Episode 24: AI + Hacking with Daniel Miessler and Rez0
Critical Thinking - Bug Bounty Podcast22 Kesä 2023

Episode 24: AI + Hacking with Daniel Miessler and Rez0

Episode 24: In this episode of Critical Thinking - Bug Bounty Podcast, we chat with Daniel Miessler and Rez0 about the emergence and potential of AI in hacking. We cover AI shortcuts and command line tools, AI in code analysis and the use of AI agents, and even brainstorm about the possible opportunities that integrating AI into hacking tools like Caido and Burp might present. Don't miss this episode packed with valuable insights and cutting-edge strategies for both beginners and seasoned bug bounty hunters alike.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Today’s Guests:

https://twitter.com/rez0__

https://twitter.com/DanielMiessler

Daniel Miessler’s Unsupervised Learning

https://danielmiessler.com/

Simon Willison's Python Function Search Tool

https://simonwillison.net/2023/Jun/18/symbex/

oobabooga - web interface for models

https://github.com/oobabooga/text-generation-webui

State of GPT

https://karpathy.ai/stateofgpt.pdf

AI Canaries

https://danielmiessler.com/p/ai-agents-canaries

GPT3.5

https://community.openai.com/t/gpt-3-5-turbo-0613-function-calling-16k-context-window-and-lower-prices/263263

GPT Engineer

https://github.com/AntonOsika/gpt-engineer

Timestamps:

(00:00:00) Introduction

(00:05:40) Using AI for hacking: Developing hacking tools and workflow shortcuts

(00:11:40) GPT Engineer and Small Developer for Security Vulnerability Mapping

(00:22:40) The potential dangers of centralized vs. decentralized finance

(00:24:10) Ethical hacking and circumventing ChatGPT restrictions

(00:26:09) AI Agents, Reverse API, and Encoding/Decoding Tools

(00:31:45) Limitations of AI in context window and processing large JavaScript files

(00:36:50) Meta-prompter: Enhancing prompts for accurate responses from GPT

(00:41:00) GPT-35 and the new 616K context model

(45:08) Creating a loader for Burp Suite files or Caido instances

(00:54:02) Hacking AI Features: Best Practices

(01:00:00) AI plugin takeover and the need for verification of third-party plugins and tools

Jaksot(167)

Episode 95: Attacking Chrome Extensions with MatanBer - Big Impact on the Client-Side

Episode 95: Attacking Chrome Extensions with MatanBer - Big Impact on the Client-Side

Episode 95: In this episode of Critical Thinking - Bug Bounty Podcast In this episode, Justin is joined by MatanBer to delve into the intricacies of browser extensions. We talk about the structure and...

31 Loka 20241h 56min

Episode 94: Zendesk Fiasco & the CTBB Naughty List

Episode 94: Zendesk Fiasco & the CTBB Naughty List

Episode 94: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel give their perspectives on the recent Zendesk fiasco and the ethical considerations surrounding it. They also high...

24 Loka 202449min

Episode 93: A Chat with Dr. Bouman - Life as a Hacker and a Doctor

Episode 93: A Chat with Dr. Bouman - Life as a Hacker and a Doctor

Episode 93: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Dr. Jonathan Bouman to discuss his unique journey as both a Hacker and a Healthcare Professional. We talk through ...

17 Loka 20241h 41min

Episode 92 - SAML XPath Confusion, Chinese DNS Poisoning, and AI Powered 403 Bypasser

Episode 92 - SAML XPath Confusion, Chinese DNS Poisoning, and AI Powered 403 Bypasser

Episode 92: In this episode of Critical Thinking - Bug Bounty Podcast In this episode Justin and Joel tackle a host of new research and write-ups, including Ruby SAML, 0-Click exploits in MediaTek Wi-...

10 Loka 202447min

Episode 91: Zero to LHE in 9 Months (feat gr3pme)

Episode 91: Zero to LHE in 9 Months (feat gr3pme)

Episode 91: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner sits down with Critical Thinking’s own HackerNotes writer Brandyn Murtagh (gr3pme) to talk about his journey with B...

3 Loka 20241h 22min

Episode 90: 5k Clickjacking, Encryption Oracles, and Cursor for PoCs

Episode 90: 5k Clickjacking, Encryption Oracles, and Cursor for PoCs

Episode 90: In this episode of Critical Thinking - Bug Bounty Podcast Joel and Justin recap some of their recent hacking ups and downs and have a lively chat about Cursor. Then they cover some some re...

26 Syys 202451min

Episode 89: The Untapped Bug Bounty Landscape of IoT w/ Matt Brown

Episode 89: The Untapped Bug Bounty Landscape of IoT w/ Matt Brown

Episode 89: In this episode of Critical Thinking - Bug Bounty Podcast We’re joined live by Matt Brown to talk about his journey with hacking in the IoT. We cover the specializations and challenges in ...

19 Syys 20241h 58min

Episode 88: News, Tools, and Writeups

Episode 88: News, Tools, and Writeups

Episode 88: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel tackle a whole slate of new research including a new cheat sheet for URL validation bypass from Portswigger, the i...

12 Syys 20241h 6min