Critical Thinking - Bug Bounty Podcast Episode 54: White Box Formulas - Vulnerable Coding Patterns
Jan 18, 2024
Justin and Joel discuss vulnerable code patterns, a recent GitLab CVE, and invisible prompt injection. They announce a new podcast companion, HackerNotes, and address the importance of data analysis in bug bounty programs. The discussion covers coding vulnerabilities in Ruby, prompt injection vulnerabilities, identifying vulnerable code patterns in PHP, and ensuring proper control flow for security.
Chapters
Transcript
Episode notes
1 2 3 4 5 6 7 8
Introduction
00:00 • 2min
Exploring Bug Bounty Program Data Analysis
01:43 • 19min
Coding Vulnerabilities and Ruby Code Flaws
20:49 • 9min
Discussion on Tag Characters, Invisible Characters, and Unicode Manipulation for Prompt Injection Vulnerabilities
29:25 • 3min
Identifying Vulnerable Code Patterns in PHP
32:48 • 15min
Ensuring Proper Control Flow in Coding for Security
48:06 • 2min
Exploring Vulnerable Coding Patterns and Regex Practices
49:56 • 14min
PHP Vulnerabilities and Type Confusion
01:04:18 • 8min