PodcastsTechnologiesCritical Thinking - Bug Bounty Podcast

Critical Thinking - Bug Bounty Podcast

Justin Gardner (Rhynorater), Joseph Thacker (Rez0), & Brandyn Murtagh (gr3pme)
Critical Thinking - Bug Bounty Podcast
Dernier épisode

184 épisodes

  • Critical Thinking - Bug Bounty Podcast

    Episode 182: Partial Auth, Hackbot GraphQL, and AI's #1 Mission

    09/07/2026 | 39 min
    Episode 182: In this episode of Critical Thinking - Bug Bounty Podcast we talk about some recent bugs involving WPM, MCP, and a possible emerging bug class using Wayback. We also talk about some GraphQL Hackbot finds, and what AI’s #1 mission should be.

    Follow us on twitter at: https://x.com/ctbbpodcast
    Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
    Shoutout to YTCracker for the awesome intro music!

    ====== Links ======
    Follow your hosts Rhynorater, rez0 and gr3pme on X:
    https://x.com/Rhynorater
    https://x.com/rez0__
    https://x.com/gr3pme

    Critical Research Lab:
    https://lab.ctbb.show/

    Need a Pentest? We just launched CTBB Pentests!
    https://pentest.ctbb.show/

    Hack full time? Check out the Full-Time Hunter’s Guild!
    https://ctbb.show/fthg

    ====== Ways to Support CTBBPodcast ======
    Hop on the CTBB Discord at https://ctbb.show/discord!

    We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

    You can also find some hacker swag at https://ctbb.show/merch!

    ====== This Week in Bug Bounty ======
    LeHack 2026 Recap
    https://event.yeswehack.com/events/lehack-2026

    Don’t eat the ChocoPoCs! How vulnerability researchers were repeatedly targeted by trojanised exploits
    https://www.yeswehack.com/fr/news/chocopocs-vulnerability-researchers-trojanised-exploits

    Navigating the AI Wave: How We're Keeping Security Research Meaningful
    https://www.hackerone.com/blog/ai-driven-report-volume-insights-and-actions

    ====== Resources ======
    Caido Skills
    https://github.com/caido/skills/pull/22

    Hunting For AWS Cognito Security
    Misconfigurations
    https://www.yassineaboukir.com/talks/NahamConEU2022.pdf

    X MCP
    https://docs.x.com/tools/mcp

    US South Summer Sessions: Hack the Heat
    https://h1.community/events/details/hackerone-us-south-hackerone-club-presents-us-south-summer-sessions-hack-the-heat/

    ====== Timestamps ======
    (00:00:00) Introduction
    (00:08:31) WPM Bug & Wayback to Guest Bearer
    (00:18:42) GraphQL Hackbot Finds, Fable Updates, & AI's #1 Mission
    (00:29:45) MCP, US South H1 Event, & AI Sandbox Escapes
  • Critical Thinking - Bug Bounty Podcast

    Episode 181: Bug Bounty Singularity

    02/07/2026 | 52 min
    Episode 181: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and XSSDoctor talk about building a Hackbot.

    Follow us on twitter at: https://x.com/ctbbpodcast
    Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
    Shoutout to YTCracker for the awesome intro music!

    ====== Links ======
    Follow your hosts Rhynorater, rez0 and gr3pme on X:
    https://x.com/Rhynorater
    https://x.com/rez0__
    https://x.com/gr3pme

    Critical Research Lab:
    https://lab.ctbb.show/

    Need a Pentest? We just launched CTBB Pentests!
    https://pentest.ctbb.show/

    Hack full time? Check out the Full-Time Hunter’s Guild!
    https://ctbb.show/fthg

    ====== Ways to Support CTBBPodcast ======
    Hop on the CTBB Discord at https://ctbb.show/discord!

    We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

    You can also find some hacker swag at https://ctbb.show/merch!

    Today's Sponsor: Check out Zero Trust Network Access:
    https://www.criticalthinkingpodcast.io/tl-ztna

    ====== Resources ======

    Are bug bounties cooked?
    https://hakluke.com/are-bug-bounties-cooked

    We built a Hackbot
    https://josephthacker.com/hacking/2026/07/01/we-built-a-hackbot.html

    ====== Timestamps ======
    (00:00:00) Introduction
    (00:07:22) Manual vs. AI Hacking
    (00:17:27) Building a Hackbot
    (00:23:53) Negatives of Hackbots
    (00:31:34) Logistics and Problems of Singularity
    (00:46:21) Successes
  • Critical Thinking - Bug Bounty Podcast

    Episode 180: State of Bug Bounty Maturity Posture Report

    25/06/2026 | 1 h 12 min
    Episode 180: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Steve Hernandez, founder of the Bug Bounty Maturity Framework (BBMF), to walk us through the inaugural State of Bug Bounty Maturity Posture Report. We go through the scores and cover Asset Hygiene, Operational Signal, how to re-engage the relationship between trust and researcher participation.

    Follow us on twitter at: https://x.com/ctbbpodcast
    Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
    Shoutout to YTCracker for the awesome intro music!

    ====== Links ======
    Follow your hosts Rhynorater, rez0 and gr3pme on X:
    https://x.com/Rhynorater
    https://x.com/rez0__
    https://x.com/gr3pme

    Critical Research Lab:
    https://lab.ctbb.show/

    Need a Pentest? We just launched CTBB Pentests!
    https://pentest.ctbb.show/

    Hack full time? Check out the Full-Time Hunter’s Guild!
    https://ctbb.show/fthg

    ====== Ways to Support CTBBPodcast ======
    Hop on the CTBB Discord at https://ctbb.show/discord!

    We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

    You can also find some hacker swag at https://ctbb.show/merch!

    Today’s Guest: https://x.com/SteveHernandezM
    Email Steve at info@bugbountymaturity.com

    Fill out this form to enter a Critical Thinkers raffle
    https://forms.ctbb.show/mdaz

    ====== Resources ======
    State of Bug Bounty Maturity Posture
    https://bugbountymaturity.com/research/state-of-bug-bounty-maturity-posture-2026

    Take the Bug Bounty Maturity Assessment
    https://bugbountymaturity.com/assessment

    AI Is Compressing the Bug Bounty Maturity Curve
    https://bugbountymaturity.com/research/ai-is-compressing-the-bug-bounty-maturity-curve

    ====== Timestamps ======
    (00:00:00) Introduction
    (00:04:09) State of Bug Bounty Maturity Posture
    (00:22:33) Researcher Interface & Program Trust
    (00:44:38) Maturity Bands and Scoring
    (01:08:19) AI Is Compressing the Bug Bounty Maturity Curve
  • Critical Thinking - Bug Bounty Podcast

    Episode 179: Maintaining Motivation in Post-AI Bug Bounty World

    18/06/2026 | 46 min
    Episode 179: In this episode of Critical Thinking - Bug Bounty Podcast we talk about how to stay motivated and keep the vibes strong during this trying time for Bug Bounty.

    Follow us on twitter at: https://x.com/ctbbpodcast
    Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
    Shoutout to YTCracker for the awesome intro music!

    ====== Links ======
    Follow your hosts Rhynorater, rez0 and gr3pme on X:
    https://x.com/Rhynorater
    https://x.com/rez0__
    https://x.com/gr3pme

    Critical Research Lab:
    https://lab.ctbb.show/

    Need a Pentest? We just launched CTBB Pentests!
    https://pentest.ctbb.show/

    Hack full time? Check out the Full-Time Hunter’s Guild!
    https://ctbb.show/fthg

    ====== Ways to Support CTBBPodcast ======
    Hop on the CTBB Discord at https://ctbb.show/discord!

    We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

    You can also find some hacker swag at https://ctbb.show/merch!

    Today's Sponsor: Check out Zero Trust Cloud Access:
    https://www.threatlocker.com/capabilities/zero-trust-cloud-access

    ====== Timestamps ======
    (00:00:00) Introduction
    (00:04:57) Managing Hacker Motivation
    (00:10:45) Community, Competition, & Curosity
    (00:16:54) Using AI with Passion
    (00:23:10) The LHE Method & Sharing Wins
    (00:28:01) Video POCs, Scripts, & Talking about Bugs
    (00:40:49) Watching your health & stopping mid-hack
  • Critical Thinking - Bug Bounty Podcast

    Episode 178: 600k in ~3 months - BruteCat pt 2

    11/06/2026 | 1 h 23 min
    Episode 178: In this episode of Critical Thinking - Bug Bounty Podcast we’re back with BruteCat to finish up our discussion on hacking Google. This week we hit AI.

    Follow us on twitter at: https://x.com/ctbbpodcast
    Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
    Shoutout to YTCracker for the awesome intro music!

    ====== Links ======
    Follow your hosts Rhynorater, rez0 and gr3pme on X:
    https://x.com/Rhynorater
    https://x.com/rez0__
    https://x.com/gr3pme

    Critical Research Lab:
    https://lab.ctbb.show/

    Need a Pentest? We just launched CTBB Pentests!
    https://pentest.ctbb.show/

    Hack full time? Check out the Full-Time Hunter’s Guild!
    https://ctbb.show/fthg

    ====== Ways to Support CTBBPodcast ======
    Hop on the CTBB Discord at https://ctbb.show/discord!

    We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

    You can also find some hacker swag at https://ctbb.show/merch!

    Today’s Guest: https://x.com/brutecat

    ====== Resources ======
    Hacking Google with AI
    https://brutecat.com/articles/hacking-google-with-ai/

    ====== Timestamps ======
    (00:00:00) Introduction
    (00:03:07) Discovery Docs Refresher & AI at BugSWAT Mexico
    (00:30:49) Auth & Enumeration of Referer and Origin
    (00:45:59) Pwning Google Stories
    (01:09:32) Batch Execute & GraphQL
Plus de podcasts Technologies
À propos de Critical Thinking - Bug Bounty Podcast
A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.
Site web du podcast

Écoutez Critical Thinking - Bug Bounty Podcast, Underscore_ ou d'autres podcasts du monde entier - avec l'app de radio.fr

Obtenez l’app radio.fr
 gratuite

  • Ajout de radios et podcasts en favoris
  • Diffusion via Wi-Fi ou Bluetooth
  • Carplay & Android Auto compatibles
  • Et encore plus de fonctionnalités