Episode 11: CV$$, Web Cache Deception, and SSTI
Critical Thinking - Bug Bounty Podcast
00:00
How to Chain Bugs Together
I think it's one of those great bugs that you can use to chain with another bug. For example, if it leaks a user ID or something like that, that can be really helpful for validating other attacks. Another tweet that popped up this week that kind of caught my fancy was, any time James Kettle tweets anything, I jump right on that. And he posted, he tagged Hacker One, bug crowd and integrity,. Why are we not regulating what it looks like to have HTTP header that identifies a specific ethical hacker?
Play episode from 14:11
Transcript
