Episode 9: Headless Browser SSRF & RebindMultiA Tool Release + Web3 Bug
Critical Thinking - Bug Bounty Podcast
00:00
How to Get Access to a Tab That I Didn't Open
It looks like they just define a static broadcast channel. So if you have a static, you know, if it's not something that's being dynamically generated You can just send messages into that Mm. I definitely got a mess with this. It's it's supported across all of All of the browsers already Oh, really dude. We're gonna we're gonna poke at that. That was an extra bug bounty tip for you today A little extra one. Don't go find all bugs in that uh before we do Um, obviously who now that you mentioned.
Transcript
Play full episode
