Interested in going full-time bug bounty? Check out our blueprint!

Videos

May 8, 2026

Learning Code Review? Master THIS

Learning Code Review? Master THIS

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
May 7, 2026

Reverse Engineering Just Got EASY

Reverse Engineering Just Got EASY

#hacking #bugbounty #podcast #bugbountytips #infosec #reverseengineering

View more
May 7, 2026

Bug Bounty is Dead and AI Killed it (Ep. 173)

Bug Bounty is Dead and AI Killed it (Ep. 173)

Episode 173: In this episode of Critical Thinking - Bug Bounty Podcast we’re talking about the negative effects that AI is having on the Bug Bounty scene as a whole. Is it over, or are we so back? Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel…

View more
May 6, 2026

Think about how data changes and you might unlock some extra impact

Think about how data changes and you might unlock some extra impact

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
May 5, 2026

NEVER overlook DOMPurify

NEVER overlook DOMPurify

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
May 5, 2026

If it uses HTTP, it can be CSPTed

If it uses HTTP, it can be CSPTed

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
May 4, 2026

Are ORM Links the new SQLi?

Are ORM Links the new SQLi?

#hacking #bugbounty #podcast #bugbountytips #infosec ∑º

View more
May 1, 2026

Try to go that extra mile for your bugs and you'll find GOLD

Try to go that extra mile for your bugs and you'll find GOLD

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 30, 2026

How often do you try both uppercase and lowercase letters?

How often do you try both uppercase and lowercase letters?

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 30, 2026

Source Code Review Meta Analysis (Ep.172)

Source Code Review Meta Analysis (Ep.172)

Episode 172: In this episode of Critical Thinking - Bug Bounty Podcast trying out a new structure of episode: a Meta Analysis of sorts of many Source Code Review techniques. This episode features tips gathered from Shubs, Rafax, and FSI. Justin highlights best approaches, patterns, and common pitfalls. Follow us…

View more
April 29, 2026

Devs don't always use the right source of truth

Devs don't always use the right source of truth

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 27, 2026

Focus on what you believe devs tend to forget!

Focus on what you believe devs tend to forget!

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 24, 2026

Watch you agents context, it can hide so much valuable info

Watch you agents context, it can hide so much valuable info

#hacking #bugbounty #podcast #bugbountytips #infosec #aiagents

View more
April 23, 2026

Path-Scoped Cookie Hacks with Uppercase & Post-based Raw Protobuf XSS (Ep 171)

Path-Scoped Cookie Hacks with Uppercase & Post-based Raw Protobuf XSS (Ep 171)

Episode 171: Path-Scoped Cookie Hacks with Uppercase & Post-based Raw Protobuf XSS Episode 171: In this episode of Critical Thinking - Bug Bounty Podcast Justin gives us some quick tips from his own hacking, including some clickjacking, using capital letters, and the potential value of leaking ages Follow us on…

View more
April 21, 2026

What changes now with OAuth 2.1?

What changes now with OAuth 2.1?

#hacking #bugbounty #podcast #bugbountytips #infosec #oauth

View more
April 20, 2026

Most vulns aren't going away like this anytime soon

Most vulns aren't going away like this anytime soon

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 16, 2026

Claude Code + Tmux, Websockets, and Other Korea LHE Takeaways (Ep. 170)

Claude Code + Tmux, Websockets, and Other Korea LHE Takeaways (Ep. 170)

Episode 170: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph their trip to Korea with some quick takeaways from the LHE. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to https://twitter.com/realytcracker for…

View more
April 15, 2026

The best hackers mess up too and Doc surely is one of them!

The best hackers mess up too and Doc surely is one of them!

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 14, 2026

Steal like an artist! ...not like these guys

Steal like an artist! ...not like these guys

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 13, 2026

Hacking smarter can also mean seeing what other people don't

Hacking smarter can also mean seeing what other people don't

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 10, 2026

Building AI skills should not limit it's potential, try this lax approach instead

Building AI skills should not limit it's potential, try this lax approach instead

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 9, 2026

Sup Claude, I'm going to sleep so go hack for me! -sleep while they work

Sup Claude, I'm going to sleep so go hack for me! -sleep while they work

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 9, 2026

OAuth changes, MCP Authorization, & PKCE Downgrades (Ep. 169)

OAuth changes, MCP Authorization, & PKCE Downgrades (Ep. 169)

Episode 169: In this episode of Critical Thinking - Bug Bounty Podcast gr3pme walks through what OAuth 2.1 actually changes for attackers, covering the MCP auth spec, token pass-through in agentic workflows, and four CVEs that illustrate where the bugs are landing. Follow us on twitter at: https://x.com/ctbbpodcast Got any…

View more
April 8, 2026

Should we start watermarking our exploits?

Should we start watermarking our exploits?

#hacking #bugbounty #podcast #bugbountytips #infosec

View more