Critical Thinking - Bug Bounty Podcast

Exploring HTML quirks and bug bounty journeys, discussing the Yelp Cookie Bridge Bug and unique CSS exfiltration techniques. Delving into community engagement, bypassing authorization checks, and innovative CSS data extraction methods.

Guest Jasmin Landry shares stories about startup security, bug bounties, discovering OAuth-related bugs, and differences between structured learning and self-teaching. They walk through arbitrary ATO's, SSTI to RCE bugs, and emphasize the challenges and surprises in bug hunting.

Exploring top web hacking techniques of 2023 such as state machine smashing, NTLM token theft via Akamai servers, SMTP smuggling, PHP filter chains, HTTP request splitting, hacking Microsoft Teams, cookie manipulation, and EPP server takeovers. The hosts analyze and debate these advanced hacking methods with insightful commentary and practical examples.

Exploring gadgets for web pen testing and hacking intuition, discussing HTML injection, image injection, CRLF injection, and leaking window location. Emphasizing the importance of bug bounty programs, exploring open redirect vulnerabilities, client-side path traversal, and ID oracle. Delving into the risks of cache deception, local storage poisoning, and the utilization of 'gadgets' to escalate hacking impact.

Youssef Sammouda shares client-side bug exploits like race conditions, hash change events, and scroll to text fragments. Techniques for exploiting post messages, utilizing Redjax bombing, and manipulating URLs are discussed. The importance of detailed bug reports, ID generation vulnerabilities, and browser security weaknesses are highlighted. Advanced topics include cross-origin communication, mobile OAuth vulnerabilities, and HTTP response manipulation for unique attack scenarios.

Justin and Joel discuss client-side routing and path traversal bugs, challenges of cutting losses, and importance of time tracking. They explore OAuth vulnerabilities, hacking competition strategies, and the significance of setting clear goals. The podcast also touches on web element vulnerabilities in HTML5 and the technical breakdown from a Miami hacking event.

Jon Colston, a digital marketing and data science expert, discusses his use of data science in bug bounty hunting. They explore topics like data sources, automation, working backwards from vulnerabilities, and applying conversion funnels to bug bounty. They also mention the 'Mother of All Bugs' signature.

The podcast explores advanced knowledge about hacking WordPress plugins, discusses vulnerabilities in Elementor plugin, delves into handling user input and lack of access control in WordPress plugins, explores WordPress REST APIs and their exploits, discusses low install count authentication plugins and page-related code in WordPress, explores vulnerabilities in WordPress update option, delves into WordPress plugin functionality and SSRF, explores blind SSRF and XSS vulnerabilities in plugins, discusses HTML tag cleaning and attribute escaping, explores bypassing security measures and vulnerabilities in plugins, discusses WordPress security and SQL injection challenges, explores various vulnerabilities in WordPress and their exploitation, and delves into credential stealing and remote code execution vulnerabilities.

Justin and Joel discuss vulnerable code patterns, a recent GitLab CVE, and invisible prompt injection. They announce a new podcast companion, HackerNotes, and address the importance of data analysis in bug bounty programs. The discussion covers coding vulnerabilities in Ruby, prompt injection vulnerabilities, identifying vulnerable code patterns in PHP, and ensuring proper control flow for security.

NahamSec, a bug bounty hunter and content creator, discusses his journey and challenges, including personal struggles and the pressure of success. Topics covered include finding balance, managing mental energy, planning and setting goals, Blind XSS techniques, and going the extra mile in bug bounty.