Critical Thinking - Bug Bounty Podcast

Episode 7: PortSwigger Top 10, TruffleSecurity Drama, and More!

Feb 16, 2023
Ask episode
Chapters
Transcript
Episode notes
1
Introduction
00:00 • 2min
2
The Top 10 Web Hacking Techniques of 2022
01:41 • 2min
3
How to Avoid Using Externally Hosted Tools
03:21 • 3min
4
Trump Security's Anti-Security Policy
06:36 • 2min
5
Fuff 2.0: A New Threat Model
08:25 • 3min
6
Fuff, Fuff V2
11:02 • 2min
7
Port Twigger Top 10 Web Hacking Techniques
12:51 • 2min
8
The Worst Feeling When File Descriptor Is Being Quiet
15:18 • 3min
9
The Importance of Open Redirects
18:33 • 2min
10
How to Get Arbitrary Universal XSS on Netlify IPX
20:21 • 2min
11
The Risks of Same Site Strict Adoption
22:39 • 2min
12
Chaining Bugs Together, Open Redirects, and CSS Injection
24:44 • 2min
13
How to Save a Bug
26:58 • 2min
14
ECDSA Signature Verification in Java
28:59 • 2min
15
The Perfect Storm of Bad Things
30:43 • 3min
16
The Zero Signature Migration
33:26 • 2min
17
How to Encrypt JWTs With Default Keys
35:44 • 2min
18
The Amazing Concept of Hop by Hop Headers
37:14 • 3min
19
The Role of HCP Headers in HTTP
40:18 • 3min
20
The Flow of HTTP Requests
43:39 • 2min
21
How to Exploit an HTTP Request
45:16 • 4min
22
Franz's Post Message Tracker Extension
49:04 • 2min
23
Franz Rosenbug's Post Message Tracker Extension
50:46 • 3min
24
How to Fix an Akamai Ban
53:22 • 3min