Episode 39: The Art of Architectures
Critical Thinking - Bug Bounty Podcast5 Loka 2023

Episode 39: The Art of Architectures

Episode 39: In this episode of Critical Thinking - Bug Bounty Podcast, We're catching up on news, including new override updates from Chrome, GPT-4, SAML presentations, and even a shoutout from Live Overflow! Then we get busy laying the groundwork on a discussion of web architecture. better get started on this one, cause we're going to need a part two!

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

CT shoutout from Live Overflow

https://www.youtube.com/watch?v=3zShGLEqDn8

Chrome Override updates

https://developer.chrome.com/blog/new-in-devtools-117/#overrides

GPT-4/AI Prompt Injection

https://x.com/rez0__/status/1706334160569213343?s=20 & https://x.com/evrnyalcin/status/1707298475216425400?s=20

Caido Releases Pro free for students

https://twitter.com/CaidoIO/status/1707099640846250433

Or, use code ctbbpodcast for 10% of the subscription price

Aleksei Tiurin on SAML hacking

https://twitter.com/antyurin/status/1704906212913951187

Account Takeover on Tesla

https://medium.com/@evan.connelly/post-account-takeover-account-takeover-of-internal-tesla-accounts-bc720603e67d

Joseph

https://portswigger.net/bappstore/82d6c60490b540369d6d5d01822bdf61

Cookie Monster

https://github.com/iangcarroll/cookiemonster

HTMX

https://htmx.org/

Timestamps:

(00:00:00) Introduction

(00:04:40) Shoutout from Live Overflow

(00:06:40) Chrome Overrides update

(00:08:48) GPT-4V and AI Prompt Injection

(00:14:35) Caido Promos

(00:15:40) SAML Vulns

(00:17:55) Account takeover on Tesla, and auth token from one context in a different context

(00:24:30) Testing for vulnerabilities in JWT-based authentication

(00:28:07) Web Architectures

(00:32:49) Single page apps + a rest API

(00:45:20) XSS vulnerabilities in single page apps

(00:49:00) Direct endpoint architecture

(00:55:50) Content Enumeration

(01:02:23) gRPC & Protobuf

(01:06:08) Microservices and Reverse Proxy

(01:12:10) Request Smuggling/Parameter Injections

Jaksot(171)

Episode 163: Best Technical Takeaways from Portswigger Top 10 2025

Episode 163: Best Technical Takeaways from Portswigger Top 10 2025

Episode 163: In this episode of Critical Thinking - Bug Bounty Podcast It’s that time of year again! We’re looking at the Portswigger Research list of top 10 web hacking techniques of 2025.Follow us o...

26 Helmi 1h 8min

Episode 162: HackerOne Training AI on Bug Bounty Data?

Episode 162: HackerOne Training AI on Bug Bounty Data?

Episode 162: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph sit down with HackerOne Founder & CTO Alex Rice to discuss concerns of Using Hacker Data for AI and decreasing ...

19 Helmi 53min

Episode 161: Cross-Consumer Attacks & DTMF Tone Exfil

Episode 161: Cross-Consumer Attacks & DTMF Tone Exfil

Episode 161: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gives us some quick hits regarding CSRF and Cross Consumer Attacks, and also touches on some breaking questions surroundin...

12 Helmi 24min

Episode 160: Cloudflare Zero-days & Mail Unsubscribing for XSS

Episode 160: Cloudflare Zero-days & Mail Unsubscribing for XSS

Episode 160: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and Brandyn. Chat through some news, Including a Cloudflare Zero-day, Turning List-Unsubscribe into an SSRF/XSS Gadget, & ...

5 Helmi 45min

Episode 159: Avoiding Downgrades on Google Cloud VRP with Cote and Darby Hopkins

Episode 159: Avoiding Downgrades on Google Cloud VRP with Cote and Darby Hopkins

Episode 159: In this episode of Critical Thinking - Bug Bounty Podcast we sit down with the Google Cloud VRP Team to deep-dive policy and reward changes, what the panel process looks like, and how to ...

29 Tammi 1h 46min

Episode 158: 10hr Marathon Hack-Along Recap + $300k Client-side Bugs

Episode 158: 10hr Marathon Hack-Along Recap + $300k Client-side Bugs

Episode 158: In this episode of Critical Thinking - Bug Bounty Podcast we talk about our personal takeaways from the CTBB Charity Hackalong, and then break down some InsertScript POCs, what a $55,000 ...

22 Tammi 58min

Episode 157: Crushing Pwn2Own & H1 with Kernel Driver Exploits

Episode 157: Crushing Pwn2Own & H1 with Kernel Driver Exploits

Episode 157: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Hypr to talk about hacking Mediatek and his experiences with HackerOne and Pwn2Own Ecosystems.Follow us on twitte...

15 Tammi 1h 34min

Episode 156: Chill AMA from bugbounty.forum

Episode 156: Chill AMA from bugbounty.forum

Episode 156: In this episode of Critical Thinking - Bug Bounty Podcast we answer some fantastic questions from over at bugbounty.forumFollow us on twitter at: https://x.com/ctbbpodcastGot any ideas an...

8 Tammi 1h 23min