Critical Thinking - Bug Bounty Podcast Episode 27: Top 7 Esoteric Web Vulnerabilities
4 snips
Jul 13, 2023 Chapters
Transcript
Episode notes
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Introduction
00:00 • 2min
The Importance of Sleep Study
02:24 • 2min
Asset Note's Thought Methodology and the Path They Took to Get There
04:45 • 4min
The Pitfalls of Self-Authentication in JWT Tokens
08:35 • 2min
AES Padding Protocol for Padding Oracle Attacks
10:19 • 2min
How to Decrypt an AES Block With a Headless Chrome Instance
12:17 • 3min
How to Hack a Headless Browser
15:36 • 2min
Hacking in the Bug Bounty Space
17:59 • 2min
ATC One Four Four One Hacks Rob
20:16 • 3min
How to Hack a Google Search Appliance
23:18 • 2min
How to Crack an IOT Device
25:00 • 2min
The Elite Hacker's Mindset
27:09 • 5min
The Evolution of Short Name Scanners
31:50 • 2min
How to Get Your Esoteric Web Vulnerabilities Fixed
34:04 • 2min
Config Injection File Injection: What You Should Know
35:52 • 4min
How to Inject a Configuration File Into a System
40:14 • 2min
How to Hack a DHCPD Server
42:18 • 3min
The Importance of Path Traversal in APIs
45:40 • 2min
The Impact of Microservices on a Service's Path Traversal
47:45 • 4min
Cookie Jar Overflow: Exploiting Native Browser Behavior
51:17 • 4min
Ermina on Cookie Bombing
55:13 • 2min
How to Avoid Cookie Jar Overflow
56:48 • 2min
How to Hack Tricks to Save Time and Money
58:46 • 3min
How to Set a Cookie Jar Limit in a Browser
01:01:40 • 2min
Cross-Site Leak: A Common Vulnerability Over the Next Few Years
01:03:23 • 3min
How to Exploit a Vulnerability in a Browser
01:06:00 • 3min
Cross Site Leak Techniques
01:08:45 • 2min
UNC Path Leaks
01:10:40 • 3min
How to Exploit NTLM Hashes
01:13:48 • 2min
The Importance of Impactful Link Hijacking
01:15:20 • 2min
How to Use GitHub to Find Impactful Vulnerabilities
01:17:05 • 3min