Critical Thinking - Bug Bounty Podcast

By: Justin Gardner (Rhynorater) & Joel Margolis (teknogeek)
  • Summary

  • A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.

    Critical Thinking Podcast
    Show more Show less
activate_Holiday_promo_in_buybox_DT_T2
Episodes
  • Episode 103: Getting ANSI about Unicode Normalization
    Dec 26 2024

    Episode 103: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph delve into the vulnerabilities associated with ANSI codes and large language models (LLMs), as well as talk through some new research and the value of micro-blogging in general.

    Follow us on twitter at: @ctbbpodcast

    We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

    Shoutout to YTCracker for the awesome intro music!

    ------ Ways to Support CTBBPodcast ------

    Hop on the CTBB Discord!

    We offer Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

    Check out our new SWAG store!

    Join our Shift waitlist!

    Today’s Sponsor - ThreatLocker. Check out their Elevation Control! https://www.criticalthinkingpodcast.io/tl-ec

    Resources

    _json Juggling Attack

    Cross-Site POST Requests Without a Content-Type Header

    Worst Fit

    Orange Tsai on Worst Fit

    Handling Cookies is a Minefield

    Terminal DiLLMa

    XS-Leaking flags with CSS: A CTFd 0day

    Hacking Back the AI-Hacker

    Johann Computer use demo

    How I Became The Most Valuable Hacker

    Timestamps

    (00:00:00) Introduction

    (00:01:39) _json Juggling Attack and Cross-Site POST Requests Without a Content-Type Header

    (00:10:55) Worst Fit and Unicode Mapping

    (00:20:08) Handling Cookies is a Minefield

    (00:28:11) Terminal DiLLMa & CTFd 0day

    (00:41:18) Hacking Back the AI-Hacker

    (00:47:30) Becoming Most Valuable Hacker

    Show more Show less
    1 hr and 1 min
  • Episode 102: Building Web Hacking Micro Agents with Jason Haddix
    Dec 19 2024

    Episode 102: In this episode of Critical Thinking - Bug Bounty Podcast Justin grabs Jason Haddix to help brainstorm the concept of AI micro-agents in hacking, particularly in terms of web fuzzing, WAF bypasses, report writing, and more.They discuss the importance of contextual knowledge, the cost implications, and the strengths of different LLM Models.

    Follow us on twitter at: @ctbbpodcast

    We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

    Shoutout to YTCracker for the awesome intro music!

    ------ Links ------

    Follow your hosts Rhynorater & Teknogeek on twitter:

    https://twitter.com/0xteknogeek

    https://twitter.com/rhynorater

    ------ Ways to Support CTBBPodcast ------

    Hop on the CTBB Discord at https://ctbb.show/discord!

    We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

    Check out our new SWAG store at https://ctbb.show/swag!

    Today’s Guest - https://x.com/Jhaddix

    Resources

    Keynote: Red, Blue, and Purple AI - Jason Haddix

    https://www.youtube.com/watch?v=XHeTn7uWVQM

    Attention in transformers,

    https://www.youtube.com/watch?v=eMlx5fFNoYc

    Shift

    https://shiftwaitlist.com/

    The Darkest Side of Bug Bounty

    https://www.youtube.com/watch?v=6SNy0u6pYOc

    Timestamps

    (00:00:00) Introduction

    (00:01:25) Micro-agents and Weird Machine Tricks

    (00:11:05) Web fuzzing with AI

    (00:18:15) Brainstorming Shift and micro-agents

    (00:34:40) Strengths of different AI Models, and using AI to write reports

    (00:54:21) The Darkest Side of Bug Bounty

    Show more Show less
    1 hr and 3 mins
  • Episode 101: CTBB Hijacked: Rez0__ on AI Attack Vectors with Johann Rehberger
    Dec 12 2024

    Episode 101: In this episode of Critical Thinking - Bug Bounty Podcast we’ve been hijacked! Rez0 takes control of this episode, and sits down with Johann Rehberger to discuss the intricacies of AI application vulnerabilities. They talk through the importance of understanding system prompts, and various obfuscation techniques used to bypass security measures, the best AI platforms, and the evolving landscape of AI security.

    Follow us on twitter at: @ctbbpodcast

    We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

    Shoutout to YTCracker for the awesome intro music!

    ------ Links ------

    Follow your hosts Rhynorater & Teknogeek on twitter:

    https://twitter.com/0xteknogeek

    https://twitter.com/rhynorater

    ------ Ways to Support CTBBPodcast ------

    Hop on the CTBB Discord at https://ctbb.show/discord!

    We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

    Today’s Sponsor - ThreatLocker. Check out their Elevation Control! https://www.criticalthinkingpodcast.io/tl-ec

    Today’s Guest: https://x.com/wunderwuzzi23

    Resources

    Johann's blog

    https://embracethered.com/blog/

    zombais

    https://embracethered.com/blog/posts/2024/claude-computer-use-c2-the-zombais-are-coming/

    Copirate

    https://embracethered.com/blog/posts/2024/m365-copilot-prompt-injection-tool-invocation-and-data-exfil-using-ascii-smuggling/

    Timestamps

    (00:00:00) Introduction

    (00:01:59) Biggest things to look for in AI hacking

    (00:11:58) Best AI companies to hack on

    (00:15:59) URL Redirects and Obfuscation Techniques

    (00:24:05) Copirate

    (00:35:50) prompt injection guardrails and threats

    Show more Show less
    51 mins

What listeners say about Critical Thinking - Bug Bounty Podcast

Average customer ratings
Overall
  • 5 out of 5 stars
  • 5 Stars
    2
  • 4 Stars
    0
  • 3 Stars
    0
  • 2 Stars
    0
  • 1 Stars
    0
Performance
  • 5 out of 5 stars
  • 5 Stars
    2
  • 4 Stars
    0
  • 3 Stars
    0
  • 2 Stars
    0
  • 1 Stars
    0
Story
  • 5 out of 5 stars
  • 5 Stars
    2
  • 4 Stars
    0
  • 3 Stars
    0
  • 2 Stars
    0
  • 1 Stars
    0

Reviews - Please select the tabs below to change the source of reviews.

Sort by:
Filter by:
  • Overall
    5 out of 5 stars
  • Performance
    5 out of 5 stars
  • Story
    5 out of 5 stars

great information

as someone who is still very new to the industry, I like listening to this podcast as I find the information very useful

Something went wrong. Please try again in a few minutes.

You voted on this review!

You reported this review!