Interested in going full-time bug bounty? Check out our blueprint!

Videos

May 1, 2026

Try to go that extra mile for your bugs and you'll find GOLD

Try to go that extra mile for your bugs and you'll find GOLD

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 30, 2026

How often do you try both uppercase and lowercase letters?

How often do you try both uppercase and lowercase letters?

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 30, 2026

Source Code Review Meta Analysis (Ep.172)

Source Code Review Meta Analysis (Ep.172)

Episode 172: In this episode of Critical Thinking - Bug Bounty Podcast trying out a new structure of episode: a Meta Analysis of sorts of many Source Code Review techniques. This episode features tips gathered from Shubs, Rafax, and FSI. Justin highlights best approaches, patterns, and common pitfalls. Follow us…

View more
April 29, 2026

Devs don't always use the right source of truth

Devs don't always use the right source of truth

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 27, 2026

Focus on what you believe devs tend to forget!

Focus on what you believe devs tend to forget!

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 24, 2026

Watch you agents context, it can hide so much valuable info

Watch you agents context, it can hide so much valuable info

#hacking #bugbounty #podcast #bugbountytips #infosec #aiagents

View more
April 23, 2026

Path-Scoped Cookie Hacks with Uppercase & Post-based Raw Protobuf XSS (Ep 171)

Path-Scoped Cookie Hacks with Uppercase & Post-based Raw Protobuf XSS (Ep 171)

Episode 171: Path-Scoped Cookie Hacks with Uppercase & Post-based Raw Protobuf XSS Episode 171: In this episode of Critical Thinking - Bug Bounty Podcast Justin gives us some quick tips from his own hacking, including some clickjacking, using capital letters, and the potential value of leaking ages Follow us on…

View more
April 21, 2026

What changes now with OAuth 2.1?

What changes now with OAuth 2.1?

#hacking #bugbounty #podcast #bugbountytips #infosec #oauth

View more
April 20, 2026

Most vulns aren't going away like this anytime soon

Most vulns aren't going away like this anytime soon

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 16, 2026

Claude Code + Tmux, Websockets, and Other Korea LHE Takeaways (Ep. 170)

Claude Code + Tmux, Websockets, and Other Korea LHE Takeaways (Ep. 170)

Episode 170: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph their trip to Korea with some quick takeaways from the LHE. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to https://twitter.com/realytcracker for…

View more
April 15, 2026

The best hackers mess up too and Doc surely is one of them!

The best hackers mess up too and Doc surely is one of them!

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 14, 2026

Steal like an artist! ...not like these guys

Steal like an artist! ...not like these guys

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 13, 2026

Hacking smarter can also mean seeing what other people don't

Hacking smarter can also mean seeing what other people don't

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 10, 2026

Building AI skills should not limit it's potential, try this lax approach instead

Building AI skills should not limit it's potential, try this lax approach instead

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 9, 2026

Sup Claude, I'm going to sleep so go hack for me! -sleep while they work

Sup Claude, I'm going to sleep so go hack for me! -sleep while they work

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 9, 2026

OAuth changes, MCP Authorization, & PKCE Downgrades (Ep. 169)

OAuth changes, MCP Authorization, & PKCE Downgrades (Ep. 169)

Episode 169: In this episode of Critical Thinking - Bug Bounty Podcast gr3pme walks through what OAuth 2.1 actually changes for attackers, covering the MCP auth spec, token pass-through in agentic workflows, and four CVEs that illustrate where the bugs are landing. Follow us on twitter at: https://x.com/ctbbpodcast Got any…

View more
April 8, 2026

Should we start watermarking our exploits?

Should we start watermarking our exploits?

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 7, 2026

You can unlock so much more impact with your iframes

You can unlock so much more impact with your iframes

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 6, 2026

Trying things that people skip is always a good call

Trying things that people skip is always a good call

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 3, 2026

You SHOULD start using some AI to help you hack

You SHOULD start using some AI to help you hack

#hacking #bugbounty #podcast #bugbountytips #infosec #aihacking #claude

View more
April 2, 2026

CSRFing on some audio waves

CSRFing on some audio waves

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
April 2, 2026

XSSDoctor - Client-side Path Traversal Research (Ep.168)

XSSDoctor - Client-side Path Traversal Research (Ep.168)

Episode 168: In this episode of Critical Thinking - Bug Bounty Podcast we’re getting a visit from the XSS Doctor. Jonathan joins us to go through his Client-side workflow, and diagnose some bugs live. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us…

View more
March 31, 2026

Trying some IOT hacking is definitely worth your time!

Trying some IOT hacking is definitely worth your time!

#hacking #bugbounty #podcast #bugbountytips #infosec #iothacking #iot

View more
March 30, 2026

rez0 told us everything about his Claude hacking agents

rez0 told us everything about his Claude hacking agents

#hacking #bugbounty #podcast #bugbountytips #infosec #aihacking #claude

View more