Episode 11: CV$$, Web Cache Deception, and SSTI

Episode 74: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Roni "Lupin" Carta for a deep dive into supply chain attacks and dependency confusion. We explore the supply...

6 Jun 20241h 38min

Episode 73: In this episode of Critical Thinking - Bug Bounty Podcast we give a brief recap of Nahamcon and then touch on some topics like WAF bypass tools, sandboxed iframes, and programs redacting y...

30 Mai 202431min

Episode 72: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss some hot research from the past couple months. This includes ways to smuggle payloads in phone numbers and...

23 Mai 202452min

Episode 71: In this episode of Critical Thinking - Bug Bounty Podcast Keith Hoodlet joins us to weigh in on the VDP Debate. He shares some of his insights on when VDPs are appropriate in a company's s...

16 Mai 20241h 45min

Episode 70: In this episode of Critical Thinking - Bug Bounty Podcast we’re once again joined by Ben Sadeghipour to talk about some Nahamcon news, as well as discuss a couple other LHE’s taking place....

9 Mai 202443min

Episode 69: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Johan Carlsson to hear about some updates on his bug hunting journey. We deep-dive a CSP bypass he found in GitHub...

2 Mai 20241h 49min

Episode 68: In this episode of Critical Thinking - Bug Bounty Podcast Mathias is back with some fresh HTMX research, including CSP bypass using HTMX triggers, converting client-side response header in...

25 Apr 20241h 3min

Episode 67: In this episode of Critical Thinking - Bug Bounty Podcast we deepdive on the topic of Vulnerability Disclosure Programs (VDPs) and whether they are beneficial or not. We also touch on the ...

18 Apr 20241h 19min