Critical Thinking - Bug Bounty Podcast
Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.
Episodes
Mentioned books
Jan 26, 2023 • 46min
Episode 3: H1-407 Event Madness & Takeaways Part 1
Episode 3: In this episode of Critical Thinking - Bug Bounty Podcast we talk about some of the interesting things we’ve learned from participating in HackerOne's H1-407 Live Hacking event. We cover decompiling binaries in various different languages, Windows URI Handlers, Caido, and SameSite Lax + POST.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynoraterFrans Rosen S3 Bucket Authorization Blog Post: https://labs.detectify.com/2018/08/02/bypassing-exploiting-bucket-upload-policies-signed-urls/Getting code from executables:ILSpyDotPeekJadx-GUIPyinstxtractorUncompyle6Jub0b’s SameSite Article:https://jub0bs.com/posts/2021-01-29-great-samesite-confusion/Mgeeky’s Powershell Script to Enumerate Windows App URI Handlershttps://gist.github.com/mgeeky/5a30a0619a7486b2fb0bd5233490fa64
6 snips
Jan 18, 2023 • 1h 15min
Episode 2: Exploit Writing & Automation / Do you need to know how to program to hack?
Episode 2: In this episode of Critical Thinking - Bug Bounty Podcast we talk about exploit writing/automation, some new tools released in the industry (Of-CORS), the age old question of "Do you have to know how to program to hack?", a walk-through of some very impactful bug bounty reports, and some tips and tricks for exploit writing.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynoraterOf-CORS by TruffleSecurityhttps://trufflesecurity.com/blog/of-cors/https://github.com/trufflesecurity/of-corsCyberChefhttps://gchq.github.io/CyberChef/Curl Converterhttps://curlconverter.com/Caidohttps://caido.io/Copy As Python Requestshttps://portswigger.net/bappstore/b324647b6efa4b6a8f346389730df160eMMC Card Reader:https://www.allsocket.com/Joel's Funny Automation XKCD:https://xkcd.com/1319/Flipper:https://shop.flipperzero.one/
24 snips
Jan 9, 2023 • 56min
Episode 1: Introductions, Bug Bounty Reports, and BB Tips
Episode 1: In this episode of Critical Thinking - Bug Bounty Podcast, Joel Margolis (aka 0xteknogeek) and Justin Gardner (aka Rhynorater) cover introductions, a couple of cool bug bounty reports, and some really helpful BB Tips.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynoraterThe report Joel was talking about: https://hackerone.com/reports/1672388
