Powered by RND
PodcastsTechnologyCritical Thinking - Bug Bounty Podcast
Listen to Critical Thinking - Bug Bounty Podcast in the App
Listen to Critical Thinking - Bug Bounty Podcast in the App
(398)(247,963)
Save favourites
Alarm
Sleep timer

Critical Thinking - Bug Bounty Podcast

Podcast Critical Thinking - Bug Bounty Podcast
Justin Gardner (Rhynorater) & Joel Margolis (teknogeek)
A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.

Available Episodes

5 of 101
  • Episode 101: CTBB Hijacked: Rez0__ on AI Attack Vectors with Johann Rehberger
    Episode 101: In this episode of Critical Thinking - Bug Bounty Podcast we’ve been hijacked! Rez0 takes control of this episode, and sits down with Johann Rehberger to discuss the intricacies of AI application vulnerabilities. They talk through the importance of understanding system prompts, and various obfuscation techniques used to bypass security measures, the best AI platforms, and the evolving landscape of AI security.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Today’s Sponsor - ThreatLocker. Check out their Elevation Control! https://www.criticalthinkingpodcast.io/tl-ecToday’s Guest: https://x.com/wunderwuzzi23ResourcesJohann's bloghttps://embracethered.com/blog/zombaishttps://embracethered.com/blog/posts/2024/claude-computer-use-c2-the-zombais-are-coming/Copiratehttps://embracethered.com/blog/posts/2024/m365-copilot-prompt-injection-tool-invocation-and-data-exfil-using-ascii-smuggling/Timestamps(00:00:00) Introduction(00:01:59) Biggest things to look for in AI hacking(00:11:58) Best AI companies to hack on(00:15:59) URL Redirects and Obfuscation Techniques(00:24:05) Copirate(00:35:50) prompt injection guardrails and threats
    --------  
    51:24
  • Ep 100 - 8 Fav Bugs of 2024, Farewell Joel, Hello Shift - Cursor of Hacking
    Episode 100: In this episode of Critical Thinking - Bug Bounty Podcast we have a mixed bag. We celebrate 100 episodes of Critical Thinking, but also bid farewell to Joel, who will be leaving the show as a co-host, but returning as guest. Then we hear from a bunch of friends about their 'best bug of the year', before capping the episode with the announcement of a new AI tool we've been working on!Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.ResourcesDeloreanhttps://github.com/jselvi/DeloreanShiftshiftwaitlist.comTimestamps(00:00:00) Introduction(00:07:32) Nagli(00:19:09) Shubs(00:35:00) Matt Brown(00:39:42) Matanber(00:57:52) Douglas Day(01:05:18) Alex Chapman(01:15:02) Nahamsec(01:25:45) Rez0(01:28:20) Shift Announcement
    --------  
    1:41:40
  • Episode 99: Back to the Basics - Web Fundamental to 100k a Year in Bug Bounty
    Episode 99: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Roni dissect an old thread of Justin's talking about how best to start bug bounty with the goal of making $100k in the first year.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Today’s Sponsor - AssetNote: Check out their ASMR board (no not that kind!)https://assetnote.io/asmrToday’s Guest - https://x.com/0xLupinResourcesJustin's Twitter Threadhttps://x.com/Rhynorater/status/1699395452481769867Timestamps(00:00:00) Introduction(00:03:00) Web Fundamentals Education(00:46:01) Threat Modeling and Hacking Goals(01:18:58) Vuln Types and finding Specialization
    --------  
    1:42:54
  • Episode 98: Team 82 Sharon Brizinov - The Live Hacking Polymath
    Episode 98: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner sits down with Sharon,to discuss his journey from early iOS development to leading a research team at Claroty. They address the differences between HackerOne and Pwn2Own, and talk through some intricacies of IoT security, and some less common IoT attack surfaces.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Today’s Sponsor - ThreatLocker: Check out Network Control!https://www.criticalthinkingpodcast.io/tl-ncAnd AssetNote: Check out their ASMR board (no not that kind!)https://assetnote.io/asmrToday’s Guest: https://sharonbrizinov.com/ResourcesThe Claroty Research Teamhttps://claroty.com/team82Pwntoolshttps://github.com/Gallopsled/pwntoolsScan My SMShttp://scanmysms.comGotta Catch 'Em All: Phishing, Smishing, and the birth of ScanMySMShttps://www.youtube.com/watch?v=EhNsXXbDp3UTimestamps(00:00:00) Introduction(00:03:31) Sharon's Origin Story(00:21:58) Transition to Bug Bounty and Pwn2Own vs HackerOne(00:47:05) IoT/ICS Hacking Methodology(01:10:13) Cloud to Device Communication(01:18:15) Bug replication and uncommon attack surfaces(01:30:58) Documentation tracker, reCaptcha bypass, and ScanMySMS
    --------  
    1:43:57
  • Episode 97: Bcrypt Hash Input Truncation & Mobile Device Threat Modeling
    Episode 97: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel jump into some cool news items, including a recent Okta Bcrypt vulnerability, insights into crypto bugs, and some intricacies of Android and Chrome security. They also explore the latest research from Portswigger on payload concealment techniques, and the introduction of the Lightyear tool for PHP exploits.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Today’s Sponsor - ThreatLocker: Check out Network Control!https://www.criticalthinkingpodcast.io/tl-ncAnd AssetNote: Check out their ASMR board (no not that kind!)https://assetnote.io/asmrResourcesOkta bcryptAndroid Web Attack Surface WriteupsConcealing payloads in URL credentialsDumping PHP files with LightyearLimit maximum number of filter chainsDom-Explorer tool launchedMultiHTMLParseJSON CrackCaido/Burp notes pluginTimestamps(00:00:00) Introduction(00:02:43) Okta Release and bcrypt(00:10:26) Android Web Attack Surface Writeups(00:20:21) More Portswigger Research(00:28:29) Lightyear and PHP filter chains(00:35:09) Dom-Explorer(00:45:24) The JSON Debate(00:49:59) Notes plugin for Burp and Caido
    --------  
    53:05

More Technology podcasts

About Critical Thinking - Bug Bounty Podcast

A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.
Podcast website

Listen to Critical Thinking - Bug Bounty Podcast, Possible and many other podcasts from around the world with the radio.net app

Get the free radio.net app

  • Stations and podcasts to bookmark
  • Stream via Wi-Fi or Bluetooth
  • Supports Carplay & Android Auto
  • Many other app features
Social
v7.1.0 | © 2007-2024 radio.de GmbH
Generated: 12/19/2024 - 2:19:07 AM