Critical Thinking - Bug Bounty Podcast cover image

Episode 19: Audit Code, Earn Bounties (Part 2) + Zip-Snip, Sitecore, and more!

Critical Thinking - Bug Bounty Podcast

00:00

How to Find and Audit Sinks in PHP

Getting to know your sinks in the application could be a good exercise in source code review. If I had to pick one, I would start with sources. A lot of times sinks have to do with stuff like RCE and command injection or file arbitrary file,. But they don't necessarily always include business logic stuff. It's really hard to go completely from one to the other without doing a little bit of both.

Play episode from 36:27
Transcript

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
 Get the app