Critical Thinking - Bug Bounty Podcast

Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)

A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.

  1. 4일 전

    Episode 139: James Kettle - Pwning in Prod & How to do Web Security Research

    Episode 139: In this episode of Critical Thinking - Bug Bounty Podcast Justin finally sits down with the great James Kettle to talk about HTTP Proxys, metagaming research, avoiding burnout, and why HTTP/1.1 must die! Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater and Rez0 on Twitter: https://x.com/Rhynorater https://x.com/rez0__ ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch! Today’s Guest: https://x.com/albinowax https://jameskettle.com ====== This Week in Bug Bounty ====== Building an Android Bug Bounty lab Mobile Hacking Toolkit ====== Resources ====== CVE-2022-22720 So you want to be a web security researcher? Hunting Evasive Vulnerabilities: Finding Flaws That Others Miss by James Kettle HTTP/1.1 Must Die! The Desync Endgame Practical HTTP Host header attacks ====== Timestamps ====== (00:00:00) Introduction (00:05:01) Apache MITM-powered pause-based client-side desync (00:15:33) HTTP Proxys and Burp Suite HTTP/2 in Repeater (00:24:52) AI intagrations, life structure, and avoiding burnout (00:35:23) Client-side to server-side progression (00:47:39) The 'metagame' of security research (01:29:43) Host Header Attacks & HTTP/1.1 Must Die! (02:02:34) Is HTTP/2 the solution?

    2시간 22분

  2. 9월 4일

    Episode 138: Caido Tools and Workflows

    Episode 138: In this episode of Critical Thinking - Bug Bounty Podcast We’re talking Caido tools and workflows. Justin gives us a list of some of the Caido tools that have caught his interest, as well as how he’s using them. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater and Rez0 on Twitter: https://x.com/Rhynorater https://x.com/rez0__ ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch! ====== This Week in Bug Bounty ====== Meet YesWeHack at ROOTCON 2025 https://www.yeswehack.com/page/meet-yeswehack-at-rootcon-2025 New Dojo challenge featuring a Local File Inclusion in a Ruby application https://dojo-yeswehack.com/challenge-of-the-month/dojo-44?utm_source=sponsor&utm_medium=challenge&utm_campaign=dojo-44 AI Red Teaming CTF https://ctf.hackthebox.com/event/details/ai-red-teaming-ctf-ai-gon3-rogu3-2604 ====== Resources ====== Web Security Labs http://caido.rhynorater.com ====== Timestamps ====== (00:00:00) Introduction (00:02:32) Common filters & command palette in EvenBetter (00:06:49) Notes++ (00:09:28) Shift Agents and Drop (00:15:34) Workflows

    23분

  3. 8월 28일

    Episode 137: How We Do AI-Assisted Whitebox Review, New CSPT Gadgets, and Tools from SLCyber

    Episode 137: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner and Joseph Thacker reunite to talk about AI Hacking Assistants, CSPT and cache deception, and a bunch of tools like ch.at, Slice, Ebka, and more. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater and Rez0 on Twitter: https://x.com/Rhynorater https://x.com/rez0__ ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch! ====== This Week in Bug Bounty ====== Vulnerability vectors: SQL injection for Bug Bounty hunters Mozilla VPN Clients: RCE via file write and path traversal ====== Resources ====== Cache Deception + CSPT: dig @ch.at Searchlight Cyber Tools Slice Ebka-Caido-AI postMessage targetOrigin bypass ====== Timestamps ====== (00:00:00) Introduction (00:01:26) Claude, Gemini, and Hacking Assistants (00:11:08) AI Safety (00:18:09) CSPT (00:23:26) ch.at, Slice, Ebka, & Searchlight Cyber Tools (00:45:19) postMessage targetOrigin bypass

    49분

  4. 8월 21일

    Episode 136: Hacking Cluely, AI Prod Sec, and How To Not Get Sued with Jack Cable

    Episode 136: In this episode of Critical Thinking - Bug Bounty Podcast, Joseph Thacker sits down with Jack Cable to get the scoop on a significant bug in Cluely’s desktop application, as well as the resulting drama. They also talk about Jack’s background in government cybersecurity initiatives, and the legal risks faced by security researchers. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater and Rez0 on Twitter: https://x.com/Rhynorater https://x.com/rez0__ ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch! Today’s Sponsor - ThreatLocker. Checkout ThreatLocker Detect! https://www.criticalthinkingpodcast.io/tl-detect Today’s Guest: https://x.com/jackhcable?lang=en ====== This Week in Bug Bounty ====== Nullcon Berlin https://www.yeswehack.com/page/yeswehack-live-hacking-nullcon-berlin-2025?utm_source=sponsor&utm_medium=blog&utm_campaign=lhe-nullcon-berlin BB Bulletin #15 https://www.linkedin.com/pulse/bug-bounty-bulletin-15-yes-we-hack-dntue/ 2x Bounty on Grab https://hackerone.com/grab?type=team ====== Resources ====== Corridor https://corridor.dev/ disclose.io https://disclose.io/ ====== Timestamps ====== (00:00:00) Introduction (00:03:33) Cluely Bug, Government involvement, & Disclosed.io (00:12:33) AI in security & Corridor.dev (00:29:23) Cluely Bug Fallout & Ethics of hacking outside of Programs (00:41:20) Shift Agents

    51분

  5. 8월 14일

    Episode 135: Akamai's Ryan Barnett on WAFs, Unicode Confusables, and Triage Stories

    Episode 135: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Ryan Barnett for a deep dive on WAFs. We also recap his Exploiting Unicode Normalization talk from DEFCON, and get his perspective on bug hunting from his time at Akamai. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater and Rez0 on Twitter: https://x.com/Rhynorater https://x.com/rez0__ ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch! Today’s Sponsor - ThreatLocker. Checkout ThreatLocker Detect! https://www.criticalthinkingpodcast.io/tl-detect Today’s Guest: https://x.com/ryancbarnett ====== Resources ====== Accidental Stored XSS Flaw in Zemanta 'Related Posts' Plugin for TypePad https://webappdefender.blogspot.com/2013/04/accidental-stored-xss-flaw-in-zemanta.html XSS Street-Fight https://media.blackhat.com/bh-dc-11/Barnett/BlackHat_DC_2011_Barnett_XSS%20Streetfight-Slides.pdf Blackhat USA 2025 - Lost in Translation: Exploiting Unicode Normalization https://www.blackhat.com/us-25/briefings/schedule/#lost-in-translation-exploiting-unicode-normalization-44923 ====== Timestamps ====== (00:00:00) Introduction (00:02:49) Accidental Stored XSS in Typepad Plugin (00:06:34) Chatscatter & Abusing third party Analytics (00:11:42) Ryan Barnett Introduction (00:21:11) Virtual Patching & WAF Challenges (00:40:39) AWS API Gateways & Whitelisting Bug Hunter Traffic (00:49:59) Lost in Translation: Exploiting Unicode Normalization (01:11:29) CSPs at the WAF level & 'Bounties for Bypass'

    1시간 26분

  6. 8월 4일

    Episode 134: XBOW - AI Hacking Agent and Human in the Loop with Diego Djurado

    Episode 134: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Diego Djurado to give us the scoop on XBOW. We cover a little about its architecture and approach to hunting, the challenges with hallucinations, and the future of AI in the BB landscape. Diego also shares some of his own hacking journey and successes in the Ambassador World cup. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater and Rez0 on Twitter: https://x.com/Rhynorater https://x.com/rez0__ ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch! Today’s Sponsor - ThreatLocker User Store Today’s Guest: https://x.com/djurado9 ====== This Week in Bug Bounty ====== Announcement of our upcoming live hacking event at Nullcon Berlin, taking place on September 4-5 Bug Bounty Village Speakers 2025 Talkie Pwnii Caido showcase Caido Masterclass – From Setup to Exploits Access Control vs Account Takeover: What Bug Bounty Hunters Need to Know ====== Resources ====== CVE-2025-49493: XML External Entity (XXE) Injection in Akamai CloudTest ====== Timestamps ====== (00:00:00) Introduction (00:05:56) Diego's ATO Bug (00:12:01) H1 Ambassador World Cup and work with XBOW (00:20:57) XBOW's CloudTest XXE Bug (00:49:59) Freedom, Hallucinations, & Validation (01:07:24) XBOW's Architecture (01:23:50) Humans in the Loop, Harnesses, and Xbow's Reception (01:44:21) Ambassador World Cup plans for the future

    1시간 54분

  7. 7월 31일

    Episode 133: Building Hacker Communities - Bug Bounty Village, getDisclosed, and the LHE Squad

    Episode 133: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Harley and Ari from H1 to talk some about community management roles within Bug Bounty, as well as discuss the evolution of Bug Bounty Village at DEFCON, and what they’ve got in store this year. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater and Rez0 on Twitter: https://x.com/Rhynorater https://x.com/rez0__ ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch! Today’s Guests: x.com/infiniteloginshttps://x.com/Arl_roseToday’s Sponsor is Adobe. Use code CTBBP0907 in your first report on Adobe Behance, Portfolio, Fonts or Acrobat Web, and earn a one-time 10% bonus reward! ====== This Week in Bug Bounty ====== BBV Platform Panel about Triage YesWeHACK Makes Debut at Black Hat USA 2025 New Dojo challenge featuring a time-based token prediction combined PyYAML deserialization GMSGadget ====== Resources ====== Bug Bounty Village Sign up for the Disclosed Newsletter Disclosed Online Harley's Youtube Channel ====== Timestamps ====== (00:00:00) Introduction (00:05:51) Bug Stories and Hacking Journeys (00:32:37) Community Management within Bug Bounty (00:39:43) Bug Bounty Village - Origin & 2025 Plans (01:02:39) Disclosed Online and Harley's Upcoming Ebook

    1시간 16분

  8. 7월 24일

    Episode 132: Archive Testing Methodology with Mathias Karlsson

    Episode 132: In this episode of Critical Thinking - Bug Bounty Podcast, Justin Gardner is joined by Mathias Karlsson to discuss vulnerabilities associated with archives. They talk about his new tool, Archive Alchemist, and explore topics like the significance of Unicode paths, symlinks, and TAR before they end up talking about Charsets again.. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater and Rez0 on Twitter: ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord! You can also find some hacker swag at https://ctbb.show/merch! Today's Sponsor: ThreatLocker - Patch Management Today’s Guest: Mathias Karlsson ====== This Week in Bug Bounty ====== Swiss Post's 2025 Public Intrusion Test starts on July 28 Intigriti teams with NVIDIA Bugcrowd Ingenuity Awards Hack the Hacker Series - AI Vulnerabilities and Bug Bounties A Novel Technique for SQL Injection in PDO’s Prepared Statements How We Accidentally Discovered a Remote Code Execution Vulnerability in ETQ Reliance ====== Resources ====== Archive Alchemist Hacking Livestream #53: The ZIP file format ====== Timestamps ====== (00:00:00) Introduction (00:10:04) Archive Alchemist (00:36:05) Unicode Extensions, normalization, and confusion attacks on Zip parsers (00:48:44) Character Sets (01:01:49) 7zip & File Names (01:06:44) Path Traversal, Symlinks & Identifying Techniques (01:36:05) Hardlinks and TAR

    1시간 50분
모두 보기(139개)

5
최고 5점
53개의 평가

소개

A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.

정보

  • 제작진
    Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
  • 방송 연도
    2023년 - 2025년
  • 에피소드
    139
  • 등급
    무삭제판
  • 저작권
    © Critical Thinking Podcast
  • 웹사이트 보기
    Critical Thinking - Bug Bounty Podcast

좋아할 만한 다른 항목