Critical Thinking - Bug Bounty Podcast

Justin Gardner (Rhynorater) & Joel Margolis (teknogeek)

A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.

read less
TechnologyTechnology

Episodes

Episode 59: Bug Bounty Gadget Hunting & Hacker's Intuition
3d ago
Episode 59: Bug Bounty Gadget Hunting & Hacker's Intuition
Episode 59: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss the concept of gadgets and how they can be used to escalate the impact of vulnerabilities. We talk through things like HTML injection, image injection, CRLF injection, web cache deception, leaking window location, self-stored XSS, and much more.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount. Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. Resources:Even BetterNahamSec's 5 Week ProgramNahamCon NewsCSS Injection ResearchTimestamps:(00:00:00) Introduction(00:03:31) Caido's New Features(00:15:20) Nahamcon News and 5 week Bootcamp and pentest opportunity(00:19:54) HTML Injection, CSS Injection, and Clickjacking(00:33:11) Image Injection(00:37:19) Open Redirects, Client-side path traversal, and Client-side Open Redirect(00:49:51) Leaking window.location.href(00:57:15) Cookie refresh gadget(01:01:40) Stored XXS(01:09:01) CRLF Injection(01:13:24) 'A Place To Stand' in  GraphQL and ID Oracle(01:18:23) Auth gadgets, Web Cache Deception, & LocalStorage poisoning(01:27:46) Cookie Injection & Context Breaks
Episode 58: Youssef Sammouda - Client-Side & ATO War Stories
Feb 15 2024
Episode 58: Youssef Sammouda - Client-Side & ATO War Stories
Episode 58: In this episode of Critical Thinking - Bug Bounty Podcast we finally sit down with Youssef Samouda and grill him on his various techniques for finding and exploiting client-side bugs and postMessage vulnerabilities. He shares some crazy stories about race conditions, exploiting hash change events, and leveraging scroll to text fragments. Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount. Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. Today’s Guest: https://twitter.com/samm0uda?lang=enhttps://ysamm.com/Resources:Client-side race conditions with postMessage: https://ysamm.com/?p=742 Transferable Objectshttps://developer.mozilla.org/en-US/docs/Web/API/Web_Workers_API/Transferable_objectsEvery known way to get references to windows, in javascript:https://bluepnume.medium.com/every-known-way-to-get-references-to-windows-in-javascript-223778bede2dYoussef’s interview with BBREhttps://www.youtube.com/watch?v=MXH1HqTFNm0Timestamps:(00:00:00) Introduction(00:04:27) Client-side race conditions with postMessage(00:18:12) On Hash Change Events and Scroll To Text Fragments(00:32:00) Finding, documenting, and reporting complex bugs(00:37:32) PostMessage Methodology(00:45:05) Youssef's Vuln Story(00:53:42) Where and how to look for ATO vulns(01:05:21) MessagePort(01:14:37) Window frame relationships(01:20:24) Recon and JS monitoring(01:37:03) Client-side routing(01:48:05) MITMProxy
Episode 56: Using Data Science to win Bug Bounty - Mayonaise (aka Jon Colston)
Feb 1 2024
Episode 56: Using Data Science to win Bug Bounty - Mayonaise (aka Jon Colston)
Episode 56: Using Data Science to win Bug Bounty - Mayonaise (aka Jon Colston)Episode 56: In this episode of Critical Thinking - Bug Bounty Podcast, Justin sits down with Jon Colston to discuss how his background in digital marketing and data science has influenced his hunting methodology. We dive into subjects like data sources, automation, working backwards from vulnerabilities, applying conversion funnels to bug bounty, and the mayonaise signature 'Mother of All Bugs' Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------WordFence - Sign up as a researcher! https://ctbb.show/wfSign up for Caido using the referral code CTBBPODCAST for a 10% discount. Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. Today’s Guest:https://hackerone.com/mayonaise?type=userTimestamps:(00:00:00) Introduction(00:12:07) Evolving Hacking Methodologies & B2B Hacking(00:23:57) Data Science + Bug Bounty(00:34:37) 'Lead Generation for Vulns'(00:41:39) Ingredients and Recipes(00:49:45) Keyword Categorization(00:54:30) Manual Processes and Recap(01:07:08) Data Sources(01:19:59) Digital Marketing + Bug Bounty(01:32:22) M.O.A.B.s(01:41:02) Burnout Protection and Dupe Analysis
Episode 54: White Box Formulas - Vulnerable Coding Patterns
Jan 18 2024
Episode 54: White Box Formulas - Vulnerable Coding Patterns
Episode 54: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel are back with news items and new projects. Joel shares about his personal scraping project to gather data on bug bounty programs and distribution Next, they announce the launch of HackerNotes, a podcast companion that will summarize the main technical points of each episode. They also discuss a recent GitLab CVE and an invisible prompt injection, before diving into a discussion (or debate) about vulnerable code patterns.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Gitlab CVEhttps://github.com/Vozec/CVE-2023-7028https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/Fix commit: https://gitlab.com/gitlab-org/gitlab/-/commit/abe79e4ec437988cf16534a9dbba81b98a2e7f18Invisible Prompt Injectionhttps://x.com/goodside/status/1745511940351287394?s=20Regex 101https://regex101.comRegex to Stringshttps://www.wimpyprogrammer.com/regex-to-strings/Timestamps(00:00:00) Introduction(00:01:54) Joel’s H1 Data Scraping Research(00:19:23) HackerNotes launch(00:21:29) Gitlab CVE(00:27:45) Invisible Prompt Injection(00:33:52) Vulnerable Code Patterns(00:37:51) Sanitization, but then modification of data afterward(00:45:39) Auth check inside body of if statement(00:48:15) sCheck for bad patterns with if, but then don't do any control flow(00:50:21) Bad Regex(01:00:36) Replace statements for sanitization(01:04:32) Anything that allows you to call functions or control code flow in uncommon ways
Episode 52: Best Technical Content from Year 1 of CTBB Podcast
Jan 4 2024
Episode 52: Best Technical Content from Year 1 of CTBB Podcast
Episode 52: In this episode of Critical Thinking - Bug Bounty Podcast we're going back and highlighting some of the best technical moments from the past year! Hope you enjoy this best of 2023 Supercut!Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Timestamps:(00:00:00) Introduction(00:02:55) Episode 26: Meta tags and base tags in HTML(00:15:20) Episode 27: Client-side path traversal(00:23:18) Episode 27: Cookie bombing + cookie jar overflow(00:35:47) Episode 44: Cross environment authentication bugs(00:43:17) Episode 47: The open-faced Iframe Sandwich(00:50:19) Episode 47: js hoisting and classic Joel nerdsnipe(00:58:28) Episode 29: Sean Yeoh on Subdomains vs IP in recon(01:04:05) Episode 30: Shubs on reversing enterprise software(01:24:58) Episode 30: Shubs on building out a recon flow(01:29:36) Episode 30: Shubs on Hacking IIS Servers(01:36:45) Episode 37: 0xLupin on smart JavaScript analysis tools(01:45:42) Episode 45: Frans Rosen On App cache, Service workers cookie stuffing, and postMessage(02:15:02) Episode 50: Mathias Karlsson on XSLT and MXSS(02:39:26) Episode 27: Assetnote's sharefile RCE(02:48:18) Episode 31: Perforce RCE(02:53:48) Episode 48: Sam Erb's XSLT bug story(02:58:47) Final thoughts and Special Thanks
Episode 50: ­Mathias "Fall in a well" Karlsson - Bug Bounty Prophet
Dec 21 2023
Episode 50: ­Mathias "Fall in a well" Karlsson - Bug Bounty Prophet
Episode 50: In this episode of Critical Thinking - Bug Bounty Podcast, Justin catches up with hacking master Mathias Karlsson, and talks about burnout, collaboration, and the importance of specialization. Then we dive into the technical details of MXSS and XSLT, character encoding, and give some predictions of what Bug Bounty might look like in the future…Follow us on twitter at: @ctbbpodcastSend us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.Hop on the CTBB Discord!We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Today’s GuestEpisode ResourcesHow to Differentiate Yourself as a HunterMutateMethodshackaplanetenArticle About Unicode and Character SetsByte Order Mark:Character EncodingsShapeCatcherWAF BypassBountyDashEXPLOITING HTTP'S HIDDEN ATTACK-SURFACETimestamps:(00:00:00) Introduction(00:10:06) Automation Setup and Assetnote Origins(00:16:49) Sharing Tips, and Content Creation(00:22:27) Collaboration and Optimization(00:36:44) Working at Detectify(00:51:45) Bug Bounty Burnout(00:56:15) Early Days of Bug Bounty and Future Predictions(01:19:00) Nerdsnipeability(01:29:38) MXSS and XSLT(01:54:20) Learning through being wrong(02:00:15) Go-to Vulns
Episode 49: Getting Live Hacking Event Invites & Bug Bounty Collab with Nagli
Dec 14 2023
Episode 49: Getting Live Hacking Event Invites & Bug Bounty Collab with Nagli
Episode 49: In this episode of Critical Thinking - Bug Bounty Podcast, Justin Gardner is once again joined by Nagli to discuss some of their recent hacking discoveries. They talk about finding and exploiting a backup file in an ASP.NET app, discovering vulnerabilities through Swagger files, and debating the vulnerability of a specific ‘undisclosed’ domain. Then they reflect on 2023’s Live Hacking Event circuit, and preview what’s to come in 2024’s.This episode sponsored by Wordfence! Wordfence recently launched a game-changer of a bug bounty program with ALL WordPress plugins over 50k installs are in-scope. They are currently paying 6.25x their normal bounty amounts, and have agreed to give CT listeners a 10% bonus on top of that! If you wanna pop some crits and see those bounties roll in, head over to https://ctbb.show/wf for more info and keep an eye on the CTBB Discord for inspiration/collabs.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount. Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. Today’s GuestEpisode Resources:ShockwaveWhy So SerialNew LHE Standards DroppedTimestamps:(00:00:00) Introduction(00:02:37) wwwroot .zip Hack Recap(00:13:44) Swagger File Hack Recap(00:18:27) Undisclosed URL Hack Recap(00:24:29) 2023 LHE Circut Recap(00:37:14) 2024 LHE Preview and New Standards(00:47:22) Bug Bounty Motivation
Episode 48: MVH, DEFCON Black Badge, Googler - Sam Erb
Dec 7 2023
Episode 48: MVH, DEFCON Black Badge, Googler - Sam Erb
Episode 48: In this episode, joined by the spectacular Sam Erb, Google Security Engineer and DEFCON Black Badge winner. We talk about the importance of understanding how systems work to find vulnerabilities, and how his engineering background influences his hunting style and methodologies. Then we jump over to his Career Development and his work with Google, and then chat about some of the recent Google Vulnerability Programs.This episode is sponsored by Wordfence! Wordfence recently launched a game-changer of a bug bounty program with ALL WordPress plugins over 50k installs are in-scope. They are currently paying 6.25x their normal bounty amounts, and have agreed to give CT listeners a 10% bonus on top of that! Head over to https://ctbb.show/wf for more info and keep an eye on the CTBB Discord for inspiration/collabs.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!—— Links ——Follow your hosts Rhynorater & Teknogeek on twitter:—— Ways to Support CTBBPodcast ——Sign up for Caido using code CTBBPODCAST for a 10% discount.Hop on the CTBB DiscordDiscord premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Today’s Guest:https://twitter.com/erbbysamSam Erbs Static SecretSecurity Now PodcastBIMI:Andhttps://bimigroup.org/Google Device Vulnerability Reward Program InitiativesGoogle Invalid ReportsHacking GoogleTranscripts(00:00:00) Introduction(00:02:50) Hacker Methodology with Sam Erb(00:12:20) Balancing Bug Hunting and Personal Life(00:15:53) Deep Diving on a program and using automation.(00:27:00) Optimizing Bug Hunting and Understanding Attack Vectors(00:39:22) Collaboration and Boundaries(00:45:42) Career Development and Entrepreneurship(00:55:13) Winning Black Badges at DEFCON(00:58:02) BufferOver(01:09:11) Working at Google(01:19:23) Google Bug Bounty Programs(01:31:41) BONUS Cool Bugs
Episode 47: CSP Research, Iframe Hopping, and Client-side Shenanigans
Nov 30 2023
Episode 47: CSP Research, Iframe Hopping, and Client-side Shenanigans
Episode 47: In this episode of Critical Thinking - Bug Bounty Podcast, the holidays are fast approaching, and Justin and Joel discuss some of the struggles of getting back into the hacking groove during and after breaks. We also celebrate the newly launched Critical Thinking Discord Community before diving into Iframe Sandwhiches, JS Hoisting, CSP Bypasses, and a host of new tools, techniques, and tangents.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.Hop on the CTBB Discord at https://ctbb.show/discord!ThankUNextjswzlRapid APISSRF Utility tool by BebiksTweet from Johan CarlssonBurp Extension from Google VRPJustin's Tweet about JS HoistingBypass CSP Using WordPressHow to trick CSP in letting you run whatever you wantTimestamps:(00:00:00) Introduction(00:01:58) Overcoming Bug Bounty struggles and getting back into the hacking groove(00:07:46) Taking notes and sticking to one program(00:14:50) Critical Thinking Discord, Community highlights, and Competition vs Collaboration(00:22:25) Secondary context bugs and Automationism(00:28:42) ThankUNext and Client-side Paths(00:33:45) Tool Tangents: Jswzl, Caido, Postman, and Rapid API(00:46:49) New SSRF Utility tool by Bebiks and the continuing evolution of hacking tools(00:51:45) Iframe Sandwiches(00:58:54) News Items(01:06:12) JS Hoisting(01:15:05) CSP Bypasses
Episode 46: The SAML Ramble
Nov 23 2023
Episode 46: The SAML Ramble
Episode 46: In this episode of Critical Thinking - Bug Bounty Podcast, Justin is deep diving the topic of SAML (Security Assertion Markup Language), and walks through what it is and why it can be intimidating, before going over some key attack vectors to look for. Then he closes out with a commentary on a sample payload, and some HackerOne reports.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.KazHACKstanhttps://kazhackstan.com/enTesting SAML security with DASThttps://agrrrdog.blogspot.com/2023/01/testing-saml-security-with-dast.htmlHow to break SAML if I have paws?https://speakerdeck.com/greendog/how-to-break-saml-if-i-have-paws?slide=20How to Hunt Bugs in SAML; a Methodologyhttps://epi052.gitlab.io/notes-to-self/blog/2019-03-16-how-to-test-saml-a-methodology-part-three/SAML Raiderhttps://portswigger.net/bappstore/c61cfa893bb14db4b01775554f7b802eExternal Entity Injection during XML signature verificationhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2313mTLS: When certificate authentication is done wronghttps://github.blog/2023-08-17-mtls-when-certificate-authentication-is-done-wrong/HackerOne Uber Reporthttps://hackerone.com/reports/136169Timestamps:(00:00:00) Introduction(00:05:25) Understanding SAML and its complexities(00:08:30) SAML Attack Vectors(00:14:15) XML Signature Wrapping(00:19:50) Some SAML tests to try(00:30:30) Sample Payload description(00:34:10) Token Recipient confusion(00:36:05) HackerOne Reports
Episode 45: The OG Bug Bounty King - Frans Rosen
Nov 16 2023
Episode 45: The OG Bug Bounty King - Frans Rosen
Episode 45: In this episode of Critical Thinking - Bug Bounty Podcast, we're thrilled to welcome Frans Rosén, an OG bug bounty hunter and co-founder of Detectify. We kick off with Frans sharing his journey bug bounty and security startups, before diving headfirst into a host of his blog posts. We also cover the value of pseudo-code for bug exploitation, understanding developer terminology, the challenges of collaboration and delegating tasks, and balancing hacking with parenting. If you're interested in bug bounty or entrepreneurship, you won't want to miss it!Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.Join our Discord!Today's Guest:https://twitter.com/fransrosenDetectifyDiscovering s3 subdomain takeoversBucket DiscloseA deep dive into AWS S3 access controlsAttacking Modern Web TechnologiesLive Hacking like a MVHAccount hijacking using Dirty Dancing in sign-in OAuth flowsTimestamps:(00:00:00) Introduction(00:04:50) Franz Rosen's Bug Bounty Journey and the creation of Detectify(00:13:30) Benefits of pseudo-code, typing, and thinking like a developer(00:20:20) Hunter Methodologies(00:35:40) Time on targets, Iteration vs. Ideation, and tips for standing out(00:51:10) S3 subdomain takeovers(01:05:02) Blog posting and hosting motivations(01:13:30) Detectify and entrepreneurial endeavors(01:29:50) Attacking Modern Web Technologies(01:46:00) postMessage and MessagePort(01:58:09) Live Hacking and Collaboration(02:13:50) Account Hijacking and OAuth Flows(02:28:48) Hacking/Parenting
Episode 44: URL Parsing & Auth Bypass Magic
Nov 9 2023
Episode 44: URL Parsing & Auth Bypass Magic
Episode 44: In this episode of Critical Thinking - Bug Bounty Podcast, the topic is URL structure, and Justin and Joel break down the elements that make up a URL and some common tips and tricks surrounding them which allow for all sorts of bypasses. We also round out the episode with some new tools, ato stories, and some controversial current events in the hacker scene.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount."XnlReveal" XNL h4ck3rOAuth article by Salt LabsH1 controversy recapATO through Facebook Loginhttps://twitter.com/Jayesh25_/status/1718543152296939861https://twitter.com/itscachemoney/status/1721658450613346557When URL Parsers disagreeGolden techniques to bypass host validations in Android appsMozilla article on HTTP AuthenticationBreaking Parser Logic talk by Orange TsaiURL DetectorSSRF BibleTimestamps:(00:00:00) Introduction(00:04:10) “Xnl-Reveal”(00:07:22) OAuth vulnerabilities(00:13:17) Recap of controversy surrounding the handling of a vulnerability report on H1(00:18:55) Hacker Success Manager Program(00:22:30) Facebook login ATO(00:27:45) When URL parsers disagree(00:34:34) URL Structures(01:02:22) Shared secrets across environments(01:09:40) Social Media Logins
Episode 43: Caido - The Up-And-Coming HTTP Proxy
Nov 2 2023
Episode 43: Caido - The Up-And-Coming HTTP Proxy
Episode 43: In this episode of Critical Thinking - Bug Bounty Podcast, we're joined by Emile from Caido, who shares his journey into the bug bounty and ethical hacking world. We kick off with a hilarious incident involving Joel, a child on an airplane, and an unfortunate cough. We then dive into the challenges of building an HTTP proxy tool, balancing basic features with nice-to-have features, and the importance of user feedback in shaping the development of Caido, a bug bounty tool.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount on the annual license. Today’s Guest:https://twitter.com/TheSytten Caidohttps://caido.io/Caido’s Discordhttps://discord.com/invite/KgGkkpKFaqVS Codehttps://code.visualstudio.com/DNSChefhttps://github.com/iphelix/dnschefHackMDhttps://hackmd.io/Timestamps:(00:00:00) Introduction(00:01:34) Emile’s journey from general infrastructure development to co-founding Caido(00:07:00) The rundown on Caido, a lightweight and flexible HTTP proxy tool(00:11:00) Current and upcoming Caido Features(00:17:00) Caido crew and division of duties(00:19:40) Missing features and feature requests(00:23:49) Decision to use Rust(00:28:25) Workflows and walkthroughs(00:36:27) Intercepts and the Roadmap(00:41:15) Opinions on collaborator Functionality and HTTP Callback(00:46:19) Reporting and Collaboration
Episode 40: Bug Bounty Mentoring
Oct 12 2023
Episode 40: Bug Bounty Mentoring
Episode 40: In this episode of Critical Thinking - Bug Bounty Podcast, it’s all about mentorships! Justin sits down with Kodai and So, two hackers he helped mentor, to discuss what worked and what didn’t. We talk about the importance of mentorship, what mentors might look for in a candidate, the challenges of transitioning from being mentored to self-education, and the necessity of continuous learning in this ever-evolving field that is bug bounty. This episode is a treasure trove of insights, and if you’re interested in either side of the mentorship coin, you won’t want to miss it.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount. Today’s Guests:https://twitter.com/weeshterhttps://twitter.com/Mokusou4Congrats to @nchickens as our giveaway winner!The Bug Hunter's Methodology Live Coursehttps://jasonhaddix.gumroad.com/l/lycucsTimestamps:(00:00:00) Introduction(00:04:00) Guest backgrounds and introduction into hacking(00:17:49) Where to start Learning and Teaching(00:25:40) Technical Training vs Conceptual Teaching(00:28:34) Mentorship Styles and Techniques.(00:39:15) Moving from being mentored to self-learning(00:46:20) Developing mental resilience and healthy habits(00:50:32) Elements in mentorships that were hard or haven’t worked(01:02:21) Being influenced by other hackers through mentorship or collaboration(01:06:20) Hacking Bilingually and language barriers(01:11:30) Hacking and learning goals for the future