Critical Thinking - Bug Bounty Podcast

Episode 157: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Hypr to talk about hacking Mediatek and his experiences with HackerOne and Pwn2Own Ecosystems.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pmeCritical Research Lab:https://lab.ctbb.show/ ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today’s Guest: https://x.com/hyprdude====== This Week in Bug Bounty ======Top 10 web hacking techniques of 2025: call for nominationshttps://portswigger.net/research/top-10-web-hacking-techniques-of-2025-nominations-openCVE-2025-13467https://access.redhat.com/security/cve/cve-2025-13467====== Resources ======Hypr's Bloghttps://blog.coffinsec.commediatek? more like media-rekt, amirite.https://blog.coffinsec.com/0days/2025/12/15/more-like-mediarekt-amirite.htmlkernel-utilshttps://github.com/mellow-hype/kernel-utils====== Timestamps ======(00:00:00) Introduction(00:03:23) Heap Overflow in Mediatek Kernel Drivers(00:19:23) Kernel Debugging & ioctl Handlers (00:43:30) Input Structs, Sync to Source, & Privilege Escalation (00:51:30) HackerOne Ecosystem vs Pwn2Own Ecosystem (01:17:00) Kernel Utils(01:26:46) Real World Bugs for Exploit Development vs CTFs

Episode 156: In this episode of Critical Thinking - Bug Bounty Podcast we answer some fantastic questions from over at bugbounty.forumFollow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X:https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pme====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!====== Resources ======Critical Thinking Lablab.ctbb.showCross-Site ETag Length Leakhttps://blog.arkark.dev/2025/12/26/etag-length-leakClawdbothttps://github.com/clawdbot/clawdbot/Post from Steve Caldwellhttps://x.com/moreconfetti/status/2006494133159162008====== Timestamps ======(00:00:00) Introduction(00:00:58) Crit Lab update(00:04:36) Cross-Site ETag Length Leak(00:13:26) Clawdbot(00:16:56) Will bug hunting become obsolete, LHE invitations, and Fulltime vs Part time?(00:30:52) 10 bugs at $5k or 1 bug at $5k, CTBB Background, & Future Plans(00:38:32) Mentoring, Conquering Classes, and what angles we implement from the podcast(00:49:27) Best approach on new targets, tips for making 500k in a year, AI/Vibecoding & Human in the Loop(00:59:07) Mentally mapping the target, anti-patterns that waste time, and BB beliefs that were wrong.(01:10:12) Tackling small scope, staying on one program, picking up after a break, & moving on(01:17:41) Invisible elements that make the difference between $2k and $20k

Episode 155: In this episode of Critical Thinking - Bug Bounty Podcast Justin, Joseph, and Brandyn reflect on last year of Bug Bounty, and list their goals and predictions for what 2026 holds.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pme====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!====== Resources ======2024 Hacker Stats & 2025 Goalshttps://blog.criticalthinkingpodcast.io/p/hackernotes-ep-104-2024-hacker-stats-2025-goals====== Timestamps ======(00:00:00) Introduction(00:02:08) 2025 Full Time Hunting Retrospective(00:10:19) Most Fulfilling Moments and Bugs(00:17:56) Satisfaction with 2025 Stats(00:45:28) Automation, Organization, and Collaboration(00:48:55) Time and Motivation(01:08:01) Goals and Predictions for Bug Bounty in 2026

Episode 154: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and Brandyn talk through the transition from Bug Bounty hunting to Pentesting. We cover diversifying income streams, the challenges of pricing for Pentests, legal considerations, and what Bug Hunters can bring to the Pentesting worldFollow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pme====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!====== Timestamps ======(00:00:00) Introduction(00:03:36) Starting a Pentesting Company (00:12:25) Advantages of Pentesting as a Bug Bounty Hunter(00:29:03) Pricing, Sales, and knowing your Market/Worth(00:36:21) Compliance in Pentests & Rapid-Fire Takaways

Episode 153: In this episode of Critical Thinking - Bug Bounty Podcast Matt Brown returns to talk with us about hacking robots, IOT hackbots, and his Zero-to-Hero Hardware Hacking Guide.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pme====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today’s Guest: Matt Brownhttps://x.com/nmatt0https://github.com/BrownFineSecurity/iothackbot====== Resources ======KeeYees USB Logic Analyzer DeviceSaleae logic analyzerXGecuHardware Hacking Tutorial by Make Me HackUART and SPI firmware extractionUART Root Shell on Linux RouterUART Shell Jail and Unlocked BootloaderChinese IP Camera Firmware ExtractionChip-Off Firmware Extraction====== Timestamps ======(00:00:00) Introduction(00:01:22) Incremental Session Token Story and Matt Brown Intro (00:10:42) Hardware Bug Bounty Scene & AI on Devices(00:24:30) Hacking Human Robot(00:41:33) Zero-to-Hero Hardware Hacking Guide(01:01:47) IOT Hackbot