Episode 156: Chill AMA from bugbounty.forum
Critical Thinking - Bug Bounty Podcast8 Jan

Episode 156: Chill AMA from bugbounty.forum

Episode 156: In this episode of Critical Thinking - Bug Bounty Podcast we answer some fantastic questions from over at bugbounty.forum

Follow us on twitter at: https://x.com/ctbbpodcast

Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

====== Links ======

Follow your hosts Rhynorater, rez0 and gr3pme on X:

https://x.com/Rhynorater

https://x.com/rez0__

https://x.com/gr3pme

====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

You can also find some hacker swag at https://ctbb.show/merch!

====== Resources ======

Critical Thinking Lab

lab.ctbb.show

Cross-Site ETag Length Leak

https://blog.arkark.dev/2025/12/26/etag-length-leak

Clawdbot

https://github.com/clawdbot/clawdbot/

Post from Steve Caldwell

https://x.com/moreconfetti/status/2006494133159162008

====== Timestamps ======

(00:00:00) Introduction

(00:00:58) Crit Lab update

(00:04:36) Cross-Site ETag Length Leak

(00:13:26) Clawdbot

(00:16:56) Will bug hunting become obsolete, LHE invitations, and Fulltime vs Part time?

(00:30:52) 10 bugs at $5k or 1 bug at $5k, CTBB Background, & Future Plans

(00:38:32) Mentoring, Conquering Classes, and what angles we implement from the podcast

(00:49:27) Best approach on new targets, tips for making 500k in a year, AI/Vibecoding & Human in the Loop

(00:59:07) Mentally mapping the target, anti-patterns that waste time, and BB beliefs that were wrong.

(01:10:12) Tackling small scope, staying on one program, picking up after a break, & moving on

(01:17:41) Invisible elements that make the difference between $2k and $20k

Avsnitt(167)

Episode 167: Stealing Bugs with Valeriy Shevchenko

Episode 167: Stealing Bugs with Valeriy Shevchenko

Episode 167: In this episode of Critical Thinking - Bug Bounty Podcast we welcome Valeriy Shevchenko to talk about program management, anchor programs, and Theft in Bug Bounty.Follow us on twitter at:...

26 Mars 51min

Episode 166: Rez0’s Top Claude Skill Secrets

Episode 166: Rez0’s Top Claude Skill Secrets

Episode 166: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Rez0’s Claude Skill Secrets, when AI Generated reports fall apart, and agents vs filters.Follow us on twitter at: h...

19 Mars 53min

Episode 165: Protobuf Hacking, AI-Powered Bug Hunting, and Self-Improving Claude Workflows

Episode 165: Protobuf Hacking, AI-Powered Bug Hunting, and Self-Improving Claude Workflows

Episode 165: In this episode of Critical Thinking - Bug Bounty Podcast Justin recaps his Zero Trust World experience, before we dive into Permissions issues client-side bugs, New Hardware Hacking Clas...

12 Mars 44min

Episode 164: Tommy DeVoss: From Black Hat to Bug Bounty LEGEND

Episode 164: Tommy DeVoss: From Black Hat to Bug Bounty LEGEND

Episode 164: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Tommy DeVoss to talk about his origin story, Yahoo bugs, and how Tommy first got Justin into Bug BountyFoll...

5 Mars 1h 11min

Episode 163: Best Technical Takeaways from Portswigger Top 10 2025

Episode 163: Best Technical Takeaways from Portswigger Top 10 2025

Episode 163: In this episode of Critical Thinking - Bug Bounty Podcast It’s that time of year again! We’re looking at the Portswigger Research list of top 10 web hacking techniques of 2025.Follow us o...

26 Feb 1h 8min

Episode 162: HackerOne Training AI on Bug Bounty Data?

Episode 162: HackerOne Training AI on Bug Bounty Data?

Episode 162: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph sit down with HackerOne Founder & CTO Alex Rice to discuss concerns of Using Hacker Data for AI and decreasing ...

19 Feb 53min

Episode 161: Cross-Consumer Attacks & DTMF Tone Exfil

Episode 161: Cross-Consumer Attacks & DTMF Tone Exfil

Episode 161: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gives us some quick hits regarding CSRF and Cross Consumer Attacks, and also touches on some breaking questions surroundin...

12 Feb 24min

Episode 160: Cloudflare Zero-days & Mail Unsubscribing for XSS

Episode 160: Cloudflare Zero-days & Mail Unsubscribing for XSS

Episode 160: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and Brandyn. Chat through some news, Including a Cloudflare Zero-day, Turning List-Unsubscribe into an SSRF/XSS Gadget, & ...

5 Feb 45min

Populärt inom Teknik

uppgang-och-fall
bilar-med-sladd
elbilsveckan
market-makers
rss-technokratin
har-vi-akt-till-mars-an
skogsforum-podcast
rss-veckans-ai
rss-elektrikerpodden
rss-laddstationen-med-elbilen-i-sverige
developers-mer-an-bara-kod
bli-saker-podden
hej-bruksbil
rss-en-ai-till-kaffet
rss-snacka-om-ai
natets-morka-sida
gubbar-som-tjotar-om-bilar
rss-powerboat-sverige-podcast
rss-milpodden
rss-bakom-boken