Interested in going full-time bug bounty? Check out our blueprint!

Videos

Nov. 21, 2024

Team 82 Sharon Brizinov - The Live Hacking Polymath (Ep. 98)

Team 82 Sharon Brizinov - The Live Hacking Polymath (Ep. 98)

Episode 98: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner sits down with Sharon,to discuss his journey from early iOS development to leading a research team at Claroty. They address the differences between HackerOne and Pwn2Own, and talk through some intricacies of IoT security, and some…

View more
Nov. 19, 2024

Can eating carrots make you a better hacker?

Can eating carrots make you a better hacker?

#bugbountytips #bugbounty #bugbounties

View more
Nov. 17, 2024

How I Was Knighted by Amazon... Yes, Really!

How I Was Knighted by Amazon... Yes, Really!

#bugbountytips #bugbounty #bugbounties

View more
Nov. 14, 2024

Bcrypt Hash Input Truncation & Mobile Device Threat Modeling (Ep. 97)

Bcrypt Hash Input Truncation & Mobile Device Threat Modeling (Ep. 97)

Episode 97: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel jump into some cool news items, including a recent Okta Bcrypt vulnerability, insights into crypto bugs, and some intricacies of Android and Chrome security. They also explore the latest research from Portswigger on payload concealment…

View more
Nov. 7, 2024

Cookies & Caching with MatanBer (Ep. 96)

Cookies & Caching with MatanBer (Ep. 96)

Episode 96: In this episode of Critical Thinking - Bug Bounty Podcast we’re back with Matanber to hit some stuff we ran out of time on last episode. We talk about advanced cookie parsing techniques and exploitation methods, Safari's unique behaviors regarding cookie handling and debugging methods, and some of…

View more
Nov. 4, 2024

Why you must review XPath in SAML code!

Why you must review XPath in SAML code!

#bugbountytips #bugbounty #bugbounties

View more
Nov. 3, 2024

The AI-Powered 403 Bypasser: Caido Plugin!

The AI-Powered 403 Bypasser: Caido Plugin!

#bugbountytips #bugbounty #bugbounties

View more
Nov. 2, 2024

My crypto bug that could delete entire wallets!

My crypto bug that could delete entire wallets!

#bugbountytips #bugbounty #bugbounties

View more
Nov. 1, 2024

How the Great Firewall of China Uses DNS Poisoning

How the Great Firewall of China Uses DNS Poisoning

#bugbountytips #bugbounty #bugbounties

View more
Oct. 31, 2024

Attacking Chrome Extensions with MatanBer - Big Impact on the Client-Side (Ep. 95)

Attacking Chrome Extensions with MatanBer - Big Impact on the Client-Side (Ep. 95)

Episode 95: In this episode of Critical Thinking - Bug Bounty Podcast In this episode, Justin is joined by MatanBer to delve into the intricacies of browser extensions. We talk about the structure and threat models, and cover things like service workers, extension pages, and isolated worlds. Follow us on…

View more
Oct. 24, 2024

Zendesk Fiasco & the CTBB Naughty List (Ep. 94)

Zendesk Fiasco & the CTBB Naughty List (Ep. 94)

Episode 94: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel give their perspectives on the recent Zendesk fiasco and the ethical considerations surrounding it. They also highlight the launch of AuthzAI and some research from Ophion Security Follow us on twitter at: https://twitter.com/ctbbpodcast We're new…

View more
Oct. 23, 2024

Why note taking is good for your health!

Why note taking is good for your health!

#bugbountytips #bugbounty #bugbounties

View more
Oct. 21, 2024

My struggle with LHE burnout!

My struggle with LHE burnout!

#bugbountytips #bugbounty #bugbounties

View more
Oct. 20, 2024

Is THIS the most underrated skill in bug bounty?

Is THIS the most underrated skill in bug bounty?

#bugbountytips #bugbounty #bugbounties

View more
Oct. 18, 2024

I ignored SSRF for too long...

I ignored SSRF for too long...

#bugbountytips #bugbounty #bugbounties

View more
Oct. 17, 2024

A Chat with Dr. Bouman - Life as a Hacker and a Doctor (Ep.93)

A Chat with Dr. Bouman - Life as a Hacker and a Doctor (Ep.93)

Episode 93: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Dr. Jonathan Bouman to discuss his unique journey as both a Hacker and a Healthcare Professional. We talk through how he balances his dual careers, some ethical considerations of hacking in the context of healthcare,…

View more
Oct. 16, 2024

The BEST bugs for new hunters (with @gr3pme)

The BEST bugs for new hunters (with @gr3pme)

#bugbountytips #bugbounty #bugbounties

View more
Oct. 14, 2024

When IoT hacking meets Indiana Jones!

When IoT hacking meets Indiana Jones!
View more
Oct. 12, 2024

Want to learn hardware hacking? Try this.

Want to learn hardware hacking? Try this.

Bricking devices can get VERY expensive VERY quickly. If you want to get into hardware hacking, try this.

View more
Oct. 10, 2024

Plain text session tokens... ON FACEBOOK!?

Plain text session tokens... ON FACEBOOK!?
View more
Oct. 10, 2024

SAML XPath Confusion, Chinese DNS Poisoning, and AI Powered 403 Bypasser (Ep. 92)

SAML XPath Confusion, Chinese DNS Poisoning, and AI Powered 403 Bypasser (Ep. 92)

Episode 92: In this episode of Critical Thinking - Bug Bounty Podcast In this episode Justin and Joel tackle a host of new research and write-ups, including Ruby SAML, 0-Click exploits in MediaTek Wi-Fi, and Vulnerabilities caused by The Great Firewall Follow us on twitter at: https://twitter.com/ctbbpodcast We're new to…

View more
Oct. 8, 2024

Be careful what you sell on eBay!

Be careful what you sell on eBay!
View more
Oct. 7, 2024

POCs failing? Here’s the problem AND the fix.

POCs failing? Here’s the problem AND the fix.

#bugbountytips #bugbounty #bugbounties

View more
Oct. 5, 2024

PHP stripslashes() DOESN'T strip slashes!?

PHP stripslashes() DOESN'T strip slashes!?

#bugbountytips #bugbounty #bugbounties

View more