Critical Thinking - Bug Bounty Podcast

Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
  • 5.0 (53)
  • TECHNOLOGY
  • UPDATED WEEKLY

A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.

  1. 4D AGO

    Episode 154: Starting a Pentesting Company on Top of Bug Bounty

    Episode 154: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and Brandyn talk through the transition from Bug Bounty hunting to Pentesting. We cover diversifying income streams, the challenges of pricing for Pentests, legal considerations, and what Bug Hunters can bring to the Pentesting world Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynorater https://x.com/rez0__ https://x.com/gr3pme ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch! ====== Timestamps ====== (00:00:00) Introduction (00:03:36) Starting a Pentesting Company (00:12:25) Advantages of Pentesting as a Bug Bounty Hunter (00:29:03) Pricing, Sales, and knowing your Market/Worth (00:36:21) Compliance in Pentests & Rapid-Fire Takaways

    41 min

  2. DEC 18

    Episode 153: Hacking the Robots of the Future: Hardware, AI, and Bug Bounties with Matt Brown

    Episode 153: In this episode of Critical Thinking - Bug Bounty Podcast Matt Brown returns to talk with us about hacking robots, IOT hackbots, and his Zero-to-Hero Hardware Hacking Guide. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynorater https://x.com/rez0__ https://x.com/gr3pme ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch! Today’s Guest: Matt Brown https://x.com/nmatt0https://github.com/BrownFineSecurity/iothackbot====== Resources ====== KeeYees USB Logic Analyzer Device Saleae logic analyzer XGecu Hardware Hacking Tutorial by Make Me Hack UART and SPI firmware extraction UART Root Shell on Linux Router UART Shell Jail and Unlocked Bootloader Chinese IP Camera Firmware Extraction Chip-Off Firmware Extraction ====== Timestamps ====== (00:00:00) Introduction (00:01:22) Incremental Session Token Story and Matt Brown Intro (00:10:42) Hardware Bug Bounty Scene & AI on Devices (00:24:30) Hacking Human Robot (00:41:33) Zero-to-Hero Hardware Hacking Guide (01:01:47) IOT Hackbot

    1h 17m

  3. DEC 11

    Episode 152: GeminiJack and Agentic Security with Sasi Levi

    Episode 152: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Sasi Levi from Noma Security to talk about AI and Agentic Security. We also talk about ForcedLeak, a Google Vertex Bug, and debate if Prompt Injection is a real Vuln. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynorater https://x.com/rez0__ https://x.com/gr3pme ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. CHeck out our New Christmas Swag at https://ctbb.show/merch! Today's Sponsor: ThreatLocker. Check out ThreatLocker Elevation Control https://ctbb.show/tl-ec And Noma Security! https://noma.security/ Today’s Guest: https://x.com/sasi2103 ====== This Week in Bug Bounty ====== Vercel Platform Protection Dedicated HackerOne program for Vercel WAF YesWeHack Open Source Programs Android recon for Bug Bounty hunters ====== Resources ====== Sasi's Tweet from 2015 ForcedLeak: AI Agent risks exposed in Salesforce AgentForce Is Prompt Injection a Vulnerability? ====== Timestamps ====== (00:00:00) Introduction (00:09:16) Google Vertex AI Bug (00:29:28) Sasi's Background and Bug Bounty Journey (00:38:55) Resources for AI and Agentic Security Methodology (00:50:34) ForcedLeak (01:02:06) Is Prompt Injection a Vuln?

    1h 22m

  4. DEC 4

    Episode 151: Client-side Advanced Topics

    Episode 151: In this episode of Critical Thinking - Bug Bounty Podcast we’re covering Client-side advanced topics. Justin talks Joseph (and us) through Third-Party Cookie Nuances, Iframe Tricks, URL Parsing, and more. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynorater https://x.com/rez0__ https://x.com/gr3pme ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch! Today's Sponsor: ThreatLocker. Check out ThreatLocker Elevation Control https://ctbb.show/tl-ec ====== Resources ====== Nowasky's Tweet #1 https://x.com/nowaskyjr/status/1993421017381744974 Nowasky's Tweet #2 https://x.com/nowaskyjr/status/1992717862398800081 rep+ in Chrome DevTools https://x.com/BourAbdelhadi/status/1992622964077179229 Terjanq Post from 2021 https://x.com/terjanq/status/1421093136022048775 ====== Timestamps ====== (00:00:00) Introduction (00:02:58) Client-side news & AI Updates (00:12:02) Third-Party Cookie Nuances & PostMessages (00:30:09) Iframe Tricks (00:47:43) URL Parsing, CSPTS, and Client-side Routes

    1h 7m

  5. NOV 27

    Episode 150: ASP.NET MVC Patterns, Popping Oracle Identity, and Esoteric Subdomain Enumeration

    Episode 150: In this episode of Critical Thinking - Bug Bounty Podcast we're highlighting some cool news and research, but not before expressing our gratitude to the Hacker community. We are so thankful for you all! Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynorater https://x.com/rez0__ https://x.com/gr3pme ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch! Today's Sponsor: ThreatLocker. Check out ThreatLocker Elevation Control https://ctbb.show/tl-ec ====== This Week in Bug Bounty ====== Cache Overflow on Cloudflare ====== Resources ====== Breaking Oracle’s Identity Manager Who Needs a Blind XSS? ASP.NET MVC View Engine Search Patterns Heretic Lesser known techniques for large-scale subdomain enum Antigravity – Known Issues Bug Bounty Daily Caido version of AssetNote Surf ====== Timestamps ====== (00:00:00) Introduction (00:09:47) Breaking Oracle’s Identity Manager & Who Needs a Blind XSS? (00:20:37) ASP.NET MVC View Engine Search Patterns & Heretic (00:29:04) Lesser known techniques for large-scale subdomain enum (00:35:29) Gemini 3 & Antigravity. (00:45:57) Bug Bounty Daily (00:52:42) Surf for Caido

    57 min

  6. NOV 20

    Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains

    Episode 149: In this episode of Critical Thinking - Bug Bounty Podcast The DEFCON videos are up, and Justin and Joseph talk through some of their favorites. Follow us on X Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater, rez0 and gr3pme on X: ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch! ====== Resources ====== Unicode surrogates conversion Prompt. Scan. Exploit Breaking into thousands of cloud based VPNs with 1 bug Examining Access Control Vulnerabilities in GraphQL Smart Bus Smart Hacking Passkeys Pwned Bypassing Intent Destination Checks Gemini Agents in Google Calendar Exploitation of DOM Clobbering Vuln at Scale TheHulk Smart Devices, Dumb Resets Mac PRT Cookie Theft ====== Timestamps ====== (00:00:00) Introduction (00:10:10) Prompt. Scan. Exploit (00:23:52) Breaking into thousands of cloud based VPNs with 1 bug (00:33:25) Access Control Vulns in GraphQL, Smart Bus Hacking, & Passkeys Pwned (00:44:10) Bypassing Intent Destination Checks & Invoking Gemini Agents (00:57:08) DOM Clobbering, Mac PRT Cookie Theft, & Smart Devices, Dumb Resets

    1h 3m

  7. NOV 13

    Episode 148: MCP Hacking Guide

    Episode 148: In this episode of Critical Thinking - Bug Bounty Podcast Justin gives us a crash course on Model Context Protocol. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynorater https://x.com/rez0__ https://x.com/gr3pme ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch! ====== Timestamps ====== (00:00:00) Introduction (00:02:51) MCP Architecture & Authentication (00:13:08) Roots, Sampling, & Elicitation (00:19:15) Tools and Resources

    32 min

  8. NOV 6

    Episode 147: Stupid Simple Hacking Workflow Tips

    Episode 147: In this episode of Critical Thinking - Bug Bounty Podcast we're talking tips and tricks that help us in hacking that we really should’ve learned sooner. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynorater https://x.com/rez0__ https://x.com/gr3pme ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch! Today's Sponsor: ThreatLocker. Check out ThreatLocker Network Control https://www.criticalthinkingpodcast.io/tl-nc ====== This Week in Bug Bounty ====== Netscaler's new program https://hackerone.com/netscaler_public_program?type=team The ultimate Bug Bounty guide to HTTP request smuggling vulnerabilities https://www.yeswehack.com/learn-bug-bounty/http-request-smuggling-guide-vulnerabilities Hackers now have 2 Request-a-Response https://docs.bugcrowd.com/changelog/researchers/request-a-response-researcher/ Evan Connelly Spotlight https://www.bugcrowd.com/blog/hacker-spotlight-evan-connelly/ Epic Games Jobs Openings Jobs.ctbb.show ====== Timestamps ====== (00:00:00) Introduction (00:09:23) Command Palette, Auto-decoding, & Evenbetter (00:17:28) Chrome Devtools Edit as html & Raycast (00:33:23) ffuf -request flag (00:41:33) JXScout (00:48:55) Conditional Breakpoints in Devtools & Lightning round tips

    59 min
See All (154)

5
out of 5
53 Ratings

About

A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.

Information

  • Creator
    Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
  • Years Active
    2023 - 2025
  • Episodes
    154
  • Rating
    Explicit
  • Copyright
    © Critical Thinking Podcast
  • Show Website
    Critical Thinking - Bug Bounty Podcast

You Might Also Like