logo
episode-header-image
Jan 2023
45m 57s

Episode 3: H1-407 Event Madness & Takeaw...

Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
About this episode

Episode 3: In this episode of Critical Thinking - Bug Bounty Podcast we talk about some of the interesting things we’ve learned from participating in HackerOne's H1-407 Live Hacking event. We cover decompiling binaries in various different languages, Windows URI Handlers, Caido, and SameSite Lax + POST.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Frans Rosen S3 Bucket Authorization Blog Post: https://labs.detectify.com/2018/08/02/bypassing-exploiting-bucket-upload-policies-signed-urls/

Getting code from executables:

ILSpy

DotPeek

Jadx-GUI

Pyinstxtractor

Uncompyle6

Jub0b’s SameSite Article:

https://jub0bs.com/posts/2021-01-29-great-samesite-confusion/

Mgeeky’s Powershell Script to Enumerate Windows App URI Handlers

https://gist.github.com/mgeeky/5a30a0619a7486b2fb0bd5233490fa64

Up next
Nov 20
Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains
<p>Episode 149: In this episode of Critical Thinking - Bug Bounty Podcast The DEFCON videos are up, and Justin and Joseph talk through some of their favorites.</p><p>Follow us on <a target="_blank" rel="noopener noreferrer nofollow" href="https://x.com/ctbbpodcast">X</a></p><p>Go ... Show More
1h 2m
Nov 13
Episode 148: MCP Hacking Guide
Episode 148: In this episode of Critical Thinking - Bug Bounty Podcast Justin gives us a crash course on Model Context Protocol.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io ... Show More
32m 26s
Nov 6
Episode 147: Stupid Simple Hacking Workflow Tips
Episode 147: In this episode of Critical Thinking - Bug Bounty Podcast we're talking tips and tricks that help us in hacking that we really should’ve learned sooner.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback ... Show More
58m 48s
Recommended Episodes
Dec 2022
Internet Booby Traps
<p>Today’s podcast features 3 separate, unique stories about the dangers of the internet. The audio from all three stories has been pulled from our main YouTube channel, which is just called "MrBallen," and has been remastered for today's podcast.</p><p>Story names, previews & li ... Show More
32m 55s
Feb 2024
Microsoft's New Direction with Copilot, Data Management & Retention, Tech Skills Shortage
<p style="font-weight: 400;">The Transformation Ground Control podcast covers a number of topics important to digital and business transformation. This episode covers the following topics and interviews:</p> <ol><li>Microsoft’s New Direction with Copilot, Q&amp;A (Darian Chwialko ... Show More
1h 54m
Jan 2024
Introducing On This Day in Working Class History: A new daily podcast from WCH
Introducing a brand-new daily podcast from the team at WCH. On This Day in Working Class History will be a brief reminder each morning of our collective struggles for a better world which have taken place on this date in history. Launching on 1 February on a trial basis, each epi ... Show More
2m 32s
Feb 2024
Episode 119 - Dart Squad (Ft. 1Dime)
<p>You are listening to this episode 1 week after it was released. To get episodes on time check out our Patreon!  <a href='https://www.patreon.com/posts/episode-103-ft-91756638'>Episode 1</a>20 is already available there: https://www.patreon.com/TheDeprogram<br/><br/>Check out h ... Show More
1h 16m
Feb 2024
E167: Nvidia smashes earnings (again), Google's Woke AI disaster, Groq's LPU breakthrough & more
(0:00) Bestie intros: Banana boat! (2:34) Nvidia smashes expectations again: understanding its terminal value and bull/bear cases in the context of the history of the internet (27:26) Groq's big week, training vs. inference, LPUs vs. GPUs, how to succeed in deep tech (49:37) Goog ... Show More
1h 20m
Feb 2024
WORST EXCUSES FOR CHEATING?! | EP 369 | ShxtsNGigs Podcast
<p>#Ad GRAB YOUR WHOOP NOW https://join.whoop.com/en-uk/SNG</p><br><p>SNG LIVE AT THE O2!!:</p><p>https://www.axs.com/uk/events/518134/shxtsngigs-tickets?skin=theo2</p><br><p><br></p><p>CHECK OUT JAMES' STREAMS:</p><p>https://www.twitch.tv/sng_james</p><br><p><br></p><br><p>This ... Show More
55m 52s
Feb 2024
Episode 108 - Diving into Amazon Q Builder with Clare Liguori
🚀 Dive into the world of AI with Morgan Willis, Principal Cloud Technologist for AWS, as she interviews Clare Liguori, a Senior Principal Software Engineer at AWS and one of the visionaries behind Amazon Q. Discover the secrets behind this groundbreaking Generative AI conversati ... Show More
48m 6s
Feb 2024
BTS | EP.148 - Valentine's Day Horror Stories ft ShxtsnGigs
Welcome to the Behind the Scenes podcast!Today we are joined by our first guests of the year...ShxtsnGigs!!Make sure you follow our page and like, comment, and share this episode with your friends and family if you enjoyed it! 0:00 - Intro02:13 - Who is Your Zaddy?10:55 - Dilemma ... Show More
1h 8m
Feb 2024
S3 Ep 12: Friday Bonus & More Film Pitches
First up, some news about Rom’s unsolvable internet problems, the many varieties of fibre, Tom’s blood test, late night eating, boring sandwiches and using abacuses. Then it’s onto the main event as we read out more of our listener’s Wolf & Owl film pitches. Thank so much for you ... Show More
35m 4s
Listen to millions of songs and podcasts on Anghami