Sign up to get updates from us
Episode 70: NahamCon and CSP Bypasses Everywhere
Episode 70: In this episode of Critical Thinking - Bug Bounty Podcast we’re once again joined by Ben Sadeghipour to talk about some Nahamcon news, as well as discuss a couple other LHE’s taking place. Then they cover CI/CD an...
Recent Episodes
Episode 69: Johan Carlsson - 3 Month Check-in on Full-time Bug Bounty.
Episode 68: 0-days & HTMX-SS with Mathias
Episode 67: VDPs & Accidental Program VS Hacker Debate Part 2
Episode 66: CDN-CGI Resarch, Intent To Ship, and Louis Vuitton
Episode 65: Motivation and Methodology with Sam Curry (Zlz)
About the Hosts
Justin Gardner (@rhynorater)
Full-time Bug Bounty Hunter
Justin is a full-time bug bounty hunter and top-ranked live hacking event competitor. He has taken home two Most Valuable Hacker awards and countless other 1st place & 2nd place trophies.
While Justin specializes in web hacking, he also dabbles in IoT and mobile hacking. He is also the HackerOne Ambassador for the Eastern US region.
Outside of hacking, Justin enjoys Volleyball, Brazilian Jiu Jitsu, and Real Estate investing.
Joel Margolis (@0xteknogeek)
AppSec @ Match Group
Joel is a appsec engineer at Match Group (the parent company of Tinder, Hinge, Plenty of Fish, OkCupid, Archer, and other dating apps). Joel is also a top bug bounty hunter and has participated and received awards in 30+ live hacking events.
Joel also has experience running a bug bounty program from his time with Uber and Tinder, so he understands the program side as well.
Outside of hacking, Joel enjoys hanging, playing Jazz music, playing with his dog, Max, and tinkering with his home automation system.
Fantastic pod
"So much great, fresh content. An absolute must for security researchers and engineers alike."
Great stuff by two goated hackers
"This podcast is incredible!! If you have any interest in cybersecurity, ethical hacking, or just tech in general then this is for you. Happy listening!"
Favorite Security Podcast
"Amazing content from two supremely talented hackers. A must-listen for anyone looking for high-quality security content."
The best bug bounty podcast
"Joel and Justin are extremely talented hackers sharing amazing insights into appsec. Give it a listen!"
Spotify is currently not available in your country.
Follow us online to find out when we launch., spotify gives you instant access to millions of songs – from old favorites to the latest hits. just hit play to stream anything you like..
Listen everywhere
Spotify works on your computer, mobile, tablet and TV.
Unlimited, ad-free music
No ads. No interruptions. Just music.
Download music & listen offline
Keep playing, even when you don't have a connection.
Premium sounds better
Get ready for incredible sound quality.
Critical Thinking - Bug Bounty Podcast
- By: Justin Gardner (Rhynorater) & Joel Margolis (teknogeek)
- 5.0 out of 5 stars 5.0 (2 ratings)
Failed to add items
Add to cart failed., add to wish list failed., remove from wishlist failed., adding to library failed, follow podcast failed, unfollow podcast failed.
A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.
Episode 70: NahamCon and CSP Bypasses Everywhere
Episode 70: In this episode of Critical Thinking - Bug Bounty Podcast we’re once again joined by Ben Sadeghipour to talk about some Nahamcon news, as well as discuss a couple other LHE’s taking place. Then they cover CI/CD and drop some cool CSP Bypasses.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
------ Ways to Support CTBBPodcast ------
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Today’s Guest: https://twitter.com/NahamSec
https://www.nahamcon.com/
https://www.landh.tech/depi
Youtube CSP:
https://www.youtube.com/oembed?callback=alert()
https://maps.googleapis.com/maps/api/js?callback=alert()-print
Google APIs CSP
https://www.googleapis.com/customsearch/v1?callback=alert(1)
https://www.google.com/complete/search?client=chrome&q=123&jsonp=alert(1)//
CSP Bypass for opener.child.child.child.click()
https://octagon.net/blog/2022/05/29/bypass-csp-using-wordpress-by-abusing-same-origin-method-execution/
Timestamps:
(00:00:00) Introduction
(00:02:55) BSides Takeaways and hacking on Meta
(00:12:12) NahamCon News
(00:23:45) CI/CD and the launch of Depi
(00:33:29) CSP Bypasses
Episode 69: Johan Carlsson - 3 Month Check-in on Full-time Bug Bounty.
Episode 69: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Johan Carlsson to hear about some updates on his bug hunting journey. We deep-dive a CSP bypass he found in GitHub, a critical he found in GitLab's pipeline, and also talk through his approach to using script gadgets and adapting to highly CSP'd environments. Then we talk about his transition to full-time bug hunting, including the goals he’s set, the successes and challenges, and his current focus on specific bug types like ReDoS and OAuth, and the serendipitous nature of bug hunting.
Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.
Nuclei 3.2 Release: https://nux.gg/podcast
Today’s Guest:
https://twitter.com/joaxcar
https://joaxcar.com/blog/
Github CSP Bypass
https://gist.github.com/joaxcar/6e5a0a34127704f4ea9449f6ce3369fc
CSP Validator
https://cspvalidator.org/
Cross Window Forgery
https://www.paulosyibelo.com/2024/02/cross-window-forgery-web-attack-vector.html
Gitlab Crit
https://gist.github.com/joaxcar/9419b2df8778f26e9b02a741a8ec12f8
(00:09:34) Github CSP Bypass
(00:38:48) Script Gadgets and growth through Gitlab
(00:53:53) Gitlab pipeline bug
(01:12:32) Full-time Bug Bounty
Episode 68: 0-days & HTMX-SS with Mathias
Episode 68: In this episode of Critical Thinking - Bug Bounty Podcast Mathias is back with some fresh HTMX research, including CSP bypass using HTMX triggers, converting client-side response header injection to XSS, bypassing HTMX disable, and the challenges of using HTMX in larger applications and the potential performance trade-offs. We also talk about the results of his recent CTF Challenge, and explore some more facets of CDN-CGI functionality.
Project Discovery Conference: https://nux.gg/hss24
https://twitter.com/avlidienbrunn
Masato Kinugawa's research on Teams
https://speakerdeck.com/masatokinugawa/how-i-hacked-microsoft-teams-and-got-150000-dollars-in-pwn2own?slide=33
subdomain-only 307 open redirect
https://avlidienbrunn.se/cdn-cgi/image/onerror=redirect/http://anything.avlidienbrunn.se
(00:05:18) CSP Bypass using HTML
(00:14:00) Converting client-side response header injection to XSS
(00:23:10) Bypassing hx-disable
(00:32:37) XSS-ing impossible elements
(00:38:22) CTF challenge Recap and knowing there's a bug
(00:51:53) hx-on (depreciated)
(00:54:30) CDN-CGI Research discussion
What listeners say about Critical Thinking - Bug Bounty Podcast
- 5 out of 5 stars 5.0 out of 5.0
Reviews - Please select the tabs below to change the source of reviews.
Audible.com reviews, amazon reviews.
- Overall 5 out of 5 stars
- Performance 5 out of 5 stars
- Story 5 out of 5 stars
- Kris Roberts
great information
as someone who is still very new to the industry, I like listening to this podcast as I find the information very useful
Something went wrong. Please try again in a few minutes.
You voted on this review!
You reported this review!
Please sign in to report this content
You'll still be able to report anonymously.
Critical Thinking - Bug Bounty Podcast
By justin gardner (rhynorater) & joel margolis (teknogeek).
A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.
Podcast episodes
Episode 70: NahamCon and CSP Bypasses Everywhere
Episode 70: In this episode of Critical Thinking - Bug Bounty Podcast we’re once again joined by Ben Sadeghipour to talk about some Nahamcon news, as well as discuss a couple other LHE’s taking place. Then they cover CI/CD and drop some cool CSP Bypasses. Follow us on twitter at: @ctbbpodcast We're new to this podcasting thing, so feel free to send us any feedback here: [email protected] Shoutout to YTCracker for the awesome intro music! ------ Links ------ Follow your hosts Rhynorater & Teknogeek on twitter: https://twitter.com/0xteknogeek https://twitter.com/rhynorater ------ Ways to Support CTBBPodcast ------ Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. Today’s Guest: https://twitter.com/NahamSec https://www.nahamcon.com/ Resources: Depi https://www.landh.tech/depi Youtube CSP: https://www.youtube.com/oembed?callback=alert() Maps CSP: https://maps.googleapis.com/maps/api/js?callback=alert()-print Google APIs CSP https://www.googleapis.com/customsearch/v1?callback=alert(1) Google CSP https://www.google.com/complete/search?client=chrome&q=123&jsonp=alert(1)// CSP Bypass for opener.child.child.child.click() https://octagon.net/blog/2022/05/29/bypass-csp-using-wordpress-by-abusing-same-origin-method-execution/ Timestamps: (00:00:00) Introduction (00:02:55) BSides Takeaways and hacking on Meta (00:12:12) NahamCon News (00:23:45) CI/CD and the launch of Depi (00:33:29) CSP Bypasses
Episode 69: Johan Carlsson - 3 Month Check-in on Full-time Bug Bounty.
Episode 69: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Johan Carlsson to hear about some updates on his bug hunting journey. We deep-dive a CSP bypass he found in GitHub, a critical he found in GitLab's pipeline, and also talk through his approach to using script gadgets and adapting to highly CSP'd environments. Then we talk about his transition to full-time bug hunting, including the goals he’s set, the successes and challenges, and his current focus on specific bug types like ReDoS and OAuth, and the serendipitous nature of bug hunting. Follow us on twitter at: @ctbbpodcast We're new to this podcasting thing, so feel free to send us any feedback here: [email protected] Shoutout to YTCracker for the awesome intro music! ------ Links ------ Follow your hosts Rhynorater & Teknogeek on twitter: https://twitter.com/0xteknogeek https://twitter.com/rhynorater ------ Ways to Support CTBBPodcast ------ Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. Sign up for Caido using the referral code CTBBPODCAST for a 10% discount. Nuclei 3.2 Release: https://nux.gg/podcast Today’s Guest: https://twitter.com/joaxcar https://joaxcar.com/blog/ Resources Github CSP Bypass https://gist.github.com/joaxcar/6e5a0a34127704f4ea9449f6ce3369fc CSP Validator https://cspvalidator.org/ Cross Window Forgery https://www.paulosyibelo.com/2024/02/cross-window-forgery-web-attack-vector.html Gitlab Crit https://gist.github.com/joaxcar/9419b2df8778f26e9b02a741a8ec12f8 Timestamps (00:00:00) Introduction (00:09:34) Github CSP Bypass (00:38:48) Script Gadgets and growth through Gitlab (00:53:53) Gitlab pipeline bug (01:12:32) Full-time Bug Bounty
Episode 68: 0-days & HTMX-SS with Mathias
Episode 68: In this episode of Critical Thinking - Bug Bounty Podcast Mathias is back with some fresh HTMX research, including CSP bypass using HTMX triggers, converting client-side response header injection to XSS, bypassing HTMX disable, and the challenges of using HTMX in larger applications and the potential performance trade-offs. We also talk about the results of his recent CTF Challenge, and explore some more facets of CDN-CGI functionality. Follow us on twitter at: @ctbbpodcast We're new to this podcasting thing, so feel free to send us any feedback here: [email protected] Shoutout to YTCracker for the awesome intro music! ------ Links ------ Follow your hosts Rhynorater & Teknogeek on twitter: https://twitter.com/0xteknogeek https://twitter.com/rhynorater Project Discovery Conference: https://nux.gg/hss24 ------ Ways to Support CTBBPodcast ------ Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. Today’s Guest: https://twitter.com/avlidienbrunn Resources: Masato Kinugawa's research on Teams https://speakerdeck.com/masatokinugawa/how-i-hacked-microsoft-teams-and-got-150000-dollars-in-pwn2own?slide=33 subdomain-only 307 open redirect https://avlidienbrunn.se/cdn-cgi/image/onerror=redirect/http://anything.avlidienbrunn.se Timestamps (00:00:00) Introduction (00:05:18) CSP Bypass using HTML (00:14:00) Converting client-side response header injection to XSS (00:23:10) Bypassing hx-disable (00:32:37) XSS-ing impossible elements (00:38:22) CTF challenge Recap and knowing there's a bug (00:51:53) hx-on (depreciated) (00:54:30) CDN-CGI Research discussion
Episode 67: VDPs & Accidental Program VS Hacker Debate Part 2
Episode 67: In this episode of Critical Thinking - Bug Bounty Podcast we deepdive on the topic of Vulnerability Disclosure Programs (VDPs) and whether they are beneficial or not. We also touch on the topic of leaderboard accuracy, and continue the Program VS Hacker debate regarding allocating funds for bounties. Follow us on twitter at: @ctbbpodcast We're new to this podcasting thing, so feel free to send us any feedback here: [email protected] Shoutout to YTCracker for the awesome intro music! ------ Links ------ Follow your hosts Rhynorater & Teknogeek on twitter: https://twitter.com/0xteknogeek https://twitter.com/rhynorater Project Discovery Conference: https://nux.gg/hss24 ------ Ways to Support CTBBPodcast ------ Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. Resources: Nagli's Braindump on VDPs https://twitter.com/galnagli/status/1780174392003031515 Timestamps: (00:00:00) Introduction (00:05:37) VDP programs (00:34:10) Leaderboards (00:43:52) Hacker vs. Program debate Part 2 (01:07:24) Walling Off Endpoints
Episode 66: CDN-CGI Research, Intent To Ship, and Louis Vuitton
Episode 66: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss the recent YesWeHack Louis Vuitton LHE, the importance of failure as growth in bug bounty, and Justin shares his research on CDN CGI. Follow us on twitter at: @ctbbpodcast We're new to this podcasting thing, so feel free to send us any feedback here: [email protected] Shoutout to YTCracker for the awesome intro music! ------ Links ------ Follow your hosts Rhynorater & Teknogeek on twitter: https://twitter.com/0xteknogeek https://twitter.com/rhynorater Project Discovery Conference: https://nux.gg/hss24 ------ Ways to Support CTBBPodcast ------ Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. Resources: YesWeHack Luis Vuitton LHE https://twitter.com/yeswehack/status/1776280653744554287 https://event.yeswehack.com/events/hack-me-im-famous-2 Caido Workflows https://github.com/caido/workflows Oauth Redirects https://twitter.com/Akshanshjaiswl/status/1724143813088940192 Bagipro Golden URL techniques https://hackerone.com/reports/431002 Roadmap I followed to make 15,000+$ Bounties in my first 8 months https://shreyaschavhan.notion.site/Roadmap-I-followed-to-make-15-000-Bounties-in-my-first-8-months-of-starting-out-and-my-journey-98b1b9ff621645c0b97d1e774992f300 Monke Hacks Blog https://monkehacks.beehiiv.com/ PortSwigger post https://x.com/PortSwiggerRes/status/1766087129908576760 post from Masato Kinugawa https://x.com/kinugawamasato/status/916393484147290113 Timestamps: (00:00:00) Introduction (00:04:19) Louis Vuitton LHE (00:13:57) Browser Market share (00:21:13) Justin's Bug of the Week (00:24:49) Caido Workflows (00:27:24) Oauth Redirects (00:32:24) Bug Bounty learning Methodology (00:41:03) 'Intent To Ship' (00:48:08) CDN-CGI Research
Episode 70: NahamCon and CSP Bypasses Everywhere Critical Thinking - Bug Bounty Podcast
Episode 70: In this episode of Critical Thinking - Bug Bounty Podcast we’re once again joined by Ben Sadeghipour to talk about some Nahamcon news, as well as discuss a couple other LHE’s taking place. Then they cover CI/CD and drop some cool CSP Bypasses. Follow us on twitter at: @ctbbpodcast We're new to this podcasting thing, so feel free to send us any feedback here: [email protected] Shoutout to YTCracker for the awesome intro music! ------ Links ------ Follow your hosts Rhynorater & Teknogeek on twitter: https://twitter.com/0xteknogeek https://twitter.com/rhynorater ------ Ways to Support CTBBPodcast ------ Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. Today’s Guest: https://twitter.com/NahamSec https://www.nahamcon.com/ Resources: Depi https://www.landh.tech/depi Youtube CSP: https://www.youtube.com/oembed?callback=alert() Maps CSP: https://maps.googleapis.com/maps/api/js?callback=alert()-print Google APIs CSP https://www.googleapis.com/customsearch/v1?callback=alert(1) Google CSP https://www.google.com/complete/search?client=chrome&q=123&jsonp=alert(1)// CSP Bypass for opener.child.child.child.click() https://octagon.net/blog/2022/05/29/bypass-csp-using-wordpress-by-abusing-same-origin-method-execution/ Timestamps: (00:00:00) Introduction (00:02:55) BSides Takeaways and hacking on Meta (00:12:12) NahamCon News (00:23:45) CI/CD and the launch of Depi (00:33:29) CSP Bypasses
- Episode Website
- More Episodes
- Critical Thinking Podcast
Top Podcasts In Technology
Critical Thinking - Bug Bounty Podcast Podcast – Original recording
- Audible $0.00
- Amazon Music $0.00
- No membership required
- Tens of thousands of podcasts
- Listen in the app or on any Alexa device
- Enjoy free music from Amazon - no subscription required
- Millions of podcast episodes
- Offline Listening
All Episodes
Sort by Date: Old to New Date: New to Old
Episode 70: In this episode of Critical Thinking - Bug Bounty Podcast we’re once again joined by Ben Sadeghipour to talk about some Nahamcon news, as well as discuss a couple other LHE’s taking place. Then they cover CI/CD and drop some cool CSP Bypasses.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
------ Ways to Support CTBBPodcast ------
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Today’s Guest: https://twitter.com/NahamSec
https://www.nahamcon.com/
https://www.landh.tech/depi
Youtube CSP:
https://www.youtube.com/oembed?callback=alert()
https://maps.googleapis.com/maps/api/js?callback=alert()-print
Google APIs CSP
https://www.googleapis.com/customsearch/v1?callback=alert(1)
https://www.google.com/complete/search?client=chrome&q=123&jsonp=alert(1)//
CSP Bypass for opener.child.child.child.click()
https://octagon.net/blog/2022/05/29/bypass-csp-using-wordpress-by-abusing-same-origin-method-execution/
Timestamps:
(00:00:00) Introduction
(00:02:55) BSides Takeaways and hacking on Meta
(00:12:12) NahamCon News
(00:23:45) CI/CD and the launch of Depi
(00:33:29) CSP Bypasses
Episode 69: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Johan Carlsson to hear about some updates on his bug hunting journey. We deep-dive a CSP bypass he found in GitHub, a critical he found in GitLab's pipeline, and also talk through his approach to using script gadgets and adapting to highly CSP'd environments. Then we talk about his transition to full-time bug hunting, including the goals he’s set, the successes and challenges, and his current focus on specific bug types like ReDoS and OAuth, and the serendipitous nature of bug hunting.
Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.
Nuclei 3.2 Release: https://nux.gg/podcast
Today’s Guest:
https://twitter.com/joaxcar
https://joaxcar.com/blog/
Github CSP Bypass
https://gist.github.com/joaxcar/6e5a0a34127704f4ea9449f6ce3369fc
CSP Validator
https://cspvalidator.org/
Cross Window Forgery
https://www.paulosyibelo.com/2024/02/cross-window-forgery-web-attack-vector.html
Gitlab Crit
https://gist.github.com/joaxcar/9419b2df8778f26e9b02a741a8ec12f8
(00:09:34) Github CSP Bypass
(00:38:48) Script Gadgets and growth through Gitlab
(00:53:53) Gitlab pipeline bug
(01:12:32) Full-time Bug Bounty
Episode 68: In this episode of Critical Thinking - Bug Bounty Podcast Mathias is back with some fresh HTMX research, including CSP bypass using HTMX triggers, converting client-side response header injection to XSS, bypassing HTMX disable, and the challenges of using HTMX in larger applications and the potential performance trade-offs. We also talk about the results of his recent CTF Challenge, and explore some more facets of CDN-CGI functionality.
Project Discovery Conference: https://nux.gg/hss24
https://twitter.com/avlidienbrunn
Masato Kinugawa's research on Teams
https://speakerdeck.com/masatokinugawa/how-i-hacked-microsoft-teams-and-got-150000-dollars-in-pwn2own?slide=33
subdomain-only 307 open redirect
https://avlidienbrunn.se/cdn-cgi/image/onerror=redirect/http://anything.avlidienbrunn.se
(00:05:18) CSP Bypass using HTML
(00:14:00) Converting client-side response header injection to XSS
(00:23:10) Bypassing hx-disable
(00:32:37) XSS-ing impossible elements
(00:38:22) CTF challenge Recap and knowing there's a bug
(00:51:53) hx-on (depreciated)
(00:54:30) CDN-CGI Research discussion
Episode 67: In this episode of Critical Thinking - Bug Bounty Podcast we deepdive on the topic of Vulnerability Disclosure Programs (VDPs) and whether they are beneficial or not. We also touch on the topic of leaderboard accuracy, and continue the Program VS Hacker debate regarding allocating funds for bounties.
Nagli's Braindump on VDPs
https://twitter.com/galnagli/status/1780174392003031515
(00:05:37) VDP programs
(00:34:10) Leaderboards
(00:43:52) Hacker vs. Program debate Part 2
(01:07:24) Walling Off Endpoints
Episode 66: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss the recent YesWeHack Louis Vuitton LHE, the importance of failure as growth in bug bounty, and Justin shares his research on CDN CGI.
YesWeHack Luis Vuitton LHE
https://twitter.com/yeswehack/status/1776280653744554287
https://event.yeswehack.com/events/hack-me-im-famous-2
Caido Workflows
https://github.com/caido/workflows
Oauth Redirects
https://twitter.com/Akshanshjaiswl/status/1724143813088940192
Bagipro Golden URL techniques
https://hackerone.com/reports/431002
Roadmap I followed to make 15,000+$ Bounties in my first 8 months https://shreyaschavhan.notion.site/Roadmap-I-followed-to-make-15-000-Bounties-in-my-first-8-months-of-starting-out-and-my-journey-98b1b9ff621645c0b97d1e774992f300
Monke Hacks Blog
https://monkehacks.beehiiv.com/
PortSwigger post
https://x.com/PortSwiggerRes/status/1766087129908576760
post from Masato Kinugawa
https://x.com/kinugawamasato/status/916393484147290113
(00:04:19) Louis Vuitton LHE
(00:13:57) Browser Market share
(00:21:13) Justin's Bug of the Week
(00:24:49) Caido Workflows
(00:27:24) Oauth Redirects
(00:32:24) Bug Bounty learning Methodology
(00:41:03) 'Intent To Ship'
(00:48:08) CDN-CGI Research
Episode 65: In this episode of Critical Thinking - Bug Bounty Podcast we sit down with Sam Curry to discuss the ethical considerations and effectiveness of hacking, the importance of good intent, and the enjoyment Sam derives from pushing the boundaries to find bugs. He shares stories of his experiences, including hacking Tesla, online casinos,Starbucks, his own is ISP router, and even getting detained at the airport.
https://samcurry.net/
Don’t Force Yourself to Become a Bug Bounty Hunter
hackcompute
Starbucks Bug
(00:02:25) Hacking Journey and the limits of Ethical Hacking
(00:28:28) Selecting companies to hack
(00:33:22) Fostering passion vs. Forcing performance
(00:54:06) Collaboration and Hackcompute
(01:00:40) The Efficacy of Bug Bounty
(01:09:20) Secondary Context Bugs
(01:25:01) Mindmaps, note-taking, and Intuition.
(01:46:56) Back-end traversals and Unicode
(01:56:16) Hacking ISP
(02:06:58) Next.js and Crypto
(02:22:24) Dev vs. Prod JWT
Episode 64: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Justin and Joel delve into .NET remoting and how it can be exploited, a recent bypass in the Dom Purify library and some interesting functionality in the Cloudflare CDN-CGI endpoint. They also touch on the importance of collaboration and knowledge sharing, JavaScript Deobfuscation, the value of impactful POCs, hiding XSS payloads with URL path updates.
send us any feedback here: info@criticalthinkingpodcast.io
Check out Project Discovery’s nuclei 3.2 release blog at nux.gg/podcast
.NET Remoting
https://code-white.com/blog/leaking-objrefs-to-exploit-http-dotnet-remoting/
https://github.com/codewhitesec/HttpRemotingObjRefLeak
DOM Purify Bug
Cloudflare /cdn-cgi/
https://developers.cloudflare.com/fundamentals/reference/cdn-cgi-endpoint/
https://portswigger.net/research/when-security-features-collide
https://twitter.com/kinugawamasato/status/893404078365069312
https://twitter.com/m4ll0k/status/1770153059496108231
XSSDoctor's writeup on Javascript deobfuscation
renniepak's tweet
Naffy's tweet
(00:07:15) .Net Remoting
(00:17:29) DOM Purify Bug
(00:25:56) Cloudflare /cdn-cgi/
(00:37:11) Javascript deobfuscation
(00:47:26) renniepak's tweet
(00:55:20) Naffy's tweet
Episode 63: In this episode of Critical Thinking - Bug Bounty Podcast we welcome back Jason Haddix (From Episode 12) to talk about some updates to his The Bug Hunter's Methodology, as well as his own personal life and hacking journey. We talk about the start of his new company, and then venture into topics such as using threat intelligence and buying credentials from the dark web, recon techniques, and ways to integrate AI into your workflow (or target list).
https://twitter.com/Jhaddix
https://www.arcanum-sec.com/
https://www.dehashed.com/
https://flare.io/
https://github.com/edoardottt/csprecon
(00:05:37) Updates to The Bug Hunter's Methodology
(00:14:46) Red Teaming
(00:21:29) Bug Bounty on the Dark Web
(00:36:19) FIS hunting
(00:47:59) New Recon Techniques
(00:58:32) AI integrations and bounties
Episode 62: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel are back with some additional research resources that didn’t make the Portswigger Top-Ten, but that are worth looking at.
Feel free to send us any feedback here: info@criticalthinkingpodcast.io
Cool HTML Shit
https://twitter.com/jcubic/status/1764311080661082201
https://twitter.com/encodeart/status/1764218128374943764
Bug bounty Hunting Journeys
https://twitter.com/ajxchapman/status/1762101366057525521
https://monkehacks.beehiiv.com/p/monkehacks-02
Yelp Cookie Bridge Report
Deobfuscating/Unminifying Obfuscated Code
ChatGPT Source Watch
Web Security Research Reddit
Nahamsec Resources
Portswigger Nominations list
Abusing perspectives: https://hackerone.com/reports/2401115
PortSwigger CSS Exfiltration
https://github.com/PortSwigger/css-exfiltration
(00:02:06) Cool HTML Shit
(00:15:31) Bug Bounty Journeys
(00:28:01) Yelp Cookie Bridge Bug
(00:37:56) Additional Research Resources
(00:46:34) CSS and abusing perspectives
Related to this topic
Only from Audible
Product details
Customer reviews.
Customer Reviews, including Product Star Ratings help customers to learn more about the product and decide whether it is the right product for them.
To calculate the overall star rating and percentage breakdown by star, we don’t use a simple average. Instead, our system considers things like how recent a review is and if the reviewer bought the item on Amazon. It also analyzed reviews to verify trustworthiness.
No customer reviews
- Amazon Newsletter
- About Amazon
- Accessibility
- Sustainability
- Press Center
- Investor Relations
- Amazon Devices
- Amazon Science
- Sell on Amazon
- Sell apps on Amazon
- Supply to Amazon
- Protect & Build Your Brand
- Become an Affiliate
- Become a Delivery Driver
- Start a Package Delivery Business
- Advertise Your Products
- Self-Publish with Us
- Become an Amazon Hub Partner
- › See More Ways to Make Money
- Amazon Visa
- Amazon Store Card
- Amazon Secured Card
- Amazon Business Card
- Shop with Points
- Credit Card Marketplace
- Reload Your Balance
- Amazon Currency Converter
- Your Account
- Your Orders
- Shipping Rates & Policies
- Amazon Prime
- Returns & Replacements
- Manage Your Content and Devices
- Recalls and Product Safety Alerts
- Conditions of Use
- Privacy Notice
- Consumer Health Data Privacy Disclosure
- Your Ads Privacy Choices
Critical Thinking - Bug Bounty Podcast
A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.
.css-14f5ked{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:2;overflow:hidden;} Episode 70: NahamCon and CSP Bypasses Everywhere
Episode 70: In this episode of Critical Thinking - Bug Bounty Podcast we’re once again joined by Ben Sadeghipour to talk about some Nahamcon news, as well as discuss a couple other LHE’s taking place. Then they cover CI/CD and drop some cool CSP Bypasses.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awe...
.css-r6mb8g{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:1;overflow:hidden;} Episode 69: Johan Carlsson - 3 Month Check-in on Full-time Bug Bounty.
Episode 69: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Johan Carlsson to hear about some updates on his bug hunting journey. We deep-dive a CSP bypass he found in GitHub, a critical he found in GitLab's pipeline, and also talk through his approach to using script gadgets and adapting to highly CSP'd environments. Then we talk about his transition to full-time bug hunting, including the goals he’s set,...
Episode 68: 0-days & HTMX-SS with Mathias
Episode 68: In this episode of Critical Thinking - Bug Bounty Podcast Mathias is back with some fresh HTMX research, including CSP bypass using HTMX triggers, converting client-side response header injection to XSS, bypassing HTMX disable, and the challenges of using HTMX in larger applications and the potential performance trade-offs. We also talk about the results of his recent CTF Challenge, and explore some more facets of CDN-C...
Episode 67: VDPs & Accidental Program VS Hacker Debate Part 2
Episode 67: In this episode of Critical Thinking - Bug Bounty Podcast we deepdive on the topic of Vulnerability Disclosure Programs (VDPs) and whether they are beneficial or not. We also touch on the topic of leaderboard accuracy, and continue the Program VS Hacker debate regarding allocating funds for bounties.
We're new to this podcasting thing, so feel free to send us any feedback here: info@c...
Episode 66: CDN-CGI Research, Intent To Ship, and Louis Vuitton
Episode 66: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss the recent YesWeHack Louis Vuitton LHE, the importance of failure as growth in bug bounty, and Justin shares his research on CDN CGI.
Shoutout to YTCracker for the awesome intro music!
------ Link...
Episode 65: Motivation and Methodology with Sam Curry (Zlz)
Episode 65: In this episode of Critical Thinking - Bug Bounty Podcast we sit down with Sam Curry to discuss the ethical considerations and effectiveness of hacking, the importance of good intent, and the enjoyment Sam derives from pushing the boundaries to find bugs. He shares stories of his experiences, including hacking Tesla, online casinos,Starbucks, his own is ISP router, and even getting detained at the airport.
Follow us on t...
Episode 64: .NET Remoting, CDN Attack Surface, and Recon vs Main App
Episode 64: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Justin and Joel delve into .NET remoting and how it can be exploited, a recent bypass in the Dom Purify library and some interesting functionality in the Cloudflare CDN-CGI endpoint. They also touch on the importance of collaboration and knowledge sharing, JavaScript Deobfuscation, the value of impactful POCs, hiding XSS payloads with URL path updat...
Episode 63: JHaddix Returns
Episode 63: In this episode of Critical Thinking - Bug Bounty Podcast we welcome back Jason Haddix (From Episode 12) to talk about some updates to his The Bug Hunter's Methodology, as well as his own personal life and hacking journey. We talk about the start of his new company, and then venture into topics such as using threat intelligence and buying credentials from the dark web, recon techniques, and ways to integrate AI into you...
Episode 62: Frontend Language Oddities
Episode 62: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel are back with some additional research resources that didn’t make the Portswigger Top-Ten, but that are worth looking at.
Feel free to send us any feedback here: [email protected]
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twi...
Episode 61: A Hacker on Wall Street - JR0ch17
Episode 61: In this episode of Critical Thinking - Bug Bounty Podcast Justin is joined by Jasmin Landry to share some stories about startup security, bug bounty, and the challenges of balancing both. He also shares his methodology for discovering OAuth-related bugs, highlights some differences between structured learning and self-teaching, and then walks us through a couple arbitrary ATO’s and SSTI to RCE bugs he’s found lately.
Episode 60: Our Take on PortSwigger's Top 10 Web Hacking Techniques of 2023
Episode 60: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel review the Portswigger Research list of top 10 web hacking techniques of 2023.
Send us any feedback here: [email protected]
Follow your hosts Rhynorater & Teknogeek on twitter:
------ Ways to Support CTBBPodcast ------
Hop on the...
Episode 59: Bug Bounty Gadget Hunting & Hacker's Intuition
Episode 59: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss the concept of gadgets and how they can be used to escalate the impact of vulnerabilities. We talk through things like HTML injection, image injection, CRLF injection, web cache deception, leaking window location, self-stored XSS, and much more.
We're new to this podcasting thing, so feel free to send us...
Episode 58: Youssef Sammouda - Client-Side & ATO War Stories
Episode 58: In this episode of Critical Thinking - Bug Bounty Podcast we finally sit down with Youssef Samouda and grill him on his various techniques for finding and exploiting client-side bugs and postMessage vulnerabilities. He shares some crazy stories about race conditions, exploiting hash change events, and leveraging scroll to text fragments.
We're new to this podcasting thing, so fe...
Episode 57: Technical breakdown from Miami Hacking Event - H1-305
Episode 57: In this episode of Critical Thinking - Bug Bounty Podcast, Justin and Joel are live from Miami, and recap their experience and share takeaways from the live hacking event. They highlight the importance of paying attention to client-side routing and the growing bug class of client-side path traversal. They also discuss the challenges of knowing when to cut your losses and the value of tracking time and setting goals.&nbs...
Episode 56: Using Data Science to win Bug Bounty - Mayonaise (aka Jon Colston)
Episode 56: In this episode of Critical Thinking - Bug Bounty Podcast, Justin sits down with Jon Colston to discuss how his background in digital marketing and data science has influenced his hunting methodology. We dive into subjects like data sources, automation, working backwards from vulnerabilities, applying conversion funnels to bug bounty, and the ...
Episode 55: Popping WordPress Plugins - Methodology Braindump
Episode 55: In this episode of Critical Thinking - Bug Bounty Podcast, Justin is joined by Wordpress Security Researcher Ram Gall to discuss both functionality and vulnerabilities within Wordpress Plugins.
Follow us on twitter
Send us any feedback here :
WordFence - Sign u...
Episode 54: White Box Formulas - Vulnerable Coding Patterns
Episode 54: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel are back with news items and new projects. Joel shares about his personal scraping project to gather data on bug bounty programs and distribution Next, they announce the launch of HackerNotes, a podcast companion that will summarize the main technical points of each episode. They also discuss a recent GitLab CVE and an invisible prompt injection, ...
Episode 53: 500k/yr as Full-Time Bug Hunter & Content Creator - Nahamsec
Episode 53: In this episode of Critical Thinking - Bug Bounty Podcast,we’re joined by none other than NahamSec. We start by discusses the challenges he faced on his journey in bug bounty hunting and content creation, including personal struggles and the pressure of success.We also talk about finding balance and managing mental energy, going the extra mile, and the importance of planning and setting goals for yourself before he walk...
Episode 52: Best Technical Content from Year 1 of CTBB Podcast
Episode 52: In this episode of Critical Thinking - Bug Bounty Podcast we're going back and highlighting some of the best technical moments from the past year! Hope you enjoy this best of 2023 Supercut!
Follow your hosts ...
Episode 51: Hacker Stats 2023 & 2024 Goals
Episode 51: In this episode of Critical Thinking - Bug Bounty Podcast, Justin and Joel are back for the last episode of 2023. We discuss some noteworthy news items including a Hacker One Crit, Caido updates, and some Blind CSS. Then we dive into our own personal ‘Hackers Wrapped’ recap of the year, before laying out some goals for 2024.
We're new to this podcasting thing, so feel free to send us ...
Popular Podcasts
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations.
Death, Sex & Money
Anna Sale explores the big questions and hard choices that are often left out of polite conversation.
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Crime Junkie
If you can never get enough true crime... Congratulations, you’ve found your people.
A straightforward look at the day's top news in 20 minutes. Powered by ABC News. Hosted by Brad Mielke.
© 2024 iHeartMedia, Inc.
- Privacy Policy
- Terms of Use
IMAGES
VIDEO
COMMENTS
Episode 65: Motivation and Methodology with Sam Curry (Zlz) Episode 65: In this episode of Critical Thinking - Bug Bounty Podcast we sit down with Sam Curry to discuss the ethical considerations and effectiveness of hacking, the importance of good intent, and the enjoyment Sam derive…. March 28, 2024.
A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.
Critical Thinking - Bug Bounty Podcast. A 'by Hackers for Hackers' podcast focused on technical bug bounty content. Connect. Archive. May 05, 2024 [HackerNotes Ep. 69]: Johan Carlsson - 3 Month Check-in on Full-time Bug Bounty.
Episode 61: A Hacker on Wall Street - JR0ch17. Episode 61: In this episode of Critical Thinking - Bug Bounty Podcast Justin is joined by Jasmin Landry to share some stories about startup security, bug bounty, and the challenges of balancing both. He also shares his method... Episode page. Feb. 29, 2024.
May 2, 2024. Johan Carlsson - 3 Month Check-in on Full-time Bug Bounty. (Ep. 69) Episode 69: In this episode of Critical Thinking - Bug Bounty Podcast we're joined by Johan Carlsson to hear about some updates on his bug hunting journey. We deep-dive a CSP bypass he found in GitHub, a critical he found in GitLab's pipeline, and also talk ...
Crit ical Thinking is a "by hackers, for hackers" podcast designed to be both technical and fun to listen to.. We keep it real - we talk about everything from technical exploit breakdowns to hacker mental health issues. From new techniques and research to the live hacking event scene, CT will be dropping a pod weekly to keep you up to date and in the loop with the hacker life.
A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques. Home Episodes All Episodes 33 By Season Season 1 33. Videos ...
A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.
Episode 65: In this episode of Critical Thinking - Bug Bounty Podcast we sit down with Sam Curry to discuss the ethical considerations and effectiveness of hacking, the importance of good intent, and the enjoyment Sam derives from pushing the boundaries to find bugs. He shares stories of his experiences, including hacking Tesla, online casinos ...
Episode 61: In this episode of Critical Thinking - Bug Bounty Podcast Justin is joined by Jasmin Landry to share some stories about startup security, bug bounty, and the challenges of balancing both. He also shares his methodology for discovering OAuth-related bugs, highlights some differences between structured learning and self-teaching, and ...
A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques. Technology · 2023.
Listen to Critical Thinking - Bug Bounty Podcast on Spotify. A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.
Episode 57: In this episode of Critical Thinking - Bug Bounty Podcast, Justin and Joel are live from Miami, and recap their experience and share takeaways from the live hacking event. They highlight the importance of paying attention to client-side routing and the growing bug class of client-side path traversal. They also discuss the challenges ...
Episode 53: In this episode of Critical Thinking - Bug Bounty Podcast,we're joined by none other than NahamSec. We start by discusses the challenges he faced on his journey in bug bounty hunting and content creation, including personal struggles and the pressure of success.We also talk about finding balance and managing mental energy, going the extra mile, and the importance of planning and ...
Episode 62: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel are back with some additional research resources that didn't make the Portswigger Top-Ten, but that are worth looking at.Follow us on twitter at: @ctbbpodcastFeel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!-----
Search Critical Thinking - Bug Bounty Podcast Posts [HackerNotes Ep. 60] Our Take on PortSwigger's Top 10 Web Hacking Techniques of 2023. This episode is all about the Portswigger top 10 research of 2023. We've done our own spin on this, the HackerNotes top 5. gr3pme Mar 01, 2024
Episode 65: In this episode of Critical Thinking - Bug Bounty Podcast we sit down with Sam Curry to discuss the ethical considerations and effectiveness of hacking, the importance of good intent, and the enjoyment Sam derives from pushing the boundaries to find bugs. He shares stories of his experiences, including hacking Tesla, online casinos ...
Critical Thinking - Bug Bounty Podcast Technology, Information and Internet Richmond, Virginia 1,324 followers A 'by Hackers for Hackers' podcast focused on technical content. @ctbbpodcast
Episode 70: In this episode of Critical Thinking - Bug Bounty Podcast we're once again joined by Ben Sadeghipour to talk about some Nahamcon news, as well as discuss a couple other LHE's taking place. Then they cover CI/CD and drop some cool CSP Bypasses. Follow us on twitter at: @ctbbpodcast We're…
Episode 54: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel are back with news items and new projects. Joel shares about his personal scraping project to gather data on bug bounty programs and distribution Next, they announce the launch of HackerNotes, a podcast companion that will summarize the main technical points of each episode.
A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.
Episode 49: In this episode of Critical Thinking - Bug Bounty Podcast, Justin Gardner is once again joined by Nagli to discuss some of their recent hacking d...
A 'by Hackers for Hackers' podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.
Critical Thinking - Bug Bounty Podcast; Archive; Page 2; Archive. Clear Filters. Feb 05, 2024 [HackerNotes Ep. 56] Using Data Science to Win Bug Bounty - Mayonaise (aka Jon Colston) Using Data Science to Win Bug Bounty With Mayonaise (aka Jon Colston) gr3pme. Jan 26, 2024