Interested in going full-time bug bounty? Check out our blueprint!

Videos

Oct. 16, 2024

The BEST bugs for new hunters (with @gr3pme)

The BEST bugs for new hunters (with @gr3pme)

#bugbountytips #bugbounty #bugbounties

View more
Oct. 14, 2024

When IoT hacking meets Indiana Jones!

When IoT hacking meets Indiana Jones!
View more
Oct. 12, 2024

Want to learn hardware hacking? Try this.

Want to learn hardware hacking? Try this.

Bricking devices can get VERY expensive VERY quickly. If you want to get into hardware hacking, try this.

View more
Oct. 10, 2024

Plain text session tokens... ON FACEBOOK!?

Plain text session tokens... ON FACEBOOK!?
View more
Oct. 10, 2024

SAML XPath Confusion, Chinese DNS Poisoning, and AI Powered 403 Bypasser (Ep. 92)

SAML XPath Confusion, Chinese DNS Poisoning, and AI Powered 403 Bypasser (Ep. 92)

Episode 92: In this episode of Critical Thinking - Bug Bounty Podcast In this episode Justin and Joel tackle a host of new research and write-ups, including Ruby SAML, 0-Click exploits in MediaTek Wi-Fi, and Vulnerabilities caused by The Great Firewall Follow us on twitter at: https://twitter.com/ctbbpodcast We're new to…

View more
Oct. 8, 2024

Be careful what you sell on eBay!

Be careful what you sell on eBay!
View more
Oct. 7, 2024

POCs failing? Here’s the problem AND the fix.

POCs failing? Here’s the problem AND the fix.

#bugbountytips #bugbounty #bugbounties

View more
Oct. 5, 2024

PHP stripslashes() DOESN'T strip slashes!?

PHP stripslashes() DOESN'T strip slashes!?

#bugbountytips #bugbounty #bugbounties

View more
Oct. 3, 2024

Zero to LHE in 9 Months (feat gr3pme) (Ep. 91)

Zero to LHE in 9 Months (feat gr3pme) (Ep. 91)

Episode 91: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner sits down with Critical Thinking’s own HackerNotes writer Brandyn Murtagh (gr3pme) to talk about his journey with Bug Bounty. We cover mentorship, networking and LHEs, ecosystem hacking, emotional regulation, and the need for self-care. Then we…

View more
Oct. 1, 2024

PortSwigger's new release is a BANGER!

PortSwigger's new release is a BANGER!

#bugbountytips #bugbounty #bugbounties

View more
Sept. 30, 2024

How 25 characters can get you a SHELL!

How 25 characters can get you a SHELL!

- with Frans Rosén! #bugbountytips #bugbounty #bugbounties

View more
Sept. 28, 2024

UNBELIEVABLE OS Command Injection technique!? 😱

UNBELIEVABLE OS Command Injection technique!? 😱

(with Frans Rosén) #bugbountytips #bugbounty #bugbounties

View more
Sept. 26, 2024

Using x-request-id to access ANY account via Header Injection!

Using x-request-id to access ANY account via Header Injection!

Using x-request-id to access ANY account via Header Injection! (with Frans Rosén) #bugbountytips #bugbounty #bugbounties

View more
Sept. 26, 2024

5k Clickjacking, Encryption Oracles, and Cursor for PoCs (Ep. 90)

5k Clickjacking, Encryption Oracles, and Cursor for PoCs (Ep. 90)

Episode 90: In this episode of Critical Thinking - Bug Bounty Podcast Joel and Justin recap some of their recent hacking ups and downs and have a lively chat about Cursor.Then they cover some some research about SQL Injections, Clikjacking in Google Docs, and how to steal your Telegram account…

View more
Sept. 24, 2024

Exploiting X-REQUEST-ID to write PHP in /var/www!

Exploiting X-REQUEST-ID to write PHP in /var/www!

(with Frans Rosén) #bugbountytips #bugbounty #bugbounties

View more
Sept. 23, 2024

RELATIONSHIP HACKS for bug bounty hunters.

RELATIONSHIP HACKS for bug bounty hunters.

For full-time bug hunters, balancing intense work with nurturing a relationship can be tough. This video dives into strategies like setting boundaries, having intentional conversations, and showing respect through small actions like being present and giving your partner full attention when it matters most. #bugbountytips #bugbounty #bugbounties

View more
Sept. 22, 2024

How does Justin STAY MOTIVATED? Here's how.

How does Justin STAY MOTIVATED? Here's how.

Mariah's goal system that keeps Justin motivated in full time bug bounty hunting! #bugbountytips #bugbounty #bugbounties

View more
Sept. 20, 2024

How long does it take to find a bug in a new scope?

How long does it take to find a bug in a new scope?

It's a great question. Mariah shares how much time it takes Justin! #bugbountytips #bugbounty #bugbounties

View more
Sept. 19, 2024

The Untapped Bug Bounty Landscape of IoT w/ Matt Brown (Ep. 89)

The Untapped Bug Bounty Landscape of IoT w/ Matt Brown (Ep. 89)

Episode 89: In this episode of Critical Thinking - Bug Bounty Podcast We’re joined live by Matt Brown to talk about his journey with hacking in the IoT. We cover the specializations and challenges in hardware hacking, and Matt’s personal Methodology. Then we switch over to touch on BGA Reballing,…

View more
Sept. 18, 2024

Mariah embarrassing Justin about the first time he met Frans Rosén 😂

Mariah embarrassing Justin about the first time he met Frans Rosén 😂

Plus some great tips for your first time LHE! #bugbountytips #bugbounty #bugbounties

View more
Sept. 12, 2024

News, Tools, and Writeups (Ep. 88)

News, Tools, and Writeups (Ep. 88)

Episode 88: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel tackle a whole slate of new research including a new cheat sheet for URL validation bypass from Portswigger, the introduction of Sanic DNS as a high-speed DNS resolver, xsstools, and the Dockerization of Orange Confusion…

View more
Sept. 10, 2024

Is this the ULTIMATE SWAG FLEX? 💪

Is this the ULTIMATE SWAG FLEX? 💪

#bugbountytips #bugbounty #bugbounties

View more
Sept. 9, 2024

How to dump /etc/passwd with "%3F" 🤯

How to dump /etc/passwd with

#bugbountytips #bugbounty #bugbounties

View more
Sept. 8, 2024

First time at DEFCON... as a content creator!

First time at DEFCON... as a content creator!

#bugbountytips #bugbounty #bugbounties

View more