Episode 66: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss the recent YesWeHack Louis Vuitton LHE, the importance of failure as growth in bug bounty, and Justin shares his research on CDN CGI.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Project Discovery Conference: https://nux.gg/hss24

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Resources:

YesWeHack Luis Vuitton LHE

https://twitter.com/yeswehack/status/1776280653744554287

https://event.yeswehack.com/events/hack-me-im-famous-2

Caido Workflows

https://github.com/caido/workflows

Oauth Redirects

https://twitter.com/Akshanshjaiswl/status/1724143813088940192

Bagipro Golden URL techniques

https://hackerone.com/reports/431002

Roadmap I followed to make 15,000+$ Bounties in my first 8 months https://shreyaschavhan.notion.site/Roadmap-I-followed-to-make-15-000-Bounties-in-my-first-8-months-of-starting-out-and-my-journey-98b1b9ff621645c0b97d1e774992f300

Monke Hacks Blog

https://monkehacks.beehiiv.com/

PortSwigger post

https://x.com/PortSwiggerRes/status/1766087129908576760

post from Masato Kinugawa

https://x.com/kinugawamasato/status/916393484147290113

Timestamps:

(00:00:00) Introduction

(00:04:19) Louis Vuitton LHE

(00:13:57) Browser Market share

(00:21:13) Justin's Bug of the Week

(00:24:49) Caido Workflows

(00:27:24) Oauth Redirects

(00:32:24) Bug Bounty learning Methodology

(00:41:03) 'Intent To Ship'

(00:48:08) CDN-CGI Research