In this episode of the backend engineering show I go through the Extensible Prioritization Scheme for HTTP. This RFC addresses the problem in HTTP where the client prefers certain requests to be served before others. This RFC was designed by Lucas Pardue from Cloudflare and Kazoo Oku from Fastly. 0:00 The Request Priority Problem 13:00 How RFC 9218 addres ... Show More
Today
CPU and Kernel Page Faults
<p>Page faults occurs when the process tries to access a memory that isn’t backed by a physical page kernel raises a fault which loads a page. It happens on first access, stack expansion, COW, swap and much more. However it comes with a cost. </p><p><br /></p><p>In this episode o ... Show More
48m 37s
Nov 2020
HTTP Archive's 10th Anniversary
(November 19, 2020) Rick meets with Steve Souders, who created the HTTP Archive project 10 years ago this month, to talk about its origins and reflect on it's growth. They're also joined by Patrick Meenan, creator of WebPageTest and maintainer of HTTP Archive, along with Paul Cal ... Show More
48m 46s
Apr 2024
Episode 68: 0-days & HTMX-SS with Mathias
Episode 68: In this episode of Critical Thinking - Bug Bounty Podcast Mathias is back with some fresh HTMX research, including CSP bypass using HTMX triggers, converting client-side response header injection to XSS, bypassing HTMX disable, and the challenges of using HTMX in larg ... Show More
1h 3m
Jun 2022
Episode 042 - AWS Data Services with Lynn Langit
In this episode, Dave and Emily chat with Lynn Langit, a Cloud Architect, Teacher, and AWS Data Hero. Lynn walks through her journey to the cloud, understanding the need for different types of data, gives an excellent overview of the different AWS Data Services, and how you can g ... Show More
30m 1s
Feb 2023
Episode 7: PortSwigger Top 10, TruffleSecurity Drama, and More!
Episode 7: In this episode of Critical Thinking - Bug Bounty Podcast we talk about PortSwigger's Top 10 Web Hacking Techniques of 2022 (link below), some drama surrounding TruffleSecurity's XSS Hunter, and, as always, some great bug bounty tips.Sorry if the audio is a little roug ... Show More
56m 39s
Apr 2024
753: Cache Ruins Everything Around Me
Scott and Wes dive into the cache problem, tackling user-specific data and caching security. From marketing A/B testing to content negotiation, they explore various challenges and solutions, including different URL/query parameters, edge logic, and client-side caching.
Show Note ... Show More
24m 6s
Jun 2024
Episode 75: *Rerun* of The OG Bug Bounty King - Frans Rosen
Episode 75: In this episode of Critical Thinking - Bug Bounty Podcast, Justin and Joel are sick, So instead of a new full episode, we're going back 30 episodes to review.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback ... Show More
2h 44m
Nov 2023
Episode 43: Caido - The Up-And-Coming HTTP Proxy
Episode 43: In this episode of Critical Thinking - Bug Bounty Podcast, we're joined by Emile from Caido, who shares his journey into the bug bounty and ethical hacking world. We kick off with a hilarious incident involving Joel, a child on an airplane, and an unfortunate cough. W ... Show More
1 h
Mar 2024
Episode 64: .NET Remoting, CDN Attack Surface, and Recon vs Main App
Episode 64: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Justin and Joel delve into .NET remoting and how it can be exploited, a recent bypass in the Dom Purify library and some interesting functionality in the Cloudflare CDN-CGI endpoint. They also tou ... Show More
1h 8m