logo
episode-header-image
Jul 2024
1h 6m

Episode 78: Less Writing, More Hacking -...

Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
About this episode

Episode 78: In this episode of Critical Thinking - Bug Bounty Podcast we’re talking about writing reports. We share some tips that we’ve learned, and discuss ways that AI can (and can’t) help with that process. We also talk about the benefit of using tools like Fabric, Loom, and ShareX.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Sponsor - ThreatLocker

Resources:

XSS WAF Bypass by multi-char HTML entities

Shazzer

Next.js and cache poisoning

Nagli's Nuclei Template

hey why can't you fix this one bug

Justin's reporting templating software

Fabric

BB Report Formatter

2to3 Automated Python Converter

ShareX

Skitch

Timestamps:

(00:00:00) Introduction

(00:04:00) XSS WAF Bypass by Multi-char HTML Entities

(00:11:59) Next.js and Cache Poisoning

(00:18:03) Nagli's Nuclei Template and Sean Yeoh's Blog

(00:27:34) Report Writing and AI

(00:50:02) Reporting tips

Up next
Jul 3
Episode 129: Is this how Bug Bounty Ends?
Episode 129: In this episode of Critical Thinking - Bug Bounty Podcast we chat about the future of hack bots and human-AI collaboration, the challenges posed by tokenization, and the need for cybersecurity professionals to adapt to the evolving landscape of hacking in the age of ... Show More
36m 14s
Jun 26
Episode 128: New Research in Blind SSRF and Self-XSS, and How to Architect Source-code Review AI Bots
Episode 128: In this episode of Critical Thinking - Bug Bounty Podcast we talking Blind SSRF and Self-XSS, as well as Reversing massive minified JS with AI and a wild Google Logo Ligature BugFollow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel fre ... Show More
58m 6s
Jun 19
Episode 127: Drama, PDF as JS Chaos, Bounty Profile Apps, And More
Episode 127: In this episode of Critical Thinking - Bug Bounty Podcast we address some recent bug bounty controversy before jumping into a slew of news itemsFollow us on XShoutout to YTCracker for the awesome intro music!Today's Sponsor: Adobe====== This Week In Bug Bounty ====== ... Show More
1h 7m
Recommended Episodes
Jun 2024
How to Scale your Startup with Growth Levers: Matt Lerner
Sponsored by Brilliant - visit https://brilliant.org/DeepDive/ and the first 200 of you will get 20% off Brilliant's annual premium subscription. I’ve built a brand new community for like-minded people called Productivity Lab. We’ll have online classes, workshops, and coaching to ... Show More
2h 32m
Mar 2024
AI vs software devs
Daniel and Chris are out this week, so we’re bringing you conversations all about AI’s complicated relationship to software developers from other Changelog pods: JS Party, Go Time & The Changelog.Join the discussionChangelog++ members save 2 minutes on this episode because they m ... Show More
57 m
May 2024
763: Web Scraping + Reverse Engineering APIs
Web scraping 101! Dive into the world of web scraping with Scott and Wes as they explore everything from tooling setup and navigating protected routes to effective data management. In this Tasty Treat episode, you’ll gain invaluable insights and techniques to scrape (almost) any ... Show More
52m 33s
Jun 2024
BDTP. Hybrid Messaging Approach with Carolyn Beaudoin
Today we have another episode of Better Done Than Perfect. Listen in as we talk to Carolyn Beaudoin, co-founder of Boxcar Agency. You'll learn about their Hybrid One Reader approach, tips for structuring your homepage and dedicated solution pages, how to use customer call recordi ... Show More
47m 48s
Jun 2024
Ep. 306: Defusing AI Panic
One of the simmering concerns surrounding the current AI revolution is the fear that we might accidentally create an “alien mind” smarter than we expected. In this episode, Cal puts on his Computer Scientist hat and directly addresses this potential by sketching his emerging conc ... Show More
1h 42m
Oct 2023
Episode 97: Grey Alien in My Room
Stories in this episode: - Premonitions, by split09 - My Experience from Years Ago, by dtg1980 - Is Mind Control Real? by rodandtodd - I Used to See Things, by Lonely-Teaching-1913 - The Woman With No Face, by Professional-Date824 - A Shadow on the Road, by Pepper-Peacock - The W ... Show More
39m 14s
Jun 2024
20 Years, 1000 Episodes: The Man Behind PodQuiz
We have another bonus episode! In this one, Andrew sits down and talks with James Carter from PodQuiz who began his popular trivia podcast back in 2005. He just published his 1000th episode so Andrew took the opportunity to pick his brain on how he comes up with his questions and ... Show More
59m 30s
Jun 2024
Cloud Outages Rise & Other H1 2024 Internet Outage Trends
Believe it or not, we’re already about halfway through 2024. Looking at the outage data from this year so far, we see continued evolution, following patterns observed over the past few years. Notably, the percentage of cloud service provider (CSP) outages is still increasing—thou ... Show More
21m 30s
Mar 2024
Linux Kernel Scheduler Developer | David Vernet
The linux kernel is something we all use but have you ever thought about what goes into it, well today we've got David Vernet on the show who has spent quite a bit of time focusing on one aspect, that being the scheduler. =========Guest Links========== Twitch: https://www.twi ... Show More
1h 55m
Feb 2024
736: CJ Reynolds is Joining Syntax
Scott and Wes introduce Syntax’s new Senior Content Producer, CJ Reynolds, who will be creating video deep-dives and companion content for topics covered on the podcast. CJ, also known as the host of Coding Garden, shares his passions for web development, teaching and experimenti ... Show More
56m 49s
Listen to millions of songs and podcasts on Anghami