Interested in going full-time bug bounty? Check out our blueprint!

Videos

Jan. 16, 2025

Announcing our new cohost... (Ep. 106)

Episode 106: In this episode of Critical Thinking - Bug Bounty Podcast we are pleased to announce our new co-host of the podcast: Joseph Thacker Aka Rez0! We discuss Joseph's transition to full-time bug bounty hunting, his goals, and what he’s looking forward to bringing to the pod. We also…

View more
Jan. 8, 2025

Best Moments of 2024 on the Pod (Ep. 105)

Episode 105: In this episode of Critical Thinking - Bug Bounty Podcast we're back with another Best-of episode recapping some of our top moments of the year. Follow us on twitter at: https://twitter.com/ctbbpodcast We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout…

View more
Jan. 4, 2025

The Secret to Knowing What (and When) to Learn!

#bugbountytips #bugbounty #bugbounties

View more
Jan. 2, 2025

Concealing payloads in URL credentials

#bugbountytips #bugbounty #bugbounties

View more
Jan. 2, 2025

2024 Hacker Stats & 2025 Goals (Ep. 104)

Episode 104: 2024 Hacker Stats & 2025 Goals Episode 104: In this episode of Critical Thinking - Bug Bounty Podcast Justin reflects upon the past year and walks through some of the bug bounty goals he had for 2024, and how he feels like he did. Then he sets some…

View more
Dec. 30, 2024

Missing browser prompts = BIG bounties

#bugbountytips #bugbounty #bugbounties

View more
Dec. 28, 2024

This Bcrypt thing is insane.

#bugbountytips #bugbounty #bugbounties

View more
Dec. 27, 2024

Getting ANSI about Unicode Normalization (Ep. 103)

Episode 103: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph delve into the vulnerabilities associated with ANSI codes and large language models (LLMs), as well as talk through some research about _json Juggling, cookie handling quirks, and the value of micro-blogging in general. Follow us…

View more
Dec. 27, 2024

Getting ANSI about Unicode Normalization (Ep. 103)

Episode 103: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph delve into the vulnerabilities associated with ANSI codes and large language models (LLMs), as well as talk through some research about _json Juggling, cookie handling quirks, and the value of micro-blogging in general. Follow us…

View more
Dec. 26, 2024

XSS via the shared cache in service workers (with Matan Berson)

#bugbountytips #bugbounty #bugbounties

View more
Dec. 26, 2024

Getting ANSI about Unicode Normalization (Ep. 103)

Episode 103: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph delve into the vulnerabilities associated with ANSI codes and large language models (LLMs), as well as talk through some research about _json Juggling, cookie handling quirks, and the value of micro-blogging in general. Follow us…

View more
Dec. 24, 2024

The character that broke Safari's cookies.

#bugbountytips #bugbounty #bugbounties

View more
Dec. 22, 2024

Have you heard of the cookie value-to-key trick!?

#bugbountytips #bugbounty #bugbounties

View more
Dec. 20, 2024

Chrome extensions 101 with Justin and Matan

#bugbountytips #bugbounty #bugbounties

View more
Dec. 19, 2024

Building Web Hacking Micro Agents with Jason Haddix (Ep. 102)

Episode 102: In this episode of Critical Thinking - Bug Bounty Podcast Justin grabs Jason Haddix to help brainstorm the concept of AI micro-agents in hacking, particularly in terms of web fuzzing, WAF bypasses, report writing, and more.They discuss the importance of contextual knowledge, the cost implications, and the strengths…

View more
Dec. 14, 2024

Weaponizing browser extensions via XSS!

#bugbountytips #bugbounty #bugbounties

View more
Dec. 13, 2024

Beyond the isolated world of the Closed Shadow DOM!

#bugbountytips #bugbounty #bugbounties

View more
Dec. 12, 2024

Need more attack surface? TRY THIS!

#bugbountytips #bugbounty #bugbounties

View more
Dec. 12, 2024

AI Attack Vectors - CTBB Hijacked - Rez0__ and Johann (Ep. 101)

Episode 101: In this episode of Critical Thinking - Bug Bounty Podcast we’ve been hijacked! Rez0 takes control of this episode, and sits down with Johann Rehberger to discuss the intricacies of AI application vulnerabilities. They talk through the importance of understanding system prompts, and various obfuscation techniques used to…

View more
Dec. 11, 2024

Crazy simple chrome extension web accessibility quirk = $120k

#bugbountytips #bugbounty #bugbounties

View more
Dec. 5, 2024

8 Fav Bugs of 2024, Farewell Joel, Hello Shift - Cursor of Hacking (Ep. 100)

Ep 100 - 8 Fav Bugs of 2024, Farewell Joel, Hello Shift - Cursor of Hacking Episode 100: In this episode of Critical Thinking - Bug Bounty Podcast we have a mixed bag. We celebrate 100 episodes of Critical Thinking, but also bid farewell to Joel, who will be leaving…

View more
Nov. 30, 2024

Zendesk's public facepalm 🤦

#bugbountytips #bugbounty #bugbounties

View more
Nov. 28, 2024

The program hall of shame. Yay or Nay?

#bugbountytips #bugbounty #bugbounties

View more
Nov. 28, 2024

Back to the Basics - Web Fundamental to 100k a Year in Bug Bounty (Ep. 99)

Episode 99: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Roni dissect an old thread of Justin's talking about how best to start bug bounty with the goal of making $100k in the first year. Follow us on twitter at: https://twitter.com/ctbbpodcast We're new to this podcasting…

View more