@himansh0715 Жыл бұрын
then you can read from free resources
From zero to 6-digit bug bounty earnings in 1 year - Johan Carlsson - BBRD podcast #3
1:08:37
From zero to 6-digit bug bounty earnings in 1 year - Johan Carlsson - BBRD podcast #3
Bug Bounty Reports Explained
Рет қаралды 25 М.
100 hours of reviewing the source code - Bounty vlog #3 - Elastic
17:45
100 hours of reviewing the source code - Bounty vlog #3 - Elastic
Bug Bounty Reports Explained
Рет қаралды 10 М.
Жайдарман | Туған күн 2024 | Алматы
2:22:55
Жайдарман | Туған күн 2024 | Алматы
Jaidarman OFFICIAL / JCI
Рет қаралды 1,6 МЛН
МАМА И STANDOFF 2 😳 !FAKE GUN! #shorts
00:34
МАМА И STANDOFF 2 😳 !FAKE GUN! #shorts
INNA SERG
Рет қаралды 4,5 МЛН
HOW DID HE WIN? 😱
00:33
HOW DID HE WIN? 😱
Topper Guild
Рет қаралды 27 МЛН
Wait for the last one! 👀
00:28
Wait for the last one! 👀
Josh Horton
Рет қаралды 139 МЛН
Former Experimental Test Pilot Explains CSIRO Modelling On Cost Of Nuclear
15:11
Former Experimental Test Pilot Explains CSIRO Modelling On Cost Of Nuclear
Senator David Fawcett
Рет қаралды 19 М.
Encouraging people in difficult seasons
4:05
Encouraging people in difficult seasons
Samuel Tzikoucos
Рет қаралды 7
Is Work/Life balance a myth, or is alignment possible?
3:43
Is Work/Life balance a myth, or is alignment possible?
Marcel Wasserman
Рет қаралды 33
I-Team: Hidden cameras reveal dark side of solar power
6:21
I-Team: Hidden cameras reveal dark side of solar power
FOX 5 Atlanta
Рет қаралды 4,5 МЛН
The key to succeed in bug bounty - @NahamSec
1:10:22
The key to succeed in bug bounty - @NahamSec
Bug Bounty Reports Explained
Рет қаралды 12 М.
Source Code Auditing
17:52
Source Code Auditing
HackOvert
Рет қаралды 3,3 М.
Myth-Busting Perfectionism
8:05
Myth-Busting Perfectionism
Jay Moore
Рет қаралды 50
The secret to finding many Criticals - Alex Chapman
1:16:32
The secret to finding many Criticals - Alex Chapman
Bug Bounty Reports Explained
Рет қаралды 6 М.
What functionalities are vulnerable to SSRFs? Case study of 124 bug bounty reports
19:58
What functionalities are vulnerable to SSRFs? Case study of 124 bug bounty reports
Bug Bounty Reports Explained
Рет қаралды 14 М.
Sources and Sinks - Code Review Basics
7:53
Sources and Sinks - Code Review Basics
LiveOverflow
Рет қаралды 47 М.
iPhone 16 с инновационным аккумулятором
0:45
iPhone 16 с инновационным аккумулятором
ÉЖИ АКСЁНОВ
Рет қаралды 5 МЛН
Что еще за съемные фронталки от Vivo? #vivo
0:41
Что еще за съемные фронталки от Vivo? #vivo
Не шарю!
Рет қаралды 70 М.
ИГРОВОЙ ПК ЗА 10К КОТОРЫЙ ДЕЙСТВИТЕЛЬНО ТАЩИТ В 2024 ГОДУ / СБОРКА ПК ЗА 10000 РУБЛЕЙ by KOMPUKTER
12:15
ИГРОВОЙ ПК ЗА 10К КОТОРЫЙ ДЕЙСТВИТЕЛЬНО ТАЩИТ В 2024 ГОДУ / СБОРКА ПК ЗА 10000 РУБЛЕЙ by KOMPUKTER
KOMPUKTER
Рет қаралды 272 М.
Обзор iOS 18 - ТОП фишек (и особенно скрытых)
19:20
Обзор iOS 18 - ТОП фишек (и особенно скрытых)
Rozetked
Рет қаралды 143 М.
Он придумал гениальную идею, как исправить разбитый экран! 🤯 | Credit : gertieinar (TT)
0:20
Он придумал гениальную идею, как исправить разбитый экран! 🤯 | Credit : gertieinar (TT)
Enderestories
Рет қаралды 4,9 МЛН
ПОКУПКА ТЕЛЕФОНА С АВИТО?🤭
1:00
ПОКУПКА ТЕЛЕФОНА С АВИТО?🤭
Корнеич
Рет қаралды 3,6 МЛН
Мой инст: denkiselef. Как забрать телефон через экран.
0:54
Мой инст: denkiselef. Как забрать телефон через экран.
Денис Киселев
Рет қаралды 1,6 МЛН