x

75% of people globally want unbiased news (Pew Research) but are concerned they're not getting that.

Get balanced coverage with Symby. See how stories are covered across diverse outlets and spot when one side covers a story the other skips.

PODCAST

Critical Thinking - Bug Bounty Podcast

Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)

A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.

technology

All Episodes

58:20

Episode 66: CDN-CGI Research, Intent To Ship, and...

Critical Thinking - Bug Bounty Podcast ·

2024/04/11

Episode 66: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss the recent YesWeHack Louis Vuitton LHE, the importance of failure as growth in bug bounty, and Justin shares his research on CDN CGI.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on

en

149:05

Episode 65: Motivation and Methodology with Sam Curry...

Critical Thinking - Bug Bounty Podcast ·

2024/04/04

Episode 65: In this episode of Critical Thinking - Bug Bounty Podcast we sit down with Sam Curry to discuss the ethical considerations and effectiveness of hacking, the importance of good intent, and the enjoyment Sam derives from pushing the boundaries to find bugs. He shares stories of his experiences, including hacking Tesla, online casinos,Starbucks, his own is ISP router, and even getting detained at the airport.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel

en

68:04

Episode 64: .NET Remoting, CDN Attack Surface, and...

Critical Thinking - Bug Bounty Podcast ·

2024/03/28

Episode 64: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Justin and Joel delve into .NET remoting and how it can be exploited, a recent bypass in the Dom Purify library and some interesting functionality in the Cloudflare CDN-CGI endpoint. They also touch on the importance of collaboration and knowledge sharing, JavaScript Deobfuscation, the value of impactful POCs, hiding XSS payloads with URL path updates.Follow us on twitter at: @ctbbpodcastsend us any feedback here:

en

81:35

Episode 63: JHaddix Returns

Critical Thinking - Bug Bounty Podcast ·

2024/03/21

Episode 63: In this episode of Critical Thinking - Bug Bounty Podcast we welcome back Jason Haddix (From Episode 12) to talk about some updates to his The Bug Hunter's Methodology, as well as his own personal life and hacking journey. We talk about the start of his new company, and then venture into topics such as using threat intelligence and buying credentials from the dark web, recon techniques, and ways to integrate AI into your workflow (or target list).Follow us on twitter at:

en

58:43

Episode 62: Frontend Language Oddities

Critical Thinking - Bug Bounty Podcast ·

2024/03/14

Episode 62: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel are back with some additional research resources that didn’t make the Portswigger Top-Ten, but that are worth looking at.Follow us on twitter at: @ctbbpodcastFeel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:------ Ways to Support CTBBPodcast ------Hop on the CTBB Discord

en

87:00

Episode 61: A Hacker on Wall Street - JR0ch17

Critical Thinking - Bug Bounty Podcast ·

2024/03/07

Episode 61: In this episode of Critical Thinking - Bug Bounty Podcast Justin is joined by Jasmin Landry to share some stories about startup security, bug bounty, and the challenges of balancing both. He also shares his methodology for discovering OAuth-related bugs, highlights some differences between structured learning and self-teaching, and then walks us through a couple arbitrary ATO’s and SSTI to RCE bugs he’s found lately.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing,

en

84:37

Episode 60: Our Take on PortSwigger's Top 10 Web...

Critical Thinking - Bug Bounty Podcast ·

2024/02/29

Episode 60: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel review the Portswigger Research list of top 10 web hacking techniques of 2023.Follow us on twitter at: @ctbbpodcastSend us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:------ Ways to Support CTBBPodcast ------Hop on the CTBB DiscordWe also do Discord subs at $25, $10, $5 - premium

en

99:09

Episode 59: Bug Bounty Gadget Hunting & Hacker's...

Critical Thinking - Bug Bounty Podcast ·

2024/02/22

Episode 59: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss the concept of gadgets and how they can be used to escalate the impact of vulnerabilities. We talk through things like HTML injection, image injection, CRLF injection, web cache deception, leaking window location, self-stored XSS, and much more.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to

en

114:51

Episode 58: Youssef Sammouda - Client-Side & ATO War...

Critical Thinking - Bug Bounty Podcast ·

2024/02/15

Episode 58: In this episode of Critical Thinking - Bug Bounty Podcast we finally sit down with Youssef Samouda and grill him on his various techniques for finding and exploiting client-side bugs and postMessage vulnerabilities. He shares some crazy stories about race conditions, exploiting hash change events, and leveraging scroll to text fragments.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here:

en

32:34

Episode 57: Technical breakdown from Miami Hacking...

Critical Thinking - Bug Bounty Podcast ·

2024/02/08

Episode 57: In this episode of Critical Thinking - Bug Bounty Podcast, Justin and Joel are live from Miami, and recap their experience and share takeaways from the live hacking event. They highlight the importance of paying attention to client-side routing and the growing bug class of client-side path traversal. They also discuss the challenges of knowing when to cut your losses and the value of tracking time and setting goals.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing,

en

107:40

Episode 56: Using Data Science to win Bug Bounty -...

Critical Thinking - Bug Bounty Podcast ·

2024/02/01

Episode 56: Using Data Science to win Bug Bounty - Mayonaise (aka Jon Colston)Episode 56: In this episode of Critical Thinking - Bug Bounty Podcast, Justin sits down with Jon Colston to discuss how his background in digital marketing and data science has influenced his hunting methodology. We dive into subjects like data sources, automation, working backwards from vulnerabilities, applying conversion funnels to bug bounty, and the mayonaise signature 'Mother of All Bugs'Follow us on twitter at:

en

104:04

Episode 55: Popping WordPress Plugins - Methodology...

Critical Thinking - Bug Bounty Podcast ·

2024/01/25

Episode 55: In this episode of Critical Thinking - Bug Bounty Podcast, Justin is joined by Wordpress Security Researcher Ram Gall to discuss both functionality and vulnerabilities within Wordpress Plugins.Follow us on twitterSend us any feedback here:Shoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:------ Ways to Support CTBBPodcast ------WordFence - Sign up as a researcher! https://ctbb.show/wf---Sign up for Caido using the

en

72:38

Episode 54: White Box Formulas - Vulnerable Coding...

Critical Thinking - Bug Bounty Podcast ·

2024/01/18

Episode 54: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel are back with news items and new projects. Joel shares about his personal scraping project to gather data on bug bounty programs and distribution Next, they announce the launch of HackerNotes, a podcast companion that will summarize the main technical points of each episode. They also discuss a recent GitLab CVE and an invisible prompt injection, before diving into a discussion (or debate) about vulnerable code

en

100:47

Episode 53: 500k/yr as Full-Time Bug Hunter & Content...

Critical Thinking - Bug Bounty Podcast ·

2024/01/11

Episode 53: In this episode of Critical Thinking - Bug Bounty Podcast,we’re joined by none other than NahamSec. We start by discusses the challenges he faced on his journey in bug bounty hunting and content creation, including personal struggles and the pressure of success.We also talk about finding balance and managing mental energy, going the extra mile, and the importance of planning and setting goals for yourself before he walks us through some Blind XSS techniques.Follow us on twitter at:

en

180:00

Episode 52: Best Technical Content from Year 1 of...

Critical Thinking - Bug Bounty Podcast ·

2024/01/04

Episode 52: In this episode of Critical Thinking - Bug Bounty Podcast we're going back and highlighting some of the best technical moments from the past year! Hope you enjoy this best of 2023 Supercut!Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on

en

81:31

Episode 51: Hacker Stats 2023 & 2024 Goals

Critical Thinking - Bug Bounty Podcast ·

2023/12/28

Episode 51: In this episode of Critical Thinking - Bug Bounty Podcast, Justin and Joel are back for the last episode of 2023. We discuss some noteworthy news items including a Hacker One Crit, Caido updates, and some Blind CSS. Then we dive into our own personal ‘Hackers Wrapped’ recap of the year, before laying out some goals for 2024.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to

en

144:31

Episode 50: Mathias "Fall in a well" Karlsson - Bug...

Critical Thinking - Bug Bounty Podcast ·

2023/12/21

Episode 50: In this episode of Critical Thinking - Bug Bounty Podcast, Justin catches up with hacking master Mathias Karlsson, and talks about burnout, collaboration, and the importance of specialization. Then we dive into the technical details of MXSS and XSLT, character encoding, and give some predictions of what Bug Bounty might look like in the future…Follow us on twitter at: @ctbbpodcastSend us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro

en

51:33

Episode 49: Getting Live Hacking Event Invites & Bug...

Critical Thinking - Bug Bounty Podcast ·

2023/12/14

Episode 49: In this episode of Critical Thinking - Bug Bounty Podcast, Justin Gardner is once again joined by Nagli to discuss some of their recent hacking discoveries. They talk about finding and exploiting a backup file in an ASP.NET app, discovering vulnerabilities through Swagger files, and debating the vulnerability of a specific ‘undisclosed’ domain. Then they reflect on 2023’s Live Hacking Event circuit, and preview what’s to come in 2024’s.This episode sponsored by Wordfence! Wordfence

en

96:45

Episode 48: MVH, DEFCON Black Badge, Googler - Sam Erb

Critical Thinking - Bug Bounty Podcast ·

2023/12/07

Episode 48: In this episode, joined by the spectacular Sam Erb, Google Security Engineer and DEFCON Black Badge winner. We talk about the importance of understanding how systems work to find vulnerabilities, and how his engineering background influences his hunting style and methodologies. Then we jump over to his Career Development and his work with Google, and then chat about some of the recent Google Vulnerability Programs.This episode is sponsored by Wordfence! Wordfence recently launched a

en

91:52

Episode 47: CSP Research, Iframe Hopping, and...

Critical Thinking - Bug Bounty Podcast ·

2023/11/30

Episode 47: In this episode of Critical Thinking - Bug Bounty Podcast, the holidays are fast approaching, and Justin and Joel discuss some of the struggles of getting back into the hacking groove during and after breaks. We also celebrate the newly launched Critical Thinking Discord Community before diving into Iframe Sandwhiches, JS Hoisting, CSP Bypasses, and a host of new tools, techniques, and tangents.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send

en

146 results

Similar Podcasts

Lead With AI

Tamara Nall

Linux in the Ham Shack

Black Sparrow Media

Data Engineering Podcast

Tobias Macey

Eye On A.I.

Craig S. Smith

Reflections

Livewire Labs