Episode 114: Single Page Application Hacking Playbook
Critical Thinking - Bug Bounty Podcast13 Maalis 2025

Episode 114: Single Page Application Hacking Playbook

Episode 114: In this episode of Critical Thinking - Bug Bounty Podcast we’re diving into SPA and how to attack them.We also cover a host of news items, including some bug write-ups, AI updates, and a new tool called Hackadvisor.

Follow us on twitter at: https://x.com/ctbbpodcast

Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

====== Links ======

Follow your hosts Rhynorater and Rez0 on Twitter:

https://x.com/Rhynorater

https://x.com/rez0__

====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

You can also find some hacker swag at https://ctbb.show/merch!

Today’s Sponsor: ThreatLocker Cloud Control

====== Resources ======

Hacking High-Profile Bug Bounty Targets: Deep Dive into a Client-Side Chain

Research finds 12,000 ‘Live’ API Keys and Passwords in DeepSeek's Training Data

Hackadvisor

WP Extensions

Notebook LM

Pressing Buttons with Popups

Response to @RenwaX23

Prompt Injection Attacks for Dummies

Shadow Repeater

parallel-prettier

====== Timestamps ======

(00:00:00) Introduction

(00:02:15) Bug Write-up from @busf4ctor

(00:09:44) Scanning Common Crawl

(00:16:30) Hackadvisor and WP/Chrome Extension News

(00:24:15) Notebook LM, and Recent AI Updates

(00:31:58) Write-up from @J0R1AN and Related POC from @RenwaX23

(00:38:10) Prompt Injection Attacks for Dummies

(00:42:29) ShadowRepeater

(00:47:04) Single-page applications

Jaksot(163)

Episode 131: SL Cyber Writeups, Bug Bounty Metastrategy, and Orphaned Github Commits

Episode 131: SL Cyber Writeups, Bug Bounty Metastrategy, and Orphaned Github Commits

Episode 131: In this episode of Critical Thinking - Bug Bounty Podcast we're covering Christmas in July with several banger articles from Searchlight Cyber, as well as covering things like Raycast for...

17 Heinä 202550min

Episode 130: Minecraft Hacks to Google Hacking Star - Valentino

Episode 130: Minecraft Hacks to Google Hacking Star - Valentino

Episode 130: In this episode of Critical Thinking - Bug Bounty Podcast Justin is joined by Valentino, who shares his journey from hacking Minecraft to becoming a Google hunter. He talks us through sev...

10 Heinä 20251h 8min

Episode 129: Is this how Bug Bounty Ends?

Episode 129: Is this how Bug Bounty Ends?

Episode 129: In this episode of Critical Thinking - Bug Bounty Podcast we chat about the future of hack bots and human-AI collaboration, the challenges posed by tokenization, and the need for cybersec...

3 Heinä 202536min

Episode 128: New Research in Blind SSRF and Self-XSS, and How to Architect Source-code Review AI Bots

Episode 128: New Research in Blind SSRF and Self-XSS, and How to Architect Source-code Review AI Bots

Episode 128: In this episode of Critical Thinking - Bug Bounty Podcast we talking Blind SSRF and Self-XSS, as well as Reversing massive minified JS with AI and a wild Google Logo Ligature BugFollow us...

26 Kesä 202558min

Episode 127: Drama, PDF as JS Chaos, Bounty Profile Apps, And More

Episode 127: Drama, PDF as JS Chaos, Bounty Profile Apps, And More

Episode 127: In this episode of Critical Thinking - Bug Bounty Podcast we address some recent bug bounty controversy before jumping into a slew of news itemsFollow us on XShoutout to YTCracker for the...

19 Kesä 20251h 7min

Episode 126: Hacking AI Series: Vulnus ex Machina - Part 3

Episode 126: Hacking AI Series: Vulnus ex Machina - Part 3

Episode 126: In this episode of Critical Thinking - Bug Bounty Podcast we wrap up Rez0’s AI miniseries ‘Vulnus Ex Machina’. Part 3 includes a showcase of AI Vulns that Rez0 himself has found, and how ...

12 Kesä 202538min

Episode 125: How to Win Live Hacking Events

Episode 125: How to Win Live Hacking Events

Episode 125: In this episode of Critical Thinking - Bug Bounty Podcast Justin shares insights on how to succeed at live hacking events. We cover pre-event preparations, challenges of collaboration, on...

5 Kesä 202547min

Episode 124: Bug Bounty Lifestyle = Less Hacking Time?

Episode 124: Bug Bounty Lifestyle = Less Hacking Time?

Episode 124: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph cover some news from around the community, hitting on Joseph’s Anthropic safety testing, Justin’s guest appeara...

29 Touko 202545min