The guest this week is bug bounty inspiration, Shubs. When you think of "deep recon," this name should be the first in your mind. We often conflate success with something we can't touch. Our conversation includes insights from someone who went from food service to starting Assetnote by utilizing bug bounty as a launchpad.

So, let's dig in.

Quick Tips 🔥 

Best Language for Recon Automation

Is it relevant to learn a particular coding language for recon automation success? The answer is no. You should build what you're comfortable in. Ask yourself, "Is having a minor speed difference worth investing time in learning a new language?" Shubs remarks that it's better to use what you know to build faster and iterate quickly.

Pay for Relevant Data Sets

Recon techniques are good, but Shubs clarifies that data sources are more potent in the long run. Paying for specific data sources is something you should consider. Look to passive DNS like DNSDB and Security Trails to put you miles ahead of other hunters.

Assetnote Debugging Preferences

Debugging was extremely relevant for recon deep dives! Here’s what Assetnote likes to use:

• Java Projects: Use IntelliJ. Even the community edition can serve the purpose efficiently.

• .NET Projects: Use Rider from JetBrains. It offers features like direct attachment to processes and decompiling capabilities.

• Binary Analysis: Tools like GDB are used for dynamic analysis.

Shub’s Recon Journey 💭 

Catalyst to Start: Friendly Competition

The need to dive deeper into recon developed from going toe-to-toe with fellow bug hunter, Naffy. Shubs observed how critical the additional private datasets Naffy had access to aided in quicker results. This led to the creation of Assetnote. If it weren't possible to get his hands on certain datasets, he'd pull all available open-source information together to give him a heads-up. Fun fact, Shub's handle used to be "NotNaffy" in honor of their friendly rivalry.