Critical Thinking - Bug Bounty Podcast Episode 130: Minecraft Hacks to Google Hacking Star - Valentino
Jul 10, 2025
Dive into the intriguing world of hacking as Valentino shares his transition from Minecraft exploits to tackling Google vulnerabilities. Discover creative approaches like bypassing HTML sanitizers and exploiting .NET deserialization. Learn about the challenges of reverse proxy vulnerabilities and the importance of innovative thinking in uncovering security flaws. The discussion highlights personal journeys, community engagement in hacking, and advanced methodologies for identifying bugs in cutting-edge technologies like AI.
AI Snips
Chapters
Transcript
Episode notes
Early Minecraft Hacking Start
- Valentino's first hacking experience was bypassing port restrictions in Minecraft servers at age 12.
- This early exploration sparked his journey into security by understanding networked game servers' structure.
Hack by Abstract Thinking
- Stop focusing only on code and proxy data when hacking complex systems like Google.
- Use abstract thinking to imagine backend processes and exploit unusual attack vectors.
Nesting Bypass Pattern Insight
- Allow lists in security can be bypassed by nesting malicious objects inside allowed ones.
- This nesting pattern appears in sanitizers, deserialization, and SAML bypasses.