Critical Thinking - Bug Bounty Podcast

Ep 100 - 8 Fav Bugs of 2024, Farewell Joel, Hello Shift - Cursor of Hacking

Dec 5, 2024

Join bug bounty experts Nagli, Shubs, Douglas Day, Alex Chapman, Nahamsec, and Rez0 as they share their favorite bugs of 2024. Nagli dives into a complex Azure DevOps vulnerability, while Shubs discusses pre-authentication exploits. Douglas reveals an account takeover lapse in a streaming service, and Alex describes a tricky XSS issue. Nahamsec highlights teamwork in a collaborative bug event, and Rez0 explains a server-side template injection in Shift AI. Celebrate a milestone while gaining insights into the wild world of ethical hacking!

01:41:40

Creator website

Episode guests

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The milestone 100th episode celebrated the podcast's journey with reflections and appreciation for the community's support and engagement.

One co-host announced their departure from the show, prioritizing personal passions while assuring listeners of continued podcast evolution.

Eight hackers shared their most impactful bugs of the year, showcasing diverse ingenuity and expertise within the cybersecurity community.

The introduction of the AI tool Shift aims to revolutionize hacking workflows by automating tasks and streamlining productivity for users.

Deep dives

Discovering a Critical Bug

A team member identified a critical bug that raised concerns about user accounts within an organization, prompting further investigation. This sparked an inquiry into the number of users in the system, leading to the discovery of over 200,000 accounts. The exploration aimed to find stale or dead accounts to understand the implications for security. This initial finding highlighted the potential scale and seriousness of the issue.

Intro

4min

Reflecting on Milestones and Future Directions

4min

Navigating Cloud Security in Bug Bounties

12min

Unveiling Exploitation Techniques in Complex Applications

14min

Exploring Bug Vulnerabilities in Applications

32min

The Thrills and Trials of Bug Bounty Hunting

22min

Empowering Developers with AI: Shift Plugin Insights

9min

Enhancing Hacking Efficiency with AI Tools

5min

Episode 100: In this episode of Critical Thinking - Bug Bounty Podcast we have a mixed bag. We celebrate 100 episodes of Critical Thinking, but also bid farewell to Joel, who will be leaving the show as a co-host, but returning as guest. Then we hear from a bunch of friends about their 'best bug of the year', before capping the episode with the announcement of a new AI tool we've been working on!

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Resources

Delorean

https://github.com/jselvi/Delorean

Shift

shiftwaitlist.com

Timestamps

(00:00:00) Introduction

(00:07:32) Nagli

(00:19:09) Shubs

(00:35:00) Matt Brown

(00:39:42) Matanber

(00:57:52) Douglas Day

(01:05:18) Alex Chapman

(01:15:02) Nahamsec

(01:25:45) Rez0

(01:28:20) Shift Announcement

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Critical Thinking - Bug Bounty Podcast

Ep 100 - 8 Fav Bugs of 2024, Farewell Joel, Hello Shift - Cursor of Hacking

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Discovering a Critical Bug

Inaugural Episode Celebrations and Giveaways

Team Changes and Personal Reflections

Highlighting Noteworthy Hacks

Innovative Use of JavaScript

Shift AI Plugin Introduction

Features and Expectations of the Beta Rollout

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

Critical Thinking - Bug Bounty Podcast

Ep 100 - 8 Fav Bugs of 2024, Farewell Joel, Hello Shift - Cursor of Hacking

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Discovering a Critical Bug

Inaugural Episode Celebrations and Giveaways

Team Changes and Personal Reflections

Highlighting Noteworthy Hacks

Innovative Use of JavaScript

Shift AI Plugin Introduction

Features and Expectations of the Beta Rollout

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights