Critical Thinking - Bug Bounty Podcast

Episode 159: In this episode of Critical Thinking - Bug Bounty Podcast we sit down with the Google Cloud VRP Team to deep-dive policy and reward changes, what the panel process looks like, and how to best configure for success.
Follow us on X
Got any ideas and suggestions? Feel free to send us any feedback
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater, rez0 and gr3pme on X:
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Get some hacker swag
Today's Sponsor: Join Justin at Zero Trust World in March and get $200 off registration with Code ZTWCTBB26
Mention the podcast in any rewarded (cash or credit) VRP report before the end of April to receive bonus swag!
https://ztw.com/
Today’s Guests:
Darby Hopkins
Michael Cote
====== This Week in Bug Bounty ======
AI Red Teaming Explained by AI Red Teamers
Good Faith AI Research Safe Harbor
Join the Adobe LHE at NULLCON GOA
====== Resources ======
‘Legendary Guy’ - Jakub Domeracki
Google Cloud VRP rewards rules
Google Cloud VRP product tiers
Bug Hunters blog on the 2025 Google Cloud VRP bugSWAT
Google VRP Discord
Google VRP on X
====== Timestamps ======
(00:00:00) Introduction
(00:10:03) CloudVRP Bugswat Event Breakdown
(00:16:40) VRP Policy & Rewards Changes
(00:04:50) Panel Process
(01:00:08) Avoiding Downgrades
(01:33:47) Scenarios for Success

Episode 158: In this episode of Critical Thinking - Bug Bounty Podcast we talk about our takeaways from the CTBB Charity Hackalong, and then break down some InsertScript POCs, what a $55,000 bug can look like, and if Smart People Ever Say They’re Smart.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater, rez0 and gr3pme on X:
Crit Research Lab:
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag!
Today's Sponsor: Join Justin at Zero Trust World in March and get $200 off registration with Code ZTWCTBB26
https://ztw.com/
====== Resources ======
InsertScript - XSS Challenge Solution
InsertScript - Redirect AuthHeader
CRLF injection on a 302 redirect
Multiple XSS in Meta Conversion API Gateway Leading to Zero-Click Account Takeover
Arcanum Hack Tips
Trail of Bits Releases Claude Skills
what a $55,000 bug can look like
Pwning Claude Code in 8 Different Ways
Do Smart People Ever Say They’re Smart?
====== Timestamps ======
(00:00:00) Introduction
(00:04:18) Takeaways from CT Charity Hackalong
(00:22:21) InsertScript POCs & Rez0 and teknogeek's IOT Adventures
(00:32:16) CRLF injection on a 302 redirect & Multiple XSS in Meta
(00:41:00) Trail of Bits, what a $55,000 bug can look like, & Pwning Claude Code
(00:54:16) Do Smart People Ever Say They’re Smart?

Episode 157: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Hypr to talk about hacking Mediatek and his experiences with HackerOne and Pwn2Own Ecosystems.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater, rez0 and gr3pme on X:
https://x.com/Rhynorater
https://x.com/rez0__
https://x.com/gr3pme
Critical Research Lab:
https://lab.ctbb.show/
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
Today’s Guest: https://x.com/hyprdude
====== This Week in Bug Bounty ======
Top 10 web hacking techniques of 2025: call for nominations
https://portswigger.net/research/top-10-web-hacking-techniques-of-2025-nominations-open
CVE-2025-13467
https://access.redhat.com/security/cve/cve-2025-13467
====== Resources ======
Hypr's Blog
https://blog.coffinsec.com
mediatek? more like media-rekt, amirite.
https://blog.coffinsec.com/0days/2025/12/15/more-like-mediarekt-amirite.html
kernel-utils
https://github.com/mellow-hype/kernel-utils
====== Timestamps ======
(00:00:00) Introduction
(00:03:23) Heap Overflow in Mediatek Kernel Drivers
(00:19:23) Kernel Debugging & ioctl Handlers
(00:43:30) Input Structs, Sync to Source, & Privilege Escalation
(00:51:30) HackerOne Ecosystem vs Pwn2Own Ecosystem
(01:17:00) Kernel Utils
(01:26:46) Real World Bugs for Exploit Development vs CTFs

Episode 156: In this episode of Critical Thinking - Bug Bounty Podcast we answer some fantastic questions from over at bugbounty.forum
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater, rez0 and gr3pme on X:
https://x.com/Rhynorater
https://x.com/rez0__
https://x.com/gr3pme
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
====== Resources ======
Critical Thinking Lab
lab.ctbb.show
Cross-Site ETag Length Leak
https://blog.arkark.dev/2025/12/26/etag-length-leak
Clawdbot
https://github.com/clawdbot/clawdbot/
Post from Steve Caldwell
https://x.com/moreconfetti/status/2006494133159162008
====== Timestamps ======
(00:00:00) Introduction
(00:00:58) Crit Lab update
(00:04:36) Cross-Site ETag Length Leak
(00:13:26) Clawdbot
(00:16:56) Will bug hunting become obsolete, LHE invitations, and Fulltime vs Part time?
(00:30:52) 10 bugs at $5k or 1 bug at $5k, CTBB Background, & Future Plans
(00:38:32) Mentoring, Conquering Classes, and what angles we implement from the podcast
(00:49:27) Best approach on new targets, tips for making 500k in a year, AI/Vibecoding & Human in the Loop
(00:59:07) Mentally mapping the target, anti-patterns that waste time, and BB beliefs that were wrong.
(01:10:12) Tackling small scope, staying on one program, picking up after a break, & moving on
(01:17:41) Invisible elements that make the difference between $2k and $20k

Episode 155: In this episode of Critical Thinking - Bug Bounty Podcast Justin, Joseph, and Brandyn reflect on last year of Bug Bounty, and list their goals and predictions for what 2026 holds.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater, rez0 and gr3pme on X:
https://x.com/Rhynorater
https://x.com/rez0__
https://x.com/gr3pme
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
====== Resources ======
2024 Hacker Stats & 2025 Goals
https://blog.criticalthinkingpodcast.io/p/hackernotes-ep-104-2024-hacker-stats-2025-goals
====== Timestamps ======
(00:00:00) Introduction
(00:02:08) 2025 Full Time Hunting Retrospective
(00:10:19) Most Fulfilling Moments and Bugs
(00:17:56) Satisfaction with 2025 Stats
(00:45:28) Automation, Organization, and Collaboration
(00:48:55) Time and Motivation
(01:08:01) Goals and Predictions for Bug Bounty in 2026