Interested in going full-time bug bounty? Check out our blueprint!
Critical Thinking - Bug Bounty Podcast
Latest Episode

Episode 116: Auth Bypasses and Google VRP Writeups

Episode 116: In this episode of Critical Thinking - Bug Bounty Podcast Justin gives a quick rundown of Portswigger’s SAML Roulette writeup, as well as some Google VRP reports, and a Next.js middleware exploit. Follow us on tw...

The player is loading ...
Episode 116: Auth Bypasses and Google VRP Writeups
Episode 116: Auth Bypasses and Google VRP Writeups
Apple Podcasts podcast player icon Spotify podcast player icon Castro podcast player icon RSS Feed podcast player icon

Recent Episodes

View all
Episode 116: Auth Bypasses and Google VRP Writeups
March 27, 2025

Episode 116: Auth Bypasses and Google VRP Writeups

Episode 116: In this episode of Critical Thinking - Bug Bounty Podcast Justin gives a quick rundown of Portswigger’s SAML Roulette writeup, as well as some Google VRP reports, and a Next.js middleware exploit. Follow us on tw...
Listen to the Episode
Episode 115: Mentee to Career Hacker - Mokusou (So Sakaguchi)
March 20, 2025

Episode 115: Mentee to Career Hacker - Mokusou (So Sakaguchi)

Episode 115: In this episode of Critical Thinking - Bug Bounty Podcast Justin and So Sakaguchi sit down to walk through some recent bugs, before having a live mentorship session. They also talk about Reflector, and finish up ...
Listen to the Episode
Episode 114: Single Page Application Hacking Playbook
March 13, 2025

Episode 114: Single Page Application Hacking Playbook

Episode 114: In this episode of Critical Thinking - Bug Bounty Podcast we’re diving into SPA and how to attack them.We also cover a host of news items, including some bug write-ups, AI updates, and a new tool called Hackadvis...
Listen to the Episode
Best Technical Takeaways from Portswigger Top 10 2024
March 6, 2025

Best Technical Takeaways from Portswigger Top 10 2024

Episode 113: In this episode of Critical Thinking - Bug Bounty Podcast we’re breaking down the Portswigger Top 10 from 2024. There’s some bangers in here! Follow us on X at: https://x.com/ctbbpodcast Got any ideas and suggest...
Listen to the Episode
Episode 112: Interview with Ciaran Cotter, Critical Lab Researcher, h1 Irish ambassador
Feb. 27, 2025

Episode 112: Interview with Ciaran Cotter, Critical Lab Researcher, h1 Irish ambassador

Episode 112: In this episode of Critical Thinking - Bug Bounty Podcast Joseph Thacker is joined by Ciarán Cotter (Monke) to share his bug hunting journey and give us the rundown on some recent client-side and server-side bugs...
Listen to the Episode
Episode 111: How to Bypass DOMPurify in Bug Bounty with Kevin Mizu
Feb. 20, 2025

Episode 111: How to Bypass DOMPurify in Bug Bounty with Kevin Mizu

Episode 111: In this episode of Critical Thinking - Bug Bounty Podcast Justin interviews Kevin Mizu to showcase his knowledge regarding DOMPurify and its misconfigurations. We walk through some of Kevin’s research, highlighti...
Listen to the Episode
View all Episodes

About the Hosts

Justin Gardner (@rhynorater) Profile Photo

Justin Gardner (@rhynorater)

Full-time Bug Bounty Hunter

Justin is a full-time bug bounty hunter and top-ranked live hacking event competitor. He has taken home two Most Valuable Hacker awards and countless other 1st place & 2nd place trophies.

While Justin specializes in web hacking, he also dabbles in IoT and mobile hacking. He is also the HackerOne Ambassador for the Eastern US region.

Outside of hacking, Justin enjoys Volleyball, Brazilian Jiu Jitsu, and Real Estate investing.

Joseph Thacker (@Rez0) Profile Photo

Joseph Thacker (@Rez0)

Full-time Bug Bounty Hunter

Joseph is a security researcher and full-time bug bounty hunter specializing in application security and AI. He has helped Fortune 500 companies avoid costly vulnerabilities and has contributed to over 1,000 security findings through platforms like HackerOne and Bugcrowd. Passionate about identifying recurring security flaws, works to address them through hacking, teaching, and consulting.

Reviews

Fantastic pod

"So much great, fresh content. An absolute must for security researchers and engineers alike."

14erDave | April 4, 2023

Great stuff by two goated hackers

"This podcast is incredible!! If you have any interest in cybersecurity, ethical hacking, or just tech in general then this is for you. Happy listening!"

nathanc0de | March 30, 2023

Favorite Security Podcast

"Amazing content from two supremely talented hackers. A must-listen for anyone looking for high-quality security content."

threatacting | March 27, 2023

The best bug bounty podcast

"Joel and Justin are extremely talented hackers sharing amazing insights into appsec. Give it a listen!"

Josephfuego555 | Feb. 3, 2023
See all reviews