Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains
Critical Thinking - Bug Bounty Podcast20 Marras 2025

Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains

Episode 149: In this episode of Critical Thinking - Bug Bounty Podcast The DEFCON videos are up, and Justin and Joseph talk through some of their favorites.

Follow us on X

Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

====== Links ======

Follow your hosts Rhynorater, rez0 and gr3pme on X:

====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

You can also find some hacker swag at https://ctbb.show/merch!

====== Resources ======

Unicode surrogates conversion

Prompt. Scan. Exploit

Breaking into thousands of cloud based VPNs with 1 bug

Examining Access Control Vulnerabilities in GraphQL

Smart Bus Smart Hacking

Passkeys Pwned

Bypassing Intent Destination Checks

Gemini Agents in Google Calendar

Exploitation of DOM Clobbering Vuln at Scale

TheHulk

Smart Devices, Dumb Resets

Mac PRT Cookie Theft

====== Timestamps ======

(00:00:00) Introduction

(00:10:10) Prompt. Scan. Exploit

(00:23:52) Breaking into thousands of cloud based VPNs with 1 bug

(00:33:25) Access Control Vulns in GraphQL, Smart Bus Hacking, & Passkeys Pwned

(00:44:10) Bypassing Intent Destination Checks & Invoking Gemini Agents

(00:57:08) DOM Clobbering, Mac PRT Cookie Theft, & Smart Devices, Dumb Resets

Jaksot(167)

Episode 167: Stealing Bugs with Valeriy Shevchenko

Episode 167: Stealing Bugs with Valeriy Shevchenko

Episode 167: In this episode of Critical Thinking - Bug Bounty Podcast we welcome Valeriy Shevchenko to talk about program management, anchor programs, and Theft in Bug Bounty.Follow us on twitter at:...

26 Maalis 51min

Episode 166: Rez0’s Top Claude Skill Secrets

Episode 166: Rez0’s Top Claude Skill Secrets

Episode 166: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Rez0’s Claude Skill Secrets, when AI Generated reports fall apart, and agents vs filters.Follow us on twitter at: h...

19 Maalis 53min

Episode 165: Protobuf Hacking, AI-Powered Bug Hunting, and Self-Improving Claude Workflows

Episode 165: Protobuf Hacking, AI-Powered Bug Hunting, and Self-Improving Claude Workflows

Episode 165: In this episode of Critical Thinking - Bug Bounty Podcast Justin recaps his Zero Trust World experience, before we dive into Permissions issues client-side bugs, New Hardware Hacking Clas...

12 Maalis 44min

Episode 164: Tommy DeVoss: From Black Hat to Bug Bounty LEGEND

Episode 164: Tommy DeVoss: From Black Hat to Bug Bounty LEGEND

Episode 164: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Tommy DeVoss to talk about his origin story, Yahoo bugs, and how Tommy first got Justin into Bug BountyFoll...

5 Maalis 1h 11min

Episode 163: Best Technical Takeaways from Portswigger Top 10 2025

Episode 163: Best Technical Takeaways from Portswigger Top 10 2025

Episode 163: In this episode of Critical Thinking - Bug Bounty Podcast It’s that time of year again! We’re looking at the Portswigger Research list of top 10 web hacking techniques of 2025.Follow us o...

26 Helmi 1h 8min

Episode 162: HackerOne Training AI on Bug Bounty Data?

Episode 162: HackerOne Training AI on Bug Bounty Data?

Episode 162: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph sit down with HackerOne Founder & CTO Alex Rice to discuss concerns of Using Hacker Data for AI and decreasing ...

19 Helmi 53min

Episode 161: Cross-Consumer Attacks & DTMF Tone Exfil

Episode 161: Cross-Consumer Attacks & DTMF Tone Exfil

Episode 161: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gives us some quick hits regarding CSRF and Cross Consumer Attacks, and also touches on some breaking questions surroundin...

12 Helmi 24min

Episode 160: Cloudflare Zero-days & Mail Unsubscribing for XSS

Episode 160: Cloudflare Zero-days & Mail Unsubscribing for XSS

Episode 160: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and Brandyn. Chat through some news, Including a Cloudflare Zero-day, Turning List-Unsubscribe into an SSRF/XSS Gadget, & ...

5 Helmi 45min