Critical Thinking - Bug Bounty Podcast

Episode 129: In this episode of Critical Thinking - Bug Bounty Podcast we chat about the future of hack bots and human-AI collaboration, the challenges posed by tokenization, and the need for cybersecurity professionals to adapt to the evolving landscape of hacking in the age of AI Follow us on twitter at: https://x.com/ctbbpodcast [https://x.com/ctbbpodcast] Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io [info@criticalthinkingpodcast.io] Shoutout to YTCracker [https://twitter.com/realytcracker] for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater and Rez0 on Twitter: https://x.com/Rhynorater [https://x.com/Rhynorater] https://x.com/rez0__ [https://x.com/rez0__] ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord [https://ctbb.show/discord]! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch [https://ctbb.show/merch]! ====== This Week in Bug Bounty ====== Improper error handling in async cryptographic operations crashes process https://hackerone.com/reports/2817648 [https://hackerone.com/reports/2817648] Recon Series #6: Excavating hidden artifacts with Wayback Machine https://www.yeswehack.com/learn-bug-bounty/recon-wayback-machine-web-archive [https://www.yeswehack.com/learn-bug-bounty/recon-wayback-machine-web-archive] ====== Resources ====== This is How They Tell Me Bug Bounty Ends https://josephthacker.com/hacking/2025/06/09/this-is-how-they-tell-me-bug-bounty-ends.html [https://josephthacker.com/hacking/2025/06/09/this-is-how-they-tell-me-bug-bounty-ends.html] Welcome, Hackbots: How AI Is Shaping the Future of Vulnerability Discovery https://www.hackerone.com/blog/welcome-hackbots-how-ai-shaping-future-vulnerability-discovery [https://www.hackerone.com/blog/welcome-hackbots-how-ai-shaping-future-vulnerability-discovery] Glitch Token https://www.youtube.com/watch?v=WO2X3oZEJOA [https://www.youtube.com/watch?v=WO2X3oZEJOA] Conducting smarter intelligences than me: new orchestras https://southbridge-research.notion.site/conducting-smarter-intelligences-than-me [https://southbridge-research.notion.site/conducting-smarter-intelligences-than-me] ====== Timestamps ====== (00:00:00) Introduction (00:04:05) Is this how Bug Bounty Ends? (00:11:14) Hackbots and handling leads (00:20:50) Hacker chain of thought & Tokenization (00:32:54) Context Engineering

Episode 128: In this episode of Critical Thinking - Bug Bounty Podcast we talking Blind SSRF and Self-XSS, as well as Reversing massive minified JS with AI and a wild Google Logo Ligature Bug Follow us on twitter at: https://x.com/ctbbpodcast [https://x.com/ctbbpodcast] Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io [info@criticalthinkingpodcast.io] Shoutout to YTCracker [https://twitter.com/realytcracker] for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater and Rez0 on Twitter: https://x.com/Rhynorater [https://x.com/Rhynorater] https://x.com/rez0__ [https://x.com/rez0__] ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord [https://ctbb.show/discord]! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch [https://ctbb.show/merch]! Today's Sponsor: ThreatLocker - Patch Management [https://www.criticalthinkingpodcast.io/TL-patch-management] ====== This Week in Bug Bounty ====== BitK's "Payload plz" challenge at LeHack [https://www.yeswehack.com/page/yeswehack-at-lehack-2025] ====== Resources ====== Make Self-XSS Great Again [https://blog.slonser.info/posts/make-self-xss-great-again/] Novel SSRF Technique Involving HTTP Redirect Loops [https://x.com/infosec_au/status/1937103837334323472] Surf - Escalate your SSRF vulnerabilities on Modern Cloud Environments [https://github.com/assetnote/surf] Gecko: Intent to prototype: Framebusting Intervention [https://x.com/intenttoship/status/1937135319142293805] Conducting smarter intelligences than me: new orchestras [https://southbridge-research.notion.site/conducting-smarter-intelligences-than-me] Mandark [https://github.com/hrishioa/mandark] Lumentis [https://github.com/hrishioa/lumentis] jscollab [https://github.com/xssdoctor/jscollab] Google Logo Ligature Bug [https://www.jefftk.com/p/google-logo-ligature-bug] ====== Timestamps ====== (00:00:00) Introduction (00:03:55) Self-XSS and credentialless iframe (00:16:50) Novel SSRF Technique Involving HTTP Redirect Loops (00:25:02) Framebusting (00:29:13) Reversing massive minified JS with AI (00:53:12) Google Logo Ligature Bug

Episode 127: In this episode of Critical Thinking - Bug Bounty Podcast we address some recent bug bounty controversy before jumping into a slew of news items Follow us on X [https://x.com/ctbbpodcast] Shoutout to YTCracker [https://twitter.com/realytcracker] for the awesome intro music! Today's Sponsor: Adobe [http://hackerone.com/adobe] ====== This Week In Bug Bounty ====== Hackers Guide to Google dorking [https://www.yeswehack.com/learn-bug-bounty/recon-hackers-guide-google-dorking?utm_source=twitter&utm_medium=social&utm_campaign=guide-google-dorking] YesWeCaido [https://www.yeswehack.com/learn-bug-bounty/yeswecaido-plugin-bug-bounty-programs?utm_source=sponsor&utm_medium=blog&utm_campaign=blog-tool-yeswecaido] New Dojo Challenge [https://dojo-yeswehack.com/challenge-of-the-month/dojo-42?utm_source=twitter&utm_medium=social&utm_campaign=dojo-challenge?] Smart Contract BB tips [https://www.hackerone.com/blog/smart-contracts-common-vulnerabilities-and-real-world-cases] Red Team AAS [https://www.bugcrowd.com/blog/introducing-bugcrowd-red-team-as-a-service-rtaas/] ====== Resources ====== Disclosed [https://getdisclosed.com/] PDF csp bypass [https://x.com/xssdoctor/status/1932953259339083929] Bypassing File Upload Restrictions To Exploit Client-Side Path Traversal [https://blog.doyensec.com/2025/01/09/cspt-file-upload.html] OBS WebSocket to RCE [https://jorianwoltjer.com/blog/p/research/obs-websocket-rce] Time in a bottle (or knapsack) [https://www.sensecurity.io/time-in-a-bottle-or-knapsack/] How to Differentiate Yourself as a Bug Bounty Hunter [https://www.youtube.com/watch?v=WTH6f0R7uzo] Disclosed. Online [https://www.disclosedonline.com/] hacked-in [https://hackedin.net/] ‘EchoLeak’ [https://www.aim.security/lp/aim-labs-echoleak-blogpost] Piloting Edge Copilot [https://archive.codeblue.jp/2024/files/cb24_Piloting_Edge_Copilot_by_Jun_Kokatsu.pdf] Newtowner [https://github.com/assetnote/newtowner] Tips for agent prompting [https://x.com/Jhaddix/status/1931834748793655539] Firefox XSS vectors [https://x.com/garethheyes/status/1932066642026012716] Tweet from Masato Kinugawa [https://x.com/kinugawamasato/status/1929635990316146899] Chrome debug() function [https://x.com/J0R1AN/status/1933463155763560881]

Episode 126: In this episode of Critical Thinking - Bug Bounty Podcast we wrap up Rez0’s AI miniseries ‘Vulnus Ex Machina’. Part 3 includes a showcase of AI Vulns that Rez0 himself has found, and how much they paid out. Follow us on twitter at: https://x.com/ctbbpodcast [https://x.com/ctbbpodcast] Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io [info@criticalthinkingpodcast.io] Shoutout to YTCracker [https://twitter.com/realytcracker] for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater and Rez0 on Twitter: https://x.com/Rhynorater [https://x.com/Rhynorater] https://x.com/rez0__ [https://x.com/rez0__] ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord [https://ctbb.show/discord]! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch [https://ctbb.show/merch]! Today’s Sponsor - ThreatLocker Web Control https://www.criticalthinkingpodcast.io/tl-webcontrol [https://www.criticalthinkingpodcast.io/tl-webcontrol] ====== Resources ====== Claude Code System Prompt [https://x.com/wunderwuzzi23/status/1926867263451169116] Attacking AI Agents [https://x.com/wunderwuzzi23/status/1926430567479857460] Probability of Hacks [https://www.sensecurity.io/probability-of-hacks/] New Gemini for Workspace Vulnerability Enabling Phishing & Content Manipulation [https://hiddenlayer.com/innovation-hub/new-gemini-for-workspace-vulnerability/] How to Hack AI Agents and Applications [https://josephthacker.com/hacking/2025/02/25/how-to-hack-ai-apps.html] ====== Timestamps ====== (00:00:00) Introduction (00:02:53) NahamCon Recap, Claude news, and wunderwuzzi writeups (00:08:57) Probability of Hacks (00:11:27) First AI Vulnerabilities (00:18:57) AI Vulns on Google (00:25:11) Invisible prompt Injection

Episode 125: In this episode of Critical Thinking - Bug Bounty Podcast Justin shares insights on how to succeed at live hacking events. We cover pre-event preparations, challenges of collaboration, on-site strategies, and the importance of maintaining a healthy mindset throughout the entire process. Follow us on twitter at: https://x.com/ctbbpodcast [https://x.com/ctbbpodcast] Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io [info@criticalthinkingpodcast.io] Shoutout to YTCracker [https://twitter.com/realytcracker] for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater and Rez0 on Twitter: https://x.com/Rhynorater [https://x.com/Rhynorater] https://x.com/rez0__ [https://x.com/rez0__] ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord [https://ctbb.show/discord]! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch [https://ctbb.show/merch]! ====== This Week in Bug Bounty ====== Decathlon Public Bug Bounty Program on YesWeHack [https://yeswehack.com/programs/decathlon] ====== Resources ====== The Ultimate Double-Clickjacking PoC [https://jorianwoltjer.com/blog/p/hacking/ultimate-doubleclickjacking-poc] Grafana Full read SSRF and Account Takeover: CVE-2025-4123 [https://nightbloodz.github.io/grafana-CVE-2025-4123/] Grafana CVE-2025-4123 Exploit [https://github.com/NightBloodz/CVE-2025-4123] What I learned from my first 100 HackerOne Reports [https://evanconnelly.com/post/my-first-100-hackerone-reports/] Root for your friends [https://josephthacker.com/personal/2025/05/13/root-for-your-friends.html] ====== Timestamps ====== (00:00:00) Introduction (00:02:30) The Ultimate Double-Clickjacking PoC, Grafana CVE, & Evan Connelly's first 100 bugs (00:10:23) How to win at Live Hacking Events (00:11:53) Pre-event (00:11:45) Scope Call (00:33:11) Dupe window Ends (00:36:00) Onsite & and Day of Event (00:42:46) Don't define your identity on the outcome