logo
episode-header-image
Mar 2024
58m 43s

Episode 62: Frontend Language Oddities

Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
About this episode

Episode 62: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel are back with some additional research resources that didn’t make the Portswigger Top-Ten, but that are worth looking at.

Follow us on twitter at: @ctbbpodcast

Feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Sign up for Caido using the referral code CTBBPODCAST for a 10% discount. 

Resources:

Cool HTML Shit

https://twitter.com/jcubic/status/1764311080661082201

https://twitter.com/encodeart/status/1764218128374943764

Bug bounty Hunting Journeys

https://twitter.com/ajxchapman/status/1762101366057525521

https://monkehacks.beehiiv.com/p/monkehacks-02

Yelp Cookie Bridge Report

Deobfuscating/Unminifying Obfuscated Code

ChatGPT Source Watch

Web Security Research Reddit

Nahamsec Resources

Portswigger Nominations list

Abusing perspectives: https://hackerone.com/reports/2401115

PortSwigger CSS Exfiltration

https://github.com/PortSwigger/css-exfiltration

Timestamps:

(00:00:00) Introduction

(00:02:06) Cool HTML Shit

(00:15:31) Bug Bounty Journeys

(00:28:01) Yelp Cookie Bridge Bug

(00:37:56) Additional Research Resources

(00:46:34) CSS and abusing perspectives

Up next
Today
Episode 130: Minecraft Hacks to Google Hacking Star - Valentino
Episode 130: In this episode of Critical Thinking - Bug Bounty Podcast Justin is joined by Valentino, who shares his journey from hacking Minecraft to becoming a Google hunter. He talks us through several bugs, including an HTML Sanitizer bypass and .NET deserialization, and high ... Show More
1h 8m
Jul 3
Episode 129: Is this how Bug Bounty Ends?
Episode 129: In this episode of Critical Thinking - Bug Bounty Podcast we chat about the future of hack bots and human-AI collaboration, the challenges posed by tokenization, and the need for cybersecurity professionals to adapt to the evolving landscape of hacking in the age of ... Show More
36m 14s
Jun 26
Episode 128: New Research in Blind SSRF and Self-XSS, and How to Architect Source-code Review AI Bots
Episode 128: In this episode of Critical Thinking - Bug Bounty Podcast we talking Blind SSRF and Self-XSS, as well as Reversing massive minified JS with AI and a wild Google Logo Ligature BugFollow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel fre ... Show More
58m 6s
Recommended Episodes
Mar 2024
Linux Kernel Scheduler Developer | David Vernet
The linux kernel is something we all use but have you ever thought about what goes into it, well today we've got David Vernet on the show who has spent quite a bit of time focusing on one aspect, that being the scheduler. =========Guest Links========== Twitch: https://www.twi ... Show More
1h 55m
Jun 2024
20 Years, 1000 Episodes: The Man Behind PodQuiz
We have another bonus episode! In this one, Andrew sits down and talks with James Carter from PodQuiz who began his popular trivia podcast back in 2005. He just published his 1000th episode so Andrew took the opportunity to pick his brain on how he comes up with his questions and ... Show More
59m 30s
Apr 2024
EPISODE 551 I Boloyi, Mamkhize, Kabza, Yeezy, Black Motion, Pleasure Tsa Manyalo, Peter Mashata
➡️ EVERYTHING PODCAST RELATED :https://linktr.ee/podcastwithmacg 🥇 BECOME A PATREON:https://www.patreon.com/podcastwithmacg ✅ PODCAST MEMBERSHIP : https://bit.ly/34FUKZj CONTACT US 📱EMAIL : PODCAST@THISISMACG.COM Meet The Team 🧑🏽 Host : @MacGUnleashed 👨🏽‍🏫 Co Host: @SolPhe ... Show More
1h 45m
Jul 2021
Diaries of an F1 Boss: Episode 19
Spanners and Trumpets are joined by ex-F1 team boss and Formula E Race promoter Matthew Carter as they discuss all the ways to make the aero department cry. From sprint races to the steward’s graces, from human performance to high cost hospitality, no revenue stream goes unlevera ... Show More
1h 30m
Jun 2024
How to Scale your Startup with Growth Levers: Matt Lerner
Sponsored by Brilliant - visit https://brilliant.org/DeepDive/ and the first 200 of you will get 20% off Brilliant's annual premium subscription. I’ve built a brand new community for like-minded people called Productivity Lab. We’ll have online classes, workshops, and coaching to ... Show More
2h 32m
May 2024
Can Your Law Firm’s Podcast Become a Go-To Legal Resource? With Alex Sanfilippo
In this episode, Alex Sanfilippo, founder of Podmatch.com, joins me to discuss strategies for leveraging podcasts effectively, especially for law firms seeking to become authoritative resources in their niche. He talks about the significance of podcasting in marketing strategies, ... Show More
46m 1s
Mar 2024
AI vs software devs
Daniel and Chris are out this week, so we’re bringing you conversations all about AI’s complicated relationship to software developers from other Changelog pods: JS Party, Go Time & The Changelog.Join the discussionChangelog++ members save 2 minutes on this episode because they m ... Show More
57 m
May 2024
Episode 78 | Loco Motions
Judge Aileen Cannon continues to complain– after much deliberation– about having to grant DoJ’s motions.  Trump’s lawyers deceive the court in their motion to dismiss by mischaracterizing the language in the Mar-a-Lago search warrant. Hearings on that got heated.  DoJ files a mot ... Show More
1h 9m
Feb 2024
Justin Drake & Ben Fisch: The United Rollups of Ethereum
In today’s episode, we do a shared sequencing deep dive with repeat guest, Mr. Moonmath himself, the Blockchain Brainiac, and the Ethereum Evangelist– Justin "The Juggernaut" Drake. Justin is joined by The Sultan of Sequencing, the Espresso Emperor, the Cross-Rollup Connoisseur h ... Show More
1h 40m
Listen to millions of songs and podcasts on Anghami