Critical Thinking - Bug Bounty Podcast By cover art

Critical Thinking - Bug Bounty Podcast

By: Justin Gardner (Rhynorater) & Joel Margolis (teknogeek)
Listen for free

  • Summary

  • A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.
    Critical Thinking Podcast
    Show more Show less
Episodes
  • Episode 69: Johan Carlsson - 3 Month Check-in on Full-time Bug Bounty.

    Episode 69: Johan Carlsson - 3 Month Check-in on Full-time Bug Bounty.
    May 2 2024

    Episode 69: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Johan Carlsson to hear about some updates on his bug hunting journey. We deep-dive a CSP bypass he found in GitHub, a critical he found in GitLab's pipeline, and also talk through his approach to using script gadgets and adapting to highly CSP'd environments. Then we talk about his transition to full-time bug hunting, including the goals he’s set, the successes and challenges, and his current focus on specific bug types like ReDoS and OAuth, and the serendipitous nature of bug hunting.

    Follow us on twitter at: @ctbbpodcast

    We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

    Shoutout to YTCracker for the awesome intro music!

    ------ Links ------

    Follow your hosts Rhynorater & Teknogeek on twitter:

    https://twitter.com/0xteknogeek

    https://twitter.com/rhynorater

    ------ Ways to Support CTBBPodcast ------

    Hop on the CTBB Discord at https://ctbb.show/discord!

    We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

    Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.

    Nuclei 3.2 Release: https://nux.gg/podcast

    Today’s Guest:

    https://twitter.com/joaxcar

    https://joaxcar.com/blog/

    Resources

    Github CSP Bypass

    https://gist.github.com/joaxcar/6e5a0a34127704f4ea9449f6ce3369fc

    CSP Validator

    https://cspvalidator.org/

    Cross Window Forgery

    https://www.paulosyibelo.com/2024/02/cross-window-forgery-web-attack-vector.html

    Gitlab Crit

    https://gist.github.com/joaxcar/9419b2df8778f26e9b02a741a8ec12f8

    Timestamps

    (00:00:00) Introduction

    (00:09:34) Github CSP Bypass

    (00:38:48) Script Gadgets and growth through Gitlab

    (00:53:53) Gitlab pipeline bug

    (01:12:32) Full-time Bug Bounty
    Show more Show less
    1 hr and 49 mins
  • Episode 68: 0-days & HTMX-SS with Mathias

    Episode 68: 0-days & HTMX-SS with Mathias
    Apr 25 2024

    Episode 68: In this episode of Critical Thinking - Bug Bounty Podcast Mathias is back with some fresh HTMX research, including CSP bypass using HTMX triggers, converting client-side response header injection to XSS, bypassing HTMX disable, and the challenges of using HTMX in larger applications and the potential performance trade-offs. We also talk about the results of his recent CTF Challenge, and explore some more facets of CDN-CGI functionality.

    Follow us on twitter at: @ctbbpodcast

    We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

    Shoutout to YTCracker for the awesome intro music!

    ------ Links ------

    Follow your hosts Rhynorater & Teknogeek on twitter:

    https://twitter.com/0xteknogeek

    https://twitter.com/rhynorater

    Project Discovery Conference: https://nux.gg/hss24

    ------ Ways to Support CTBBPodcast ------

    Hop on the CTBB Discord at https://ctbb.show/discord!

    We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

    Today’s Guest:

    https://twitter.com/avlidienbrunn

    Resources:

    Masato Kinugawa's research on Teams

    https://speakerdeck.com/masatokinugawa/how-i-hacked-microsoft-teams-and-got-150000-dollars-in-pwn2own?slide=33

    subdomain-only 307 open redirect

    https://avlidienbrunn.se/cdn-cgi/image/onerror=redirect/http://anything.avlidienbrunn.se

    Timestamps

    (00:00:00) Introduction

    (00:05:18) CSP Bypass using HTML

    (00:14:00) Converting client-side response header injection to XSS

    (00:23:10) Bypassing hx-disable

    (00:32:37) XSS-ing impossible elements

    (00:38:22) CTF challenge Recap and knowing there's a bug

    (00:51:53) hx-on (depreciated)

    (00:54:30) CDN-CGI Research discussion
    Show more Show less
    1 hr and 4 mins
  • Episode 67: VDPs & Accidental Program VS Hacker Debate Part 2

    Episode 67: VDPs & Accidental Program VS Hacker Debate Part 2
    Apr 18 2024

    Episode 67: In this episode of Critical Thinking - Bug Bounty Podcast we deepdive on the topic of Vulnerability Disclosure Programs (VDPs) and whether they are beneficial or not. We also touch on the topic of leaderboard accuracy, and continue the Program VS Hacker debate regarding allocating funds for bounties.

    Follow us on twitter at: @ctbbpodcast

    We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

    Shoutout to YTCracker for the awesome intro music!

    ------ Links ------

    Follow your hosts Rhynorater & Teknogeek on twitter:

    https://twitter.com/0xteknogeek

    https://twitter.com/rhynorater

    Project Discovery Conference: https://nux.gg/hss24

    ------ Ways to Support CTBBPodcast ------

    Hop on the CTBB Discord at https://ctbb.show/discord!

    We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

    Resources:

    Nagli's Braindump on VDPs

    https://twitter.com/galnagli/status/1780174392003031515

    Timestamps:

    (00:00:00) Introduction

    (00:05:37) VDP programs

    (00:34:10) Leaderboards

    (00:43:52) Hacker vs. Program debate Part 2

    (01:07:24) Walling Off Endpoints
    Show more Show less
    1 hr and 20 mins
Show more Show less

What listeners say about Critical Thinking - Bug Bounty Podcast

Average customer ratings
Overall
  • 5 out of 5 stars
  • 5 Stars
    2
  • 4 Stars
    0
  • 3 Stars
    0
  • 2 Stars
    0
  • 1 Stars
    0
Performance
  • 5 out of 5 stars
  • 5 Stars
    2
  • 4 Stars
    0
  • 3 Stars
    0
  • 2 Stars
    0
  • 1 Stars
    0
Story
  • 5 out of 5 stars
  • 5 Stars
    2
  • 4 Stars
    0
  • 3 Stars
    0
  • 2 Stars
    0
  • 1 Stars
    0

Reviews - Please select the tabs below to change the source of reviews.

Audible.com reviews

Amazon reviews
Sort by:
Filter by:
  • Overall
    5 out of 5 stars
  • Performance
    5 out of 5 stars
  • Story
    5 out of 5 stars
Profile Image for Kris Roberts

great information

as someone who is still very new to the industry, I like listening to this podcast as I find the information very useful

Report this

Something went wrong. Please try again in a few minutes.

You voted on this review!

You reported this review!