Episode 168: In this episode of Critical Thinking - Bug Bounty Podcast we’re getting a visit from the XSS Doctor. Jonathan joins us to go through his Client-side workflow, run labs, and diagnose some bugs live. Follow us on twitter at: <a href="https://x.com/ctbbpodcast" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/ctbbpodcast</a>Got any ideas and suggestions? Feel free to send us any feedback here: <a href="mailto:info@criticalthinkingpodcast.io" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">info@criticalthinkingpodcast.io</a>Shoutout to<a href="https://twitter.com/realytcracker" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"> YTCracker</a> for the awesome intro music! ====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X:&nbsp;<a href="https://x.com/Rhynorater" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/Rhynorater</a><a href="https://x.com/rez0__" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/rez0__</a><a href="https://x.com/gr3pme" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/gr3pme</a> Critical Research Lab:<a href="https://lab.ctbb.show/" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://lab.ctbb.show/</a>&nbsp; ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at <a href="https://ctbb.show/discord" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://ctbb.show/discord</a>! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at <a href="https://ctbb.show/merch" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://ctbb.show/merch</a>! Today’s Guest: https://x.com/xssdoctor ====== Resources ====== The Dot-Dot-Slash That Frameworks Hand You: CSPT Across Every Major Frontend Frameworkhttps://lab.ctbb.show/research/the-dot-dot-slash-that-frameworks-hand-you URL validation bypass cheat sheet<a href="https://portswigger.net/web-security/ssrf/url-validation-bypass-cheat-sheet" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://portswigger.net/web-security/ssrf/url-validation-bypass-cheat-sheet</a> ====== Timestamps ======(00:00:00) Introduction(00:01:37) Home Automation AI Hack &amp; E-signature bug stories(00:12:15) E-signature bug(00:17:01) XSS DR Intro and Bug Bounty Journey(00:31:51) CSPT Workflows(01:07:57) Wildcard Path Parameters&nbsp;(01:30:34) Custom Sinks

<description>&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Episode 168: In this episode of Critical Thinking - Bug Bounty Podcast we’re getting a visit from the XSS Doctor. Jonathan joins us to go through his Client-side workflow, run labs, and diagnose some bugs live.&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Follow us on twitter at: &lt;/span&gt;&lt;a href="https://x.com/ctbbpodcast" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/ctbbpodcast&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Got any ideas and suggestions? Feel free to send us any feedback here: &lt;/span&gt;&lt;a href="mailto:info@criticalthinkingpodcast.io" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;info@criticalthinkingpodcast.io&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Shoutout to&lt;/span&gt;&lt;a href="https://twitter.com/realytcracker" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt; YTCracker&lt;/a&gt;&lt;span style="background-color: transparent;"&gt; for the awesome intro music!&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Links ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Follow your hosts Rhynorater, rez0 and gr3pme on X:&amp;nbsp;&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/Rhynorater" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/Rhynorater&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/rez0__" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/rez0__&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/gr3pme" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/gr3pme&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Critical Research Lab:&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://lab.ctbb.show/" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://lab.ctbb.show/&lt;/a&gt;&lt;span style="background-color: transparent;"&gt;&amp;nbsp;&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Ways to Support CTBBPodcast ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Hop on the CTBB Discord at &lt;/span&gt;&lt;a href="https://ctbb.show/discord" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://ctbb.show/discord&lt;/a&gt;&lt;span style="background-color: transparent;"&gt;!&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;You can also find some hacker swag at &lt;/span&gt;&lt;a href="https://ctbb.show/merch" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://ctbb.show/merch&lt;/a&gt;&lt;span style="background-color: transparent;"&gt;!&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Today’s Guest: https://x.com/xssdoctor&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Resources ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="color: rgb(13, 13, 13);"&gt;The Dot-Dot-Slash That Frameworks Hand You: CSPT Across Every Major Frontend Framework&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="color: rgb(13, 13, 13);"&gt;https://lab.ctbb.show/research/the-dot-dot-slash-that-frameworks-hand-you&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;URL validation bypass cheat sheet&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://portswigger.net/web-security/ssrf/url-validation-bypass-cheat-sheet" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://portswigger.net/web-security/ssrf/url-validation-bypass-cheat-sheet&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Timestamps ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:00:00) Introduction&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:01:37) Home Automation AI Hack &amp;amp; E-signature bug stories&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:12:15) E-signature bug&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:17:01) XSS DR Intro and Bug Bounty Journey&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:31:51) CSPT Workflows&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(01:07:57) Wildcard Path Parameters&amp;nbsp;&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(01:30:34) Custom Sinks&lt;/span&gt;&lt;/p&gt;</description>

Episode 168: In this episode of Critical Thinking - Bug Bounty Podcast we’re getting a visit from the XSS Doctor. Jonathan joins us to go through his Client-side workflow, run labs, and diagnose some bugs live.Follow us on twitter at: https://x.com...

Episode 168: XSSDoctor - Client-side Path Traversal Research

Episode 167: In this episode of Critical Thinking - Bug Bounty Podcast we welcome Valeriy Shevchenko to talk about program management, anchor programs, and Theft in Bug Bounty. Follow us on twitter at: <a href="https://x.com/ctbbpodcast" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/ctbbpodcast</a>Got any ideas and suggestions? Feel free to send us any feedback here: <a href="mailto:info@criticalthinkingpodcast.io" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">info@criticalthinkingpodcast.io</a>Shoutout to<a href="https://twitter.com/realytcracker" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"> YTCracker</a> for the awesome intro music! ====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X:&nbsp;<a href="https://x.com/Rhynorater" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/Rhynorater</a><a href="https://x.com/rez0__" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/rez0__</a><a href="https://x.com/gr3pme" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/gr3pme</a> Critical Research Lab:<a href="https://lab.ctbb.show/" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://lab.ctbb.show/</a>&nbsp; ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at <a href="https://ctbb.show/discord" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://ctbb.show/discord</a>! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at <a href="https://ctbb.show/merch" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://ctbb.show/merch</a>! Today's Sponsor: Check out ThreatLocker Ringfencing<a href="https://www.criticalthinkingpodcast.io/tl-rf" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://www.criticalthinkingpodcast.io/tl-rf</a> Today’s Guest: <a href="https://x.com/Krevetk0Valeriy" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/Krevetk0Valeriy</a> ====== This Week in Bug Bounty ====== HackerOne’s Bug Bounty Maturity Framework:<a href="https://www.hackerone.com/blog/program-maturity-framework-bug-bounty-operations" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://www.hackerone.com/blog/program-maturity-framework-bug-bounty-operations</a> Intigriti is hiring a Product Security Analyst<a href="https://jobs.criticalthinkingpodcast.io/jobs/product-security-analyst-25ef4706" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://jobs.criticalthinkingpodcast.io/jobs/product-security-analyst-25ef4706</a> ====== Resources ====== Valeriy’s Blog<a href="https://krevetk0.medium.com/" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://krevetk0.medium.com/</a> ====== Timestamps ======(00:00:00) Introduction(00:03:15) Valeriy's Bug story(00:19:48) Anchor Programs and Bug Hunting Motivation(00:29:50) Stealing Bugs

<description>&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Episode 167: In this episode of Critical Thinking - Bug Bounty Podcast we welcome Valeriy Shevchenko to talk about program management, anchor programs, and Theft in Bug Bounty.&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Follow us on twitter at: &lt;/span&gt;&lt;a href="https://x.com/ctbbpodcast" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/ctbbpodcast&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Got any ideas and suggestions? Feel free to send us any feedback here: &lt;/span&gt;&lt;a href="mailto:info@criticalthinkingpodcast.io" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;info@criticalthinkingpodcast.io&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Shoutout to&lt;/span&gt;&lt;a href="https://twitter.com/realytcracker" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt; YTCracker&lt;/a&gt;&lt;span style="background-color: transparent;"&gt; for the awesome intro music!&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Links ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Follow your hosts Rhynorater, rez0 and gr3pme on X:&amp;nbsp;&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/Rhynorater" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/Rhynorater&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/rez0__" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/rez0__&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/gr3pme" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/gr3pme&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Critical Research Lab:&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://lab.ctbb.show/" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://lab.ctbb.show/&lt;/a&gt;&lt;span style="background-color: transparent;"&gt;&amp;nbsp;&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Ways to Support CTBBPodcast ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Hop on the CTBB Discord at &lt;/span&gt;&lt;a href="https://ctbb.show/discord" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://ctbb.show/discord&lt;/a&gt;&lt;span style="background-color: transparent;"&gt;!&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;You can also find some hacker swag at &lt;/span&gt;&lt;a href="https://ctbb.show/merch" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://ctbb.show/merch&lt;/a&gt;&lt;span style="background-color: transparent;"&gt;!&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Today's Sponsor: Check out ThreatLocker Ringfencing&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://www.criticalthinkingpodcast.io/tl-rf" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://www.criticalthinkingpodcast.io/tl-rf&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Today’s Guest: &lt;/span&gt;&lt;a href="https://x.com/Krevetk0Valeriy" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/Krevetk0Valeriy&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== This Week in Bug Bounty ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;HackerOne’s Bug Bounty Maturity Framework:&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://www.hackerone.com/blog/program-maturity-framework-bug-bounty-operations" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://www.hackerone.com/blog/program-maturity-framework-bug-bounty-operations&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Intigriti is hiring a Product Security Analyst&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://jobs.criticalthinkingpodcast.io/jobs/product-security-analyst-25ef4706" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://jobs.criticalthinkingpodcast.io/jobs/product-security-analyst-25ef4706&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Resources ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Valeriy’s Blog&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://krevetk0.medium.com/" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://krevetk0.medium.com/&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Timestamps ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:00:00) Introduction&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:03:15) Valeriy's Bug story&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:19:48) Anchor Programs and Bug Hunting Motivation&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:29:50) Stealing Bugs&lt;/span&gt;&lt;/p&gt;</description>

Episode 167: In this episode of Critical Thinking - Bug Bounty Podcast we welcome Valeriy Shevchenko to talk about program management, anchor programs, and Theft in Bug Bounty.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and sugg...

Episode 167: Stealing Bugs with Valeriy Shevchenko

Episode 166: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Rez0’s Claude Skill Secrets, when AI Generated reports fall apart, and agents vs filters. Follow us on twitter at: <a href="https://x.com/ctbbpodcast" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/ctbbpodcast</a>Got any ideas and suggestions? Feel free to send us any feedback here: <a href="mailto:info@criticalthinkingpodcast.io" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">info@criticalthinkingpodcast.io</a>Shoutout to<a href="https://twitter.com/realytcracker" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"> YTCracker</a> for the awesome intro music! ====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X:&nbsp;<a href="https://x.com/Rhynorater" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/Rhynorater</a><a href="https://x.com/rez0__" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/rez0__</a><a href="https://x.com/gr3pme" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/gr3pme</a> Critical Research Lab:<a href="https://lab.ctbb.show/" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://lab.ctbb.show/</a>&nbsp; ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at <a href="https://ctbb.show/discord" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://ctbb.show/discord</a>! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at <a href="https://ctbb.show/merch" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://ctbb.show/merch</a>! Today’s Sponsor: Adobe ====== This Week in Bug Bounty ====== Intigriti launched their ambassadors program. <a href="https://www.intigriti.com/ambassador" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://www.intigriti.com/ambassador</a> Adobe will be at Hack The Bay<a href="https://www.hackthebay.org/" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://www.hackthebay.org/</a> Bug Bounty Maturity Framework<a href="https://bugbountymaturity.com/" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://bugbountymaturity.com/</a> ====== Resources ======h1-brain<a href="https://github.com/PatrikFehrenbach/h1-brain" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://github.com/PatrikFehrenbach/h1-brain</a> caido skills<a href="http://github.com/caido/skills" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">http://github.com/caido/skills</a> Tweet from Karpathy<a href="https://x.com/karpathy/status/2031767720933634100?s=20" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/karpathy/status/2031767720933634100?s=20</a> Find every inefficiency in your Claude workflow with one prompt<a href="https://x.com/shannholmberg/status/2030605364421595468" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/shannholmberg/status/2030605364421595468</a> ====== Timestamps ======(00:00:00) Introduction(00:08:28) Claude skills(00:30:00) How AI Generated reports fall apart(00:38:44) Orchestration(00:49:10) Agents vs Folders

<description>&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Episode 166: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Rez0’s Claude Skill Secrets, when AI Generated reports fall apart, and agents vs filters.&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Follow us on twitter at: &lt;/span&gt;&lt;a href="https://x.com/ctbbpodcast" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/ctbbpodcast&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Got any ideas and suggestions? Feel free to send us any feedback here: &lt;/span&gt;&lt;a href="mailto:info@criticalthinkingpodcast.io" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;info@criticalthinkingpodcast.io&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Shoutout to&lt;/span&gt;&lt;a href="https://twitter.com/realytcracker" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt; YTCracker&lt;/a&gt;&lt;span style="background-color: transparent;"&gt; for the awesome intro music!&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Links ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Follow your hosts Rhynorater, rez0 and gr3pme on X:&amp;nbsp;&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/Rhynorater" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/Rhynorater&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/rez0__" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/rez0__&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/gr3pme" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/gr3pme&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Critical Research Lab:&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://lab.ctbb.show/" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://lab.ctbb.show/&lt;/a&gt;&lt;span style="background-color: transparent;"&gt;&amp;nbsp;&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Ways to Support CTBBPodcast ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Hop on the CTBB Discord at &lt;/span&gt;&lt;a href="https://ctbb.show/discord" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://ctbb.show/discord&lt;/a&gt;&lt;span style="background-color: transparent;"&gt;!&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;You can also find some hacker swag at &lt;/span&gt;&lt;a href="https://ctbb.show/merch" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://ctbb.show/merch&lt;/a&gt;&lt;span style="background-color: transparent;"&gt;!&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Today’s Sponsor: Adobe&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== This Week in Bug Bounty ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Intigriti launched their ambassadors program. &lt;/span&gt;&lt;a href="https://www.intigriti.com/ambassador" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://www.intigriti.com/ambassador&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Adobe will be at Hack The Bay&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://www.hackthebay.org/" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://www.hackthebay.org/&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Bug Bounty Maturity Framework&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://bugbountymaturity.com/" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://bugbountymaturity.com/&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Resources ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;h1-brain&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://github.com/PatrikFehrenbach/h1-brain" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://github.com/PatrikFehrenbach/h1-brain&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;caido skills&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="http://github.com/caido/skills" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;http://github.com/caido/skills&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Tweet from Karpathy&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/karpathy/status/2031767720933634100?s=20" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/karpathy/status/2031767720933634100?s=20&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Find every inefficiency in your Claude workflow with one prompt&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/shannholmberg/status/2030605364421595468" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/shannholmberg/status/2030605364421595468&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Timestamps ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:00:00) Introduction&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:08:28) Claude skills&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:30:00) How AI Generated reports fall apart&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:38:44) Orchestration&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:49:10) Agents vs Folders&lt;/span&gt;&lt;/p&gt;</description>

Episode 166: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Rez0’s Claude Skill Secrets, when AI Generated reports fall apart, and agents vs filters.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and sugges...

Episode 166: Rez0’s Top Claude Skill Secrets 

Episode 165: In this episode of Critical Thinking - Bug Bounty Podcast Justin recaps his Zero Trust World experience, before we dive into Permissions issues client-side bugs, New Hardware Hacking Classes, and using AI to hack. Follow us on twitter at: <a href="https://x.com/ctbbpodcast" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/ctbbpodcast</a>Got any ideas and suggestions? Feel free to send us any feedback here: <a href="mailto:info@criticalthinkingpodcast.io" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">info@criticalthinkingpodcast.io</a>Shoutout to<a href="https://twitter.com/realytcracker" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"> YTCracker</a> for the awesome intro music! ====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X:&nbsp;<a href="https://x.com/Rhynorater" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/Rhynorater</a><a href="https://x.com/rez0__" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/rez0__</a><a href="https://x.com/gr3pme" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/gr3pme</a> Critical Research Lab:<a href="https://lab.ctbb.show/" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://lab.ctbb.show/</a>&nbsp; ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at <a href="https://ctbb.show/discord" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://ctbb.show/discord</a>! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at <a href="https://ctbb.show/merch" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://ctbb.show/merch</a>! Today's Sponsor: Check out ThreatLocker Ringfencing<a href="https://www.criticalthinkingpodcast.io/tl-rf" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://www.criticalthinkingpodcast.io/tl-rf</a> ====== Resources ====== bbscope Update<a href="https://x.com/sw33tLie/status/2029344643154919720" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/sw33tLie/status/2029344643154919720</a> Matt Brown's Youtube Channel<a href="https://www.youtube.com/channel/UC3VDCeZYZH7mCihtMVHqppw" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://www.youtube.com/channel/UC3VDCeZYZH7mCihtMVHqppw</a> Matt's Twitter:<a href="https://x.com/nmatt0" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/nmatt0</a> MCP server for HackerOne to search reports<a href="https://x.com/OriginalSicksec/status/2029503063095124461?s=20" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/OriginalSicksec/status/2029503063095124461?s=20</a> Caido Skills<a href="https://github.com/caido/skills" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://github.com/caido/skills</a> The Agentic Hacking Era: Ramblings and a Tool<a href="https://josephthacker.com/hacking/2026/03/06/the-agentic-hacking-era.html" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://josephthacker.com/hacking/2026/03/06/the-agentic-hacking-era.html</a> Announcing AI-driven Caido<a href="https://caido.io/blog/2026-03-06-caido-skill" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://caido.io/blog/2026-03-06-caido-skill</a> ====== Timestamps ======(00:00:00) Introduction(00:06:23) bbscope report dumping &amp; Matt Brown Training(00:13:10) MCP server for HackerOne to search reports &amp; protobuff success(00:24:24) Hacking Mics with Permissions issues client-side bugs(00:27:26) Can AI Hack things?

<description>&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Episode 165: In this episode of Critical Thinking - Bug Bounty Podcast Justin recaps his Zero Trust World experience, before we dive into Permissions issues client-side bugs, New Hardware Hacking Classes, and using AI to hack.&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Follow us on twitter at: &lt;/span&gt;&lt;a href="https://x.com/ctbbpodcast" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/ctbbpodcast&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Got any ideas and suggestions? Feel free to send us any feedback here: &lt;/span&gt;&lt;a href="mailto:info@criticalthinkingpodcast.io" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;info@criticalthinkingpodcast.io&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Shoutout to&lt;/span&gt;&lt;a href="https://twitter.com/realytcracker" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt; YTCracker&lt;/a&gt;&lt;span style="background-color: transparent;"&gt; for the awesome intro music!&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Links ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Follow your hosts Rhynorater, rez0 and gr3pme on X:&amp;nbsp;&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/Rhynorater" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/Rhynorater&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/rez0__" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/rez0__&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/gr3pme" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/gr3pme&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Critical Research Lab:&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://lab.ctbb.show/" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://lab.ctbb.show/&lt;/a&gt;&lt;span style="background-color: transparent;"&gt;&amp;nbsp;&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Ways to Support CTBBPodcast ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Hop on the CTBB Discord at &lt;/span&gt;&lt;a href="https://ctbb.show/discord" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://ctbb.show/discord&lt;/a&gt;&lt;span style="background-color: transparent;"&gt;!&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;You can also find some hacker swag at &lt;/span&gt;&lt;a href="https://ctbb.show/merch" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://ctbb.show/merch&lt;/a&gt;&lt;span style="background-color: transparent;"&gt;!&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Today's Sponsor: Check out ThreatLocker Ringfencing&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://www.criticalthinkingpodcast.io/tl-rf" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://www.criticalthinkingpodcast.io/tl-rf&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Resources ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;bbscope Update&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/sw33tLie/status/2029344643154919720" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/sw33tLie/status/2029344643154919720&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Matt Brown's Youtube Channel&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://www.youtube.com/channel/UC3VDCeZYZH7mCihtMVHqppw" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://www.youtube.com/channel/UC3VDCeZYZH7mCihtMVHqppw&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Matt's Twitter:&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/nmatt0" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/nmatt0&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;MCP server for HackerOne to search reports&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/OriginalSicksec/status/2029503063095124461?s=20" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/OriginalSicksec/status/2029503063095124461?s=20&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Caido Skills&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://github.com/caido/skills" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://github.com/caido/skills&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;The Agentic Hacking Era: Ramblings and a Tool&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://josephthacker.com/hacking/2026/03/06/the-agentic-hacking-era.html" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://josephthacker.com/hacking/2026/03/06/the-agentic-hacking-era.html&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Announcing AI-driven Caido&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://caido.io/blog/2026-03-06-caido-skill" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://caido.io/blog/2026-03-06-caido-skill&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Timestamps ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:00:00) Introduction&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:06:23) bbscope report dumping &amp;amp; Matt Brown Training&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:13:10) MCP server for HackerOne to search reports &amp;amp; protobuff success&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:24:24) Hacking Mics with Permissions issues client-side bugs&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:27:26) Can AI Hack things?&lt;/span&gt;&lt;/p&gt;</description>

Episode 165: In this episode of Critical Thinking - Bug Bounty Podcast Justin recaps his Zero Trust World experience, before we dive into Permissions issues client-side bugs, New Hardware Hacking Classes, and using AI to hack.Follow us on twitter a...

Episode 165: Protobuf Hacking, AI-Powered Bug Hunting, and Self-Improving Claude Workflows

Episode 164: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Tommy DeVoss to talk about his origin story, Yahoo bugs, and how Tommy first got Justin into Bug Bounty Follow us on twitter at: <a href="https://x.com/ctbbpodcast" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/ctbbpodcast</a>Got any ideas and suggestions? Feel free to send us any feedback here: <a href="mailto:info@criticalthinkingpodcast.io" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">info@criticalthinkingpodcast.io</a>Shoutout to<a href="https://twitter.com/realytcracker" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"> YTCracker</a> for the awesome intro music! ====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X:&nbsp;<a href="https://x.com/Rhynorater" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/Rhynorater</a><a href="https://x.com/rez0__" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/rez0__</a><a href="https://x.com/gr3pme" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/gr3pme</a> Critical Research Lab:<a href="https://lab.ctbb.show/" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://lab.ctbb.show/</a>&nbsp; ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at <a href="https://ctbb.show/discord" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://ctbb.show/discord</a>! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at <a href="https://ctbb.show/merch" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://ctbb.show/merch</a>! Today’s Guest: <a href="https://x.com/thedawgyg" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://x.com/thedawgyg</a> ====== This Week in Bug Bounty ====== Python pitfalls: Turning developer mistakes into vulnerabilities<a href="https://www.yeswehack.com/learn-bug-bounty/python-pitfalls-turning-developer-mistakes?utm_source=critical-thinking&amp;utm_medium=sponsored&amp;utm_campaign=article-research-python-pitfalls" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://www.yeswehack.com/learn-bug-bounty/python-pitfalls-turning-developer-mistakes?utm_source=critical-thinking&amp;utm_medium=sponsored&amp;utm_campaign=article-research-python-pitfalls</a> ====== Timestamps ======(00:00:00) Introduction(00:06:22) Yahoo SSRF(00:14:56) Tommy's Origin(00:44:10) Bug Bounty(00:51:47) SSRF Attraction, AI implementation, &amp; Browser Hacking

<description>&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Episode 164: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Tommy DeVoss to talk about his origin story, Yahoo bugs, and how Tommy first got Justin into Bug Bounty&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Follow us on twitter at: &lt;/span&gt;&lt;a href="https://x.com/ctbbpodcast" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/ctbbpodcast&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Got any ideas and suggestions? Feel free to send us any feedback here: &lt;/span&gt;&lt;a href="mailto:info@criticalthinkingpodcast.io" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;info@criticalthinkingpodcast.io&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Shoutout to&lt;/span&gt;&lt;a href="https://twitter.com/realytcracker" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt; YTCracker&lt;/a&gt;&lt;span style="background-color: transparent;"&gt; for the awesome intro music!&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Links ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Follow your hosts Rhynorater, rez0 and gr3pme on X:&amp;nbsp;&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/Rhynorater" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/Rhynorater&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/rez0__" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/rez0__&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://x.com/gr3pme" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/gr3pme&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Critical Research Lab:&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://lab.ctbb.show/" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://lab.ctbb.show/&lt;/a&gt;&lt;span style="background-color: transparent;"&gt;&amp;nbsp;&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Ways to Support CTBBPodcast ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Hop on the CTBB Discord at &lt;/span&gt;&lt;a href="https://ctbb.show/discord" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://ctbb.show/discord&lt;/a&gt;&lt;span style="background-color: transparent;"&gt;!&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;You can also find some hacker swag at &lt;/span&gt;&lt;a href="https://ctbb.show/merch" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://ctbb.show/merch&lt;/a&gt;&lt;span style="background-color: transparent;"&gt;!&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Today’s Guest: &lt;/span&gt;&lt;a href="https://x.com/thedawgyg" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://x.com/thedawgyg&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== This Week in Bug Bounty ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;Python pitfalls: Turning developer mistakes into vulnerabilities&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;a href="https://www.yeswehack.com/learn-bug-bounty/python-pitfalls-turning-developer-mistakes?utm_source=critical-thinking&amp;amp;utm_medium=sponsored&amp;amp;utm_campaign=article-research-python-pitfalls" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);"&gt;https://www.yeswehack.com/learn-bug-bounty/python-pitfalls-turning-developer-mistakes?utm_source=critical-thinking&amp;amp;utm_medium=sponsored&amp;amp;utm_campaign=article-research-python-pitfalls&lt;/a&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;====== Timestamps ======&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:00:00) Introduction&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:06:22) Yahoo SSRF&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:14:56) Tommy's Origin&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:44:10) Bug Bounty&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style="background-color: transparent;"&gt;(00:51:47) SSRF Attraction, AI implementation, &amp;amp; Browser Hacking&lt;/span&gt;&lt;/p&gt;</description>

Episode 164: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Tommy DeVoss to talk about his origin story, Yahoo bugs, and how Tommy first got Justin into Bug BountyFollow us on twitter at: https://x.com/ctbbpodcastGo...

Episode 164: Tommy DeVoss: From Black Hat to Bug Bounty LEGEND

A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.

Critical Thinking - Bug Bounty Podcast

Details

Recent Episodes