Episode 52: Best Technical Content from Year 1 of CTBB Podcast
Critical Thinking - Bug Bounty Podcast4 Tammi 2024

Episode 52: Best Technical Content from Year 1 of CTBB Podcast

Episode 52: In this episode of Critical Thinking - Bug Bounty Podcast we're going back and highlighting some of the best technical moments from the past year! Hope you enjoy this best of 2023 Supercut!

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Timestamps:

(00:00:00) Introduction

(00:02:55) Episode 26: Meta tags and base tags in HTML

(00:15:20) Episode 27: Client-side path traversal

(00:23:18) Episode 27: Cookie bombing + cookie jar overflow

(00:35:47) Episode 44: Cross environment authentication bugs

(00:43:17) Episode 47: The open-faced Iframe Sandwich

(00:50:19) Episode 47: js hoisting and classic Joel nerdsnipe

(00:58:28) Episode 29: Sean Yeoh on Subdomains vs IP in recon

(01:04:05) Episode 30: Shubs on reversing enterprise software

(01:24:58) Episode 30: Shubs on building out a recon flow

(01:29:36) Episode 30: Shubs on Hacking IIS Servers

(01:36:45) Episode 37: 0xLupin on smart JavaScript analysis tools

(01:45:42) Episode 45: Frans Rosen On App cache, Service workers cookie stuffing, and postMessage

(02:15:02) Episode 50: Mathias Karlsson on XSLT and MXSS

(02:39:26) Episode 27: Assetnote's sharefile RCE

(02:48:18) Episode 31: Perforce RCE

(02:53:48) Episode 48: Sam Erb's XSLT bug story

(02:58:47) Final thoughts and Special Thanks

Jaksot(161)

Episode 73: Sandboxed IFrames and WAF Bypasses

Episode 73: Sandboxed IFrames and WAF Bypasses

Episode 73: In this episode of Critical Thinking - Bug Bounty Podcast we give a brief recap of Nahamcon and then touch on some topics like WAF bypass tools, sandboxed iframes, and programs redacting y...

30 Touko 202431min

Episode 72: Research TLDRs & Smuggling Payloads in Well Known Data Types

Episode 72: Research TLDRs & Smuggling Payloads in Well Known Data Types

Episode 72: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss some hot research from the past couple months. This includes ways to smuggle payloads in phone numbers and...

23 Touko 202452min

Episode 71: More VDP Chats & AI Bias Bounty Strats with Keith Hoodlet

Episode 71: More VDP Chats & AI Bias Bounty Strats with Keith Hoodlet

Episode 71: In this episode of Critical Thinking - Bug Bounty Podcast Keith Hoodlet joins us to weigh in on the VDP Debate. He shares some of his insights on when VDPs are appropriate in a company's s...

16 Touko 20241h 45min

Episode 70: NahamCon and CSP Bypasses Everywhere

Episode 70: NahamCon and CSP Bypasses Everywhere

Episode 70: In this episode of Critical Thinking - Bug Bounty Podcast we’re once again joined by Ben Sadeghipour to talk about some Nahamcon news, as well as discuss a couple other LHE’s taking place....

9 Touko 202443min

Episode 69: Johan Carlsson - 3 Month Check-in on Full-time Bug Bounty.

Episode 69: Johan Carlsson - 3 Month Check-in on Full-time Bug Bounty.

Episode 69: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Johan Carlsson to hear about some updates on his bug hunting journey. We deep-dive a CSP bypass he found in GitHub...

2 Touko 20241h 49min

Episode 68: 0-days & HTMX-SS with Mathias

Episode 68: 0-days & HTMX-SS with Mathias

Episode 68: In this episode of Critical Thinking - Bug Bounty Podcast Mathias is back with some fresh HTMX research, including CSP bypass using HTMX triggers, converting client-side response header in...

25 Huhti 20241h 3min

Episode 67: VDPs & Accidental Program VS Hacker Debate Part 2

Episode 67: VDPs & Accidental Program VS Hacker Debate Part 2

Episode 67: In this episode of Critical Thinking - Bug Bounty Podcast we deepdive on the topic of Vulnerability Disclosure Programs (VDPs) and whether they are beneficial or not. We also touch on the ...

18 Huhti 20241h 19min

Episode 66: CDN-CGI Research, Intent To Ship, and Louis Vuitton

Episode 66: CDN-CGI Research, Intent To Ship, and Louis Vuitton

Episode 66: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss the recent YesWeHack Louis Vuitton LHE, the importance of failure as growth in bug bounty, and Justin shar...

11 Huhti 202458min