logo
episode-header-image
Jul 2024
2h 49m

Episode 80: Pwn2Own VS H1 Live Hacking E...

Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
About this episode

Episode 80: In this episode of Critical Thinking - Bug Bounty Podcast Justin is joined by Sina Kheirkhah to talk about the start of his hacking journey and explore the differences between the Pwn2Own and HackerOne Events

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Sponsor - ThreatLocker

Today’s Guest: https://x.com/SinSinology

Blog: https://sinsinology.medium.com/

Resources:

WhatsUp Gold Pre-Auth RCE

Advanced .NET Exploitation Training

dnSpyEx

QEMU

Unicorn Engine

Qiling

libAFL

Alex Plaskett interview

TippingPoint

Flashback Team

Timestamps:

(00:00:00) Introduction

(00:12:45) Learning, Mentorship, and Failure

(00:29:34) Pentesting and Pwn2Own

(00:40:05) Hacking methodology

(01:01:57) Debuggers and shells in IoT Devices

(01:35:40) Differences between ZDI and HackerOne

(02:02:27) Pwn2Own Steps and Stories

(02:14:06) Master of Pwn Title

(02:29:54) Bug reports

Up next
Today
Episode 143: New Cohost + Client-Side Gadgets, LHE Meta — Instant Global Admin in Entra!
Episode 143: In this episode of Critical Thinking - Bug Bounty Podcast Justin brings Brandyn back to announce him as our newest co-host. We chat about recent LHE experiences, and then break down some news. Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and sugges ... Show More
1h 4m
Oct 2
Episode 142: Gr3pme's Full-Time Hunting Journey Update, Insane AI research, And Some Light News
Episode 142: In this episode of Critical Thinking - Bug Bounty Podcast Rez0 and Gr3pme join forces to discuss Websocket research, Meta’s $111750 Bug, PROMISQROUTE, and the opportunities afforded by going full time in Bug Bounty.Follow us on twitter at: https://x.com/ctbbpodcastGo ... Show More
54m 50s
Sep 25
Episode 141: Hacking the Pod - Google Docs 0-day & React CreateElement Exploits with Nick Copi (7urb0)
Episode 141: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Nick Copi to talk about CSPT, React, CSS Injections and how Nick hacked the pod.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any f ... Show More
1h 23m
Recommended Episodes
Mar 2016
Episode 214: 214: Atrophic Cohost
Sean, Kyle, and a chorus of small frogs discuss the Game Developers Conference, eating alone, atrophic organs, Slack vs Basecamp, the cost of abstractions, and tips for adding new team members. Braintree: An easy way to accept multiple payment types with one integration. Quick, k ... Show More
1h 23m
Feb 2025
SN 1014: FREEDOM Administration Login - Apple's UK Privacy Showdown, $1.5 Billion Crypto Heist
Apple disables Advanced Data Protection for new UK users. Paying ransoms is not as cut and dried as we might imagine. Elon Musk's "X" social media blocks "Signal.me" links. Spain's soccer league blocks Cloudflare and causes a mess. Two new (and rare) vulnerabilities discovered in ... Show More
2h 39m
Sep 2
Blizzard warning: Amazon freezes midnight hack.
Researchers disrupt a cyber campaign by Russia’s Midnight Blizzard. The Salesloft Drift breach continues to ripple outward. WhatsApp patches a critical flaw in its iOS and Mac apps. A fake PDF editing tool delivers the TamperChef infostealer. A hacker finds crash data Tesla claim ... Show More
32m 11s
Sep 29
#521: Red Teaming LLMs and GenAI with PyRIT
English is now an API. Our apps read untrusted text; they follow instructions hidden in plain sight, and sometimes they turn that text into action. If you connect a model to tools or let it read documents from the wild, you have created a brand new attack surface. In this episode ... Show More
1h 2m
Jun 2024
Unlocking the Secrets of AI in Tech with April Yoho
Join hosts Charles William Carpenter III and Adam Argyle for a riveting episode of 'Whiskey Web and Whatnot' featuring guest April Yoho. Based in the UK and a seasoned developer advocate, April shares her extensive 25+ years of experience in tech while indulging in a tasting sess ... Show More
39m 44s
Sep 11
Inside OpenAI Enterprise: Forward Deployed Engineering, GPT-5, and More | BG2 Guest Interview
Open Source bi-weekly convo w/ Bill Gurley and Brad Gerstner on all things tech, markets, investing & capitalism. This week, guest host Altimeter’s Apoorv Agrawal explores how OpenAI is reshaping enterprise with Sherwin Wu, Head of Engineering OpenAI Platform, and Olivier Godemen ... Show More
1h 8m
Sep 14
455: The Chicken Killer | The Official Podcast
Get 25% off HelixSleep sitewide: go to https://www.helixsleep.com/official Get 25% off your Fitbod subscription or try the app for free: go to https://www.fitbod.me/official Get additional episodes and bonus content with early access (try now with 7 DAYS FREE): go to https://www. ... Show More
1h 41m
Listen to millions of songs and podcasts on Anghami