ICODE Podcast Ic0de
-
- Technologie
Infosec And Hacker Podcasts
-
Women in Infosec Pt.1 with @DevishaRochlani
A conversation with Devisha Rochlani talks about her journey and motivates women to take part in infosec.
-
USING-OS1nt-For-Good
A conversation with Subhajeet Singha @ElementalX2 who served SECARMY as one of thee founding member
Talks about
Why and how is osint helpful
What are few darksides of osint
Does this technique work on privacy-aware people
How to use osint for Cyber Threat Intelligence
Explains his journey on trace labs
How missing people be tracked on internet
Talks about social media intelligence
How to use Google dorks for collective intelligence -
Bug Bounty & Automation
We have Devansh Batham @0xAsm0d3us Creator of Favfreak, ParamSpider
• Shares details about bug he found in Facebook
• Describes Cross-origin resource sharing vuln
• Talks about Same origin policy
• Enumerating api endpoints / params
• Exploiting Cross-origin resource sharing vuln
• Gives details how Fav-freak works his speciality
• Manually checking or automation which is better and why
• Gives us a insight about his upcoming projects (Must listen)
• What are his favourite tools which he uses on regular basis
• Since we are talking about bug bounty & automation , why is automation needed -
Red-Teaming and Exploit Dev
We have Suvadip Kar who is a OSWP/OSCP ,Security Engineer & Red Teamer.
• Which is better being a full time pentester or freelancer pentester
• Explains Red teaming to a very new person
• Chaining low severity bugs and making them high impact , Gives advice on chaining low severity bugs like self XSS , information disclosure, key disclosure etc.
• Talks about experience gained after getting OSCP , what was his experience before getting certified
• Talks about his wireless security assessment techniques
• Something about lateral movement
• His OSCP lab experience
• Talks about his first bug in Jobberbase CMS -
SCADA and ICS Devices
A conversation with Jim Gilsinn, Here he talks about
• Communication models of ICS
• Responding to attacks on SCADA
• Talks about Stuxnet & why it is harmless on non-PLC devices
• A quick walk-through on vulnerability assessment of SCADA
• How OSINT plays a role on hunting vulnerable devices -
Bug bounties & CVE
A conversation with Ashish kunwar @d0rkerdevil
HE talks about his CVE discoveries
Disclosing bugs to a vendor
SSRF is his Favourite vulnerability
How much time does it take to find valid bugs