Interested in going full-time bug bounty? Check out our blueprint!

Videos

Nov. 4, 2024

Why you must review XPath in SAML code!

Why you must review XPath in SAML code!

#bugbountytips #bugbounty #bugbounties

View more
Nov. 3, 2024

The AI-Powered 403 Bypasser: Caido Plugin!

The AI-Powered 403 Bypasser: Caido Plugin!

#bugbountytips #bugbounty #bugbounties

View more
Nov. 2, 2024

My crypto bug that could delete entire wallets!

My crypto bug that could delete entire wallets!

#bugbountytips #bugbounty #bugbounties

View more
Nov. 1, 2024

How the Great Firewall of China Uses DNS Poisoning

How the Great Firewall of China Uses DNS Poisoning

#bugbountytips #bugbounty #bugbounties

View more
Oct. 31, 2024

Attacking Chrome Extensions with MatanBer - Big Impact on the Client-Side (Ep. 95)

Attacking Chrome Extensions with MatanBer - Big Impact on the Client-Side (Ep. 95)

Episode 95: In this episode of Critical Thinking - Bug Bounty Podcast In this episode, Justin is joined by MatanBer to delve into the intricacies of browser extensions. We talk about the structure and threat models, and cover things like service workers, extension pages, and isolated worlds. Follow us on…

View more
Oct. 24, 2024

Zendesk Fiasco & the CTBB Naughty List (Ep. 94)

Zendesk Fiasco & the CTBB Naughty List (Ep. 94)

Episode 94: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel give their perspectives on the recent Zendesk fiasco and the ethical considerations surrounding it. They also highlight the launch of AuthzAI and some research from Ophion Security Follow us on twitter at: https://twitter.com/ctbbpodcast We're new…

View more
Oct. 23, 2024

Why note taking is good for your health!

Why note taking is good for your health!

#bugbountytips #bugbounty #bugbounties

View more
Oct. 21, 2024

My struggle with LHE burnout!

My struggle with LHE burnout!

#bugbountytips #bugbounty #bugbounties

View more
Oct. 20, 2024

Is THIS the most underrated skill in bug bounty?

Is THIS the most underrated skill in bug bounty?

#bugbountytips #bugbounty #bugbounties

View more
Oct. 18, 2024

I ignored SSRF for too long...

I ignored SSRF for too long...

#bugbountytips #bugbounty #bugbounties

View more
Oct. 17, 2024

A Chat with Dr. Bouman - Life as a Hacker and a Doctor (Ep.93)

A Chat with Dr. Bouman - Life as a Hacker and a Doctor (Ep.93)

Episode 93: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Dr. Jonathan Bouman to discuss his unique journey as both a Hacker and a Healthcare Professional. We talk through how he balances his dual careers, some ethical considerations of hacking in the context of healthcare,…

View more
Oct. 16, 2024

The BEST bugs for new hunters (with @gr3pme)

The BEST bugs for new hunters (with @gr3pme)

#bugbountytips #bugbounty #bugbounties

View more
Oct. 14, 2024

When IoT hacking meets Indiana Jones!

When IoT hacking meets Indiana Jones!
View more
Oct. 12, 2024

Want to learn hardware hacking? Try this.

Want to learn hardware hacking? Try this.

Bricking devices can get VERY expensive VERY quickly. If you want to get into hardware hacking, try this.

View more
Oct. 10, 2024

Plain text session tokens... ON FACEBOOK!?

Plain text session tokens... ON FACEBOOK!?
View more
Oct. 10, 2024

SAML XPath Confusion, Chinese DNS Poisoning, and AI Powered 403 Bypasser (Ep. 92)

SAML XPath Confusion, Chinese DNS Poisoning, and AI Powered 403 Bypasser (Ep. 92)

Episode 92: In this episode of Critical Thinking - Bug Bounty Podcast In this episode Justin and Joel tackle a host of new research and write-ups, including Ruby SAML, 0-Click exploits in MediaTek Wi-Fi, and Vulnerabilities caused by The Great Firewall Follow us on twitter at: https://twitter.com/ctbbpodcast We're new to…

View more
Oct. 8, 2024

Be careful what you sell on eBay!

Be careful what you sell on eBay!
View more
Oct. 7, 2024

POCs failing? Here’s the problem AND the fix.

POCs failing? Here’s the problem AND the fix.

#bugbountytips #bugbounty #bugbounties

View more
Oct. 5, 2024

PHP stripslashes() DOESN'T strip slashes!?

PHP stripslashes() DOESN'T strip slashes!?

#bugbountytips #bugbounty #bugbounties

View more
Oct. 3, 2024

Zero to LHE in 9 Months (feat gr3pme) (Ep. 91)

Zero to LHE in 9 Months (feat gr3pme) (Ep. 91)

Episode 91: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner sits down with Critical Thinking’s own HackerNotes writer Brandyn Murtagh (gr3pme) to talk about his journey with Bug Bounty. We cover mentorship, networking and LHEs, ecosystem hacking, emotional regulation, and the need for self-care. Then we…

View more
Oct. 1, 2024

PortSwigger's new release is a BANGER!

PortSwigger's new release is a BANGER!

#bugbountytips #bugbounty #bugbounties

View more
Sept. 30, 2024

How 25 characters can get you a SHELL!

How 25 characters can get you a SHELL!

- with Frans Rosén! #bugbountytips #bugbounty #bugbounties

View more
Sept. 28, 2024

UNBELIEVABLE OS Command Injection technique!? 😱

UNBELIEVABLE OS Command Injection technique!? 😱

(with Frans Rosén) #bugbountytips #bugbounty #bugbounties

View more
Sept. 26, 2024

Using x-request-id to access ANY account via Header Injection!

Using x-request-id to access ANY account via Header Injection!

Using x-request-id to access ANY account via Header Injection! (with Frans Rosén) #bugbountytips #bugbounty #bugbounties

View more