logo
episode-header-image
Dec 2023
2h 24m

Episode 50: ­Mathias "Fall in a well" Ka...

Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
About this episode

Episode 50: In this episode of Critical Thinking - Bug Bounty Podcast, Justin catches up with hacking master Mathias Karlsson, and talks about burnout, collaboration, and the importance of specialization. Then we dive into the technical details of MXSS and XSLT, character encoding, and give some predictions of what Bug Bounty might look like in the future…

Follow us on twitter at: @ctbbpodcast

Send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

------ Ways to Support CTBBPodcast ------

Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.

Hop on the CTBB Discord!

We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Guest

Episode Resources

How to Differentiate Yourself as a Hunter

MutateMethods

hackaplaneten

Article About Unicode and Character Sets

Byte Order Mark:

Character Encodings

ShapeCatcher

WAF Bypass

BountyDash

EXPLOITING HTTP'S HIDDEN ATTACK-SURFACE

Timestamps:

(00:00:00) Introduction

(00:10:06) Automation Setup and Assetnote Origins

(00:16:49) Sharing Tips, and Content Creation

(00:22:27) Collaboration and Optimization

(00:36:44) Working at Detectify

(00:51:45) Bug Bounty Burnout

(00:56:15) Early Days of Bug Bounty and Future Predictions

(01:19:00) Nerdsnipeability

(01:29:38) MXSS and XSLT

(01:54:20) Learning through being wrong

(02:00:15) Go-to Vulns

Up next
Oct 9
Episode 143: New Cohost + Client-Side Gadgets, LHE Meta — Instant Global Admin in Entra!
Episode 143: In this episode of Critical Thinking - Bug Bounty Podcast Justin brings Brandyn back to announce him as our newest co-host. We chat about recent LHE experiences, and then break down some news. Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and sugges ... Show More
1h 4m
Oct 2
Episode 142: Gr3pme's Full-Time Hunting Journey Update, Insane AI research, And Some Light News
Episode 142: In this episode of Critical Thinking - Bug Bounty Podcast Rez0 and Gr3pme join forces to discuss Websocket research, Meta’s $111750 Bug, PROMISQROUTE, and the opportunities afforded by going full time in Bug Bounty.Follow us on twitter at: https://x.com/ctbbpodcastGo ... Show More
54m 50s
Sep 25
Episode 141: Hacking the Pod - Google Docs 0-day & React CreateElement Exploits with Nick Copi (7urb0)
Episode 141: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Nick Copi to talk about CSPT, React, CSS Injections and how Nick hacked the pod.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any f ... Show More
1h 23m
Recommended Episodes
Feb 2024
TIP609: Fooled by Randomness by Nassim Taleb
On today’s episode, Clay reviews Nassim Taleb’s book – Fooled by Randomness.Nassim Taleb is a Lebanon-born American mathematician and statistician whose work concerns problems of randomness, probability, and uncertainty. He’s very well known for his popular books, including The B ... Show More
1 h
Feb 2024
730: Own Your Own PaaS
Scott and Wes talk about the benefits of owning your own PaaS (platform as a service), the main alternatives in the space, and ways to make passion projects more financially viable. Show Notes 00:00 Welcome to Syntax! 01:12 Brought to you by Sentry.io. 01:56 What is a PaaS? NGINX ... Show More
57m 58s
Nov 2023
Milli Vanilli Unsynced w/Luke & Patrick - Just Shoot It 399
Director Luke Korem is back on the pod! Matt & Oren chat with him and editor Patrick Berry about their new Paramount+ documentary, Milli Vanilli! Matt's Endorsement: Cuisinart Digital Gooseneck KettleOren's Endorsement: Polycam's Room ModeLuke's Endorsement: Nekteck Shiatsu Neck ... Show More
1h 5m
Feb 2024
#723: In Case You Missed It: January 2024 Recap of "The Tim Ferriss Show"
This episode is brought to you by 5-Bullet Friday, my very own email newsletter.Welcome to another episode of The Tim Ferriss Show, where it is my job to deconstruct world-class performers to tease out the routines, habits, et cetera that you can apply to your own life. This is a ... Show More
48m 19s
Feb 2024
The Suffolk Strangler / Steve Wright - Part 2
PLEASE LISTEN TO ‘SEASON 8 - EPISODE 44’ FOR PART ONE OF THIS TWO-PART CASE. The bodies of five vulnerable women who went missing from the streets of Ipswich were found over a ten-day period. Suffolk Police launched the most extensive investigation in the force's history, and wit ... Show More
1 h
Feb 2024
TIP610: Mastermind Q1, 2024 w/ Tobias Carlisle and Hari Ramachandra
In today's episode, Stig Brodersen speaks to Tobias Carlisle and Hari Ramachandra. Stig only owns five individual stocks, and in this episode, he outlines why he is still bullish on Spotify. Hari’s pick, Disney, has recently been extremely volatile, and Tobias pitches Mueller Ind ... Show More
1h 26m
Feb 2024
S3 Ep 12: Friday Bonus & More Film Pitches
First up, some news about Rom’s unsolvable internet problems, the many varieties of fibre, Tom’s blood test, late night eating, boring sandwiches and using abacuses. Then it’s onto the main event as we read out more of our listener’s Wolf & Owl film pitches. Thank so much for you ... Show More
34m 34s
Sep 2023
Journeying With Throat Chakra Blockages + Powerful Practices
Text me your thoughts/questionsHello Magical Human & welcome back 🪷🫧 In this episode, I get vulnerable with you and share what I have been learning about my body and more specifically, throat chakra and its impact on your life. I share my deeper encounters with the Chakra syste ... Show More
23m 53s
Feb 2024
Somatic Tools for Self-Regulation with Elizabeth Ferreira
One of the most important skills we can learn is how to regulate ourselves, riding the emotional waves without either ignoring or being overwhelmed by them. Associate therapist Elizabeth Ferreira joins Forrest to explore how we can feel our feelings while staying calm, collected, ... Show More
1h 4m
Listen to millions of songs and podcasts on Anghami