logo
episode-header-image
Jul 2024
2h 4m

Episode 81: Crushing Client-Side on Any ...

Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
About this episode

Episode 81: In this episode of Critical Thinking - Bug Bounty Podcast Justin is joined by MatanBer to go over some recent bug reports, as well as share some tips and tricks on client-side hacking and using DevTools effectively.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Sponsor - ThreatLocker

Today’s Guest: https://x.com/MtnBer

Resources:

Beyond XSS

https://aszx87410.github.io/beyond-xss/en/

Web VSCode XSS

https://gitlab.com/gitlab-org/gitlab/-/issues/461328

Timestamps

(00:00:00) Introduction

(00:05:24) Learning and Labs

(00:17:29) DevTools tips and tricks

(00:49:49) General Client-Side hacking tips

(01:09:59) Self-XSS Storytime

(01:32:16) Bug Reports

(01:46:37) Brainstorming a Client-side HUD

Up next
Yesterday
Episode 143: New Cohost + Client-Side Gadgets, LHE Meta — Instant Global Admin in Entra!
Episode 143: In this episode of Critical Thinking - Bug Bounty Podcast Justin brings Brandyn back to announce him as our newest co-host. We chat about recent LHE experiences, and then break down some news. Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and sugges ... Show More
1h 4m
Oct 2
Episode 142: Gr3pme's Full-Time Hunting Journey Update, Insane AI research, And Some Light News
Episode 142: In this episode of Critical Thinking - Bug Bounty Podcast Rez0 and Gr3pme join forces to discuss Websocket research, Meta’s $111750 Bug, PROMISQROUTE, and the opportunities afforded by going full time in Bug Bounty.Follow us on twitter at: https://x.com/ctbbpodcastGo ... Show More
54m 50s
Sep 25
Episode 141: Hacking the Pod - Google Docs 0-day & React CreateElement Exploits with Nick Copi (7urb0)
Episode 141: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Nick Copi to talk about CSPT, React, CSS Injections and how Nick hacked the pod.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any f ... Show More
1h 23m
Recommended Episodes
Sep 2
Blizzard warning: Amazon freezes midnight hack.
Researchers disrupt a cyber campaign by Russia’s Midnight Blizzard. The Salesloft Drift breach continues to ripple outward. WhatsApp patches a critical flaw in its iOS and Mac apps. A fake PDF editing tool delivers the TamperChef infostealer. A hacker finds crash data Tesla claim ... Show More
32m 11s
Aug 13
How to Prompt GPT-5
Nearly a week into the GPT-5 era, users are still divided on its quality—but one thing’s clear: it’s more steerable than any previous model, and prompts make or break results. In this episode, we cut through the debate and share 11 practical prompting techniques you can use right ... Show More
29m 42s
Mar 2016
Episode 214: 214: Atrophic Cohost
Sean, Kyle, and a chorus of small frogs discuss the Game Developers Conference, eating alone, atrophic organs, Slack vs Basecamp, the cost of abstractions, and tips for adding new team members. Braintree: An easy way to accept multiple payment types with one integration. Quick, k ... Show More
1h 23m
Sep 23
178: The One Skill That Makes You More Valuable Than Senior Analysts (ft. Mike Cisneros)
Data storytelling matters more than ever. If you have the ability to make your analysis understood—and acted on—it can make you more valuable than analysts with twice your experience. In this episode, Mike Cisneros walks us through his practical, tactical playbook to turn good an ... Show More
37m 3s
Feb 2025
The masterminds behind a $1.5 billion heist.
FBI attributes $1.5 billion Bybit hack to DPRK hackers. Cellebrite suspends services in Serbia following allegations of misuse. A Belgium spy agency is hacked. New groups, bigger attacks. Sticky Werewolf strikes again. US DNI orders legal review of UK's request for iCloud backdoo ... Show More
33m 8s
Sep 14
455: The Chicken Killer | The Official Podcast
Get 25% off HelixSleep sitewide: go to https://www.helixsleep.com/official Get 25% off your Fitbod subscription or try the app for free: go to https://www.fitbod.me/official Get additional episodes and bonus content with early access (try now with 7 DAYS FREE): go to https://www. ... Show More
1h 41m
Aug 10
The Battle for 5th! Mid-season Review 2025
Spanners, Stevens and Stuffey kick off the summer break in style as they dig into the stats to rate the rookies and then crown the best of the rest in this, the latest episode of Missed Apex Podcast! ⭐Missed Apex Tik Tokhttps://www.tiktok.com/@missedapexf1⭐ Spanners https://x.com ... Show More
1h 19m
Listen to millions of songs and podcasts on Anghami