Episode 101: CTBB Hijacked: Rez0__ on AI Attack Vectors with Johann Rehberger
Critical Thinking - Bug Bounty Podcast12 Des 2024

Episode 101: CTBB Hijacked: Rez0__ on AI Attack Vectors with Johann Rehberger

Episode 101: In this episode of Critical Thinking - Bug Bounty Podcast we’ve been hijacked! Rez0 takes control of this episode, and sits down with Johann Rehberger to discuss the intricacies of AI application vulnerabilities. They talk through the importance of understanding system prompts, and various obfuscation techniques used to bypass security measures, the best AI platforms, and the evolving landscape of AI security.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Sponsor - ThreatLocker. Check out their Elevation Control! https://www.criticalthinkingpodcast.io/tl-ec

Today’s Guest: https://x.com/wunderwuzzi23

Resources

Johann's blog

https://embracethered.com/blog/

zombais

https://embracethered.com/blog/posts/2024/claude-computer-use-c2-the-zombais-are-coming/

Copirate

https://embracethered.com/blog/posts/2024/m365-copilot-prompt-injection-tool-invocation-and-data-exfil-using-ascii-smuggling/

Timestamps

(00:00:00) Introduction

(00:01:59) Biggest things to look for in AI hacking

(00:11:58) Best AI companies to hack on

(00:15:59) URL Redirects and Obfuscation Techniques

(00:24:05) Copirate

(00:35:50) prompt injection guardrails and threats

Episoder(161)

Episode 113: Best Technical Takeaways from Portswigger Top 10 2024

Episode 113: Best Technical Takeaways from Portswigger Top 10 2024

Episode 113: In this episode of Critical Thinking - Bug Bounty Podcast we’re breaking down the Portswigger Top 10 from 2024. There’s some bangers in here!Follow us on X at: https://x.com/ctbbpodcastGo...

6 Mar 20251h 29min

Episode 112: Interview with Ciarán Cotter (MonkeHack) - Critical Lab Researcher and Full-time Hunter

Episode 112: Interview with Ciarán Cotter (MonkeHack) - Critical Lab Researcher and Full-time Hunter

Episode 112: In this episode of Critical Thinking - Bug Bounty Podcast Joseph Thacker is joined by Ciarán Cotter (Monke) to share his bug hunting journey and give us the rundown on some recent client-...

27 Feb 20251h 7min

Episode 111: How to Bypass DOMPurify in Bug Bounty with Kevin Mizu

Episode 111: How to Bypass DOMPurify in Bug Bounty with Kevin Mizu

Episode 111: In this episode of Critical Thinking - Bug Bounty Podcast Justin interviews Kevin Mizu to showcase his knowledge regarding DOMPurify and its misconfigurations. We walk through some of Kev...

20 Feb 20251h 49min

Episode 110: Oauth Gadget Correlation and Common Attacks

Episode 110: Oauth Gadget Correlation and Common Attacks

Episode 110: In this episode of Critical Thinking - Bug Bounty Podcast we hit some quick news items including a DOMPurify 3.2.3 Bypass, O3 mini updates, and a cool postLogger Chrome Extension. Then, w...

13 Feb 202549min

Episode 109: Creative Recon - Alternative Techniques

Episode 109: Creative Recon - Alternative Techniques

Episode 109: In this episode of Critical Thinking - Bug Bounty Podcast we start off with a quick recap of some of the DeepSeek Drama that’s been going down, and discuss AI in CAPTCHA and 2FA as well. ...

6 Feb 20251h 1min

Episode 108: How to Hack Salesforce, ServiceNow, and Other SaaS Products With Aaron Costello

Episode 108: How to Hack Salesforce, ServiceNow, and Other SaaS Products With Aaron Costello

Episode 108: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph bring on Aaron Costello to discuss SaaS security and misconfigurations as a bug class. He also gives some in-de...

30 Jan 20251h 31min

Episode 107: Bypassing Cross-Origin Browser Headers

Episode 107: Bypassing Cross-Origin Browser Headers

Episode 107: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph are tackling the subject of cross-origin security headers. They also cover some news items including Google’s O...

23 Jan 20251h 6min

Episode 106: Announcing our new cohost...

Episode 106: Announcing our new cohost...

Episode 106: In this episode of Critical Thinking - Bug Bounty Podcast we are pleased to announce our new co-host of the podcast: Joseph Thacker Aka Rez0! We discuss Joseph's transition to full-time b...

16 Jan 202558min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
smart-forklart
rss-avskiltet
tomprat-med-gunnar-tjomlid
nasjonal-sikkerhetsmyndighet-nsm
teknisk-sett
energi-og-klima
rss-impressions-2
shifter
rss-alt-vi-kan
elektropodden
teknologi-og-mennesker
fornybaren
pedagogisk-intelligens
rss-fjorsilkebris-podcast
hans-petter-og-co
kunstig-intelligens-med-morten-goodwin
rss-byggepodden
rss-for-alarmen-gar