Episode 108: How to Hack Salesforce, ServiceNow, and Other SaaS Products With Aaron Costello
Critical Thinking - Bug Bounty Podcast30 Jan 2025

Episode 108: How to Hack Salesforce, ServiceNow, and Other SaaS Products With Aaron Costello

Episode 108: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph bring on Aaron Costello to discuss SaaS security and misconfigurations as a bug class. He also gives some in-depth examples from Salesforce, ServiceNow, and Power Pages.

Follow us on twitter at: https://x.com/ctbbpodcast

Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to https://x.com/realytcracker for the awesome intro music!

====== Links ======

Follow your hosts on Twitter:

https://x.com/Rhynorater

https://x.com/rez0__

====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

You can also find some hacker swag at https://ctbb.show/merch!

Today’s Sponsor: AppOmni. Get AppOmni's Definitive Guide to SaaS Security https://www.criticalthinkingpodcast.io/AppOmni

Today’s Guest:

https://x.com/ConspiracyProof

====== Resources ======

Aaron's Blog

https://www.enumerated.ie/

Data Exposure and ServiceNow: The Elephant in the ITSM Room

https://www.enumerated.ie/index/servicenow-data-exposure

Salesforce Lightning - An in-depth look at exploitation vectors for the everyday community

https://www.enumerated.ie/index/salesforce

Lightning Components: A Treatise on Apex

Security from an External Perspective

https://go.appomni.com/hubfs/Collateral/AppOmni_Labs_White_Paper_Apex_Security.pdf?utm_campaign=Network%20Computing&utm_source=referral&utm_content=network_computing

Microsoft Power Pages: Data Exposure Reviewed

https://appomni.com/ao-labs/microsoft-power-pages-data-exposure-reviewed/

====== Timestamps ======

(00:00:00) Introduction

(00:03:00) Aaron Costello, Arbitrary File Upload, & App Cache Manifest Poison bug

(00:13:37) SAAS Misconfigurations as a bug class

(00:43:27) SalesForce Misconfigurations

(01:11:30) Microsoft Power Pages

Avsnitt(167)

Episode 143: New Cohost + Client-Side Gadgets, LHE Meta — Instant Global Admin in Entra!

Episode 143: New Cohost + Client-Side Gadgets, LHE Meta — Instant Global Admin in Entra!

Episode 143: In this episode of Critical Thinking - Bug Bounty Podcast Justin brings Brandyn back to announce him as our newest co-host. We chat about recent LHE experiences, and then break down some ...

9 Okt 20251h 4min

Episode 142: Gr3pme's Full-Time Hunting Journey Update, Insane AI research, And Some Light News

Episode 142: Gr3pme's Full-Time Hunting Journey Update, Insane AI research, And Some Light News

Episode 142: In this episode of Critical Thinking - Bug Bounty Podcast Rez0 and Gr3pme join forces to discuss Websocket research, Meta’s $111750 Bug, PROMISQROUTE, and the opportunities afforded by go...

2 Okt 202554min

Episode 141: Hacking the Pod - Google Docs 0-day & React CreateElement Exploits with Nick Copi (7urb0)

Episode 141: Hacking the Pod - Google Docs 0-day & React CreateElement Exploits with Nick Copi (7urb0)

Episode 141: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Nick Copi to talk about CSPT, React, CSS Injections and how Nick hacked the pod.Follow us on twitter at: ht...

25 Sep 20251h 23min

Episode 140: Crit Research Lab Update & Client-Side Tricks Galore

Episode 140: Crit Research Lab Update & Client-Side Tricks Galore

Episode 140: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph give an update from The Crit Research Lab, as well as some writeups on postMessage vulnerabilities, Cookie Chao...

18 Sep 202557min

Episode 139: James Kettle - Pwning in Prod & How to do Web Security Research

Episode 139: James Kettle - Pwning in Prod & How to do Web Security Research

Episode 139: In this episode of Critical Thinking - Bug Bounty Podcast Justin finally sits down with the great James Kettle to talk about HTTP Proxys, metagaming research, avoiding burnout, and why HT...

11 Sep 20252h 21min

Episode 138: Caido Tools and Workflows

Episode 138: Caido Tools and Workflows

Episode 138: In this episode of Critical Thinking - Bug Bounty Podcast We’re talking Caido tools and workflows. Justin gives us a list of some of the Caido tools that have caught his interest, as well...

4 Sep 202522min

Episode 137: How We Do AI-Assisted Whitebox Review, New CSPT Gadgets, and Tools from SLCyber

Episode 137: How We Do AI-Assisted Whitebox Review, New CSPT Gadgets, and Tools from SLCyber

Episode 137: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner and Joseph Thacker reunite to talk about AI Hacking Assistants, CSPT and cache deception, and a bunch of tools lik...

28 Aug 202549min

Episode 136: Hacking Cluely, AI Prod Sec, and How To Not Get Sued with Jack Cable

Episode 136: Hacking Cluely, AI Prod Sec, and How To Not Get Sued with Jack Cable

Episode 136: In this episode of Critical Thinking - Bug Bounty Podcast, Joseph Thacker sits down with Jack Cable to get the scoop on a significant bug in Cluely’s desktop application, as well as the r...

21 Aug 202550min

Populärt inom Teknik

uppgang-och-fall
elbilsveckan
market-makers
rss-laddstationen-med-elbilen-i-sverige
rss-elektrikerpodden
rss-technokratin
har-vi-akt-till-mars-an
skogsforum-podcast
natets-morka-sida
bilar-med-sladd
rss-uppgang-och-fall
rss-veckans-ai
developers-mer-an-bara-kod
rss-it-sakerhetspodden
rss-milpodden
ai-sweden-podcast
bli-saker-podden
rss-ai-med-katarina-gospic-och-viggo-cavling
rss-en-ai-till-kaffet
rss-snacka-om-ai