Critical Thinking - Bug Bounty Podcast cover image

Episode 11: CV$$, Web Cache Deception, and SSTI

Critical Thinking - Bug Bounty Podcast

00:00

How to Increase Availability as a Full-Time Hacker

There are some hybrid states sometimes in web applications, which I think are really cool. But they issued you this guest account so that you can check out or something like that. Ghost accounts may be able to weaponize those much easier. You might be able to just hit an endpoint and get a cookie and use those to hit some of the other endpoints that would result in your bug.

Play episode from 19:34
Transcript

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
 Get the app