Episode 114: In this episode of Critical Thinking - Bug Bounty Podcast we’re diving into SPA and how to attack them.We also cover a host of news items, including some bug write-ups, AI updates, and a new tool called Hackadvisor.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
https://x.com/Rhynorater
https://x.com/rez0__
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
Today’s Sponsor: ThreatLocker Cloud Control
====== Resources ======
Hacking High-Profile Bug Bounty Targets: Deep Dive into a Client-Side Chain
Research finds 12,000 ‘Live’ API Keys and Passwords in DeepSeek's Training Data
Hackadvisor
WP Extensions
Notebook LM
Pressing Buttons with Popups
Response to @RenwaX23
Prompt Injection Attacks for Dummies
Shadow Repeater
parallel-prettier
====== Timestamps ======
(00:00:00) Introduction
(00:02:15) Bug Write-up from @busf4ctor
(00:09:44) Scanning Common Crawl
(00:16:30) Hackadvisor and WP/Chrome Extension News
(00:24:15) Notebook LM, and Recent AI Updates
(00:31:58) Write-up from @J0R1AN and Related POC from @RenwaX23
(00:38:10) Prompt Injection Attacks for Dummies
(00:42:29) ShadowRepeater
(00:47:04) Single-page applications
