Episode 98: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner sits down with Sharon,to discuss his journey from early iOS development to leading a research team at Claroty. They address the differences between HackerOne and Pwn2Own, and talk through some intricacies of IoT security, and some less common IoT attack surfaces.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
------ Ways to Support CTBBPodcast ------
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Today’s Sponsor - ThreatLocker: Check out Network Control!
https://www.criticalthinkingpodcast.io/tl-nc
And AssetNote: Check out their ASMR board (no not that kind!)
Today’s Guest: https://sharonbrizinov.com/
Resources
The Claroty Research Team
Pwntools
https://github.com/Gallopsled/pwntools
Scan My SMS
Gotta Catch 'Em All: Phishing, Smishing, and the birth of ScanMySMS
https://www.youtube.com/watch?v=EhNsXXbDp3U
Timestamps
(00:00:00) Introduction
(00:03:31) Sharon's Origin Story
(00:21:58) Transition to Bug Bounty and Pwn2Own vs HackerOne
(00:47:05) IoT/ICS Hacking Methodology
(01:10:13) Cloud to Device Communication
(01:18:15) Bug replication and uncommon attack surfaces
(01:30:58) Documentation tracker, reCaptcha bypass, and ScanMySMS