Interested in going full-time bug bounty? Check out our blueprint!
Critical Thinking - Bug Bounty Podcast
Latest Episode

Episode 154: Starting a Pentesting Company on Top of Bug Bounty

Episode 154: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and Brandyn talk through the transition from Bug Bounty hunting to Pentesting. We cover diversifying income streams, the challenges of pricing for ...

The player is loading ...
Episode 154: Starting a Pentesting Company on Top of Bug Bounty
Episode 154: Starting a Pentesting Company on Top of Bug Bounty
Apple Podcasts podcast player icon Spotify podcast player icon Castro podcast player icon RSS Feed podcast player icon YouTube podcast player icon

Recent Episodes

View all
Episode 154: Starting a Pentesting Company on Top of Bug Bounty
Dec. 25, 2025

Episode 154: Starting a Pentesting Company on Top of Bug Bounty

Episode 154: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and Brandyn talk through the transition from Bug Bounty hunting to Pentesting. We cover diversifying income streams, the challenges of pricing for ...
Listen to the Episode
Episode 153: Hacking the Robots of the Future: Hardware, AI, and Bug Bounties with Matt Brown
Dec. 18, 2025

Episode 153: Hacking the Robots of the Future: Hardware, AI, and Bug Bounties with Matt Brown

Episode 153: In this episode of Critical Thinking - Bug Bounty Podcast Matt Brown returns to talk with us about hacking robots, IOT hackbots, and his Zero-to-Hero Hardware Hacking Guide. Follow us on twitter at: https://x.com...
Listen to the Episode
Episode 152: GeminiJack and Agentic Security with Sasi Levi
Dec. 11, 2025

Episode 152: GeminiJack and Agentic Security with Sasi Levi

Episode 152: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Sasi Levi from Noma Security to talk about AI and Agentic Security. We also talk about ForcedLeak, a Google Vertex Bug, and debate if Prom...
Listen to the Episode
Episode 151: Client-side Advanced Topics
Dec. 4, 2025

Episode 151: Client-side Advanced Topics

Episode 151: In this episode of Critical Thinking - Bug Bounty Podcast we’re covering Client-side advanced topics. Justin talks Joseph (and us) through Third-Party Cookie Nuances, Iframe Tricks, URL Parsing, and more. Follow ...
Listen to the Episode
Episode 150: ASP.NET MVC Patterns, Popping Oracle Identity, and Esoteric Subdomain Enumeration
Nov. 27, 2025

Episode 150: ASP.NET MVC Patterns, Popping Oracle Identity, and Esoteric Subdomain Enumeration

Episode 150: In this episode of Critical Thinking - Bug Bounty Podcast we're highlighting some cool news and research, but not before expressing our gratitude to the Hacker community. We are so thankful for you all! Follow us...
Listen to the Episode
Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains
Nov. 20, 2025

Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains

Episode 149: In this episode of Critical Thinking - Bug Bounty Podcast The DEFCON videos are up, and Justin and Joseph talk through some of their favorites. Follow us on X Got any ideas and suggestions? Feel free to send us a...
Listen to the Episode
View all Episodes

About the Hosts

Justin Gardner (@rhynorater) Profile Photo
Justin Gardner (@rhynorater)

Full-time Bug Bounty Hunter

Justin is a full-time bug bounty hunter and top-ranked live hacking event competitor. He has taken home two Most Valuable Hacker awards and countless other 1st place & 2nd place trophies.

While Justin specializes in web hacking, he also dabbles in IoT and mobile hacking. He is also the HackerOne Ambassador for the Eastern US region.

Outside of hacking, Justin enjoys Volleyball, Brazilian Jiu Jitsu, and Real Estate investing.

Joseph Thacker (@Rez0) Profile Photo
Joseph Thacker (@Rez0)

Full-time Bug Bounty Hunter

Joseph is a security researcher and full-time bug bounty hunter specializing in application security and AI. He has helped Fortune 500 companies avoid costly vulnerabilities and has contributed to over 1,000 security findings through platforms like HackerOne and Bugcrowd. Passionate about identifying recurring security flaws, works to address them through hacking, teaching, and consulting.

Reviews

Fantastic pod

"So much great, fresh content. An absolute must for security researchers and engineers alike."

14erDave | April 4, 2023

Great stuff by two goated hackers

"This podcast is incredible!! If you have any interest in cybersecurity, ethical hacking, or just tech in general then this is for you. Happy listening!"

nathanc0de | March 30, 2023

Favorite Security Podcast

"Amazing content from two supremely talented hackers. A must-listen for anyone looking for high-quality security content."

threatacting | March 27, 2023

The best bug bounty podcast

"Joel and Justin are extremely talented hackers sharing amazing insights into appsec. Give it a listen!"

Josephfuego555 | Feb. 3, 2023
See all reviews