Episode 106: Announcing our new cohost...

Episode 106: In this episode of Critical Thinking - Bug Bounty Podcast we are pleased to announce our new co-host of the podcast: Joseph Thacker Aka Rez0! We discuss Joseph's transition to full-time bug bounty hunting, his goals, and what he’s looking forward to bringing to the pod. We also cover some news items including doubleclickjacking, character set attacks, SVG XSS, and more.Follow us on twitter at: @ctbbpodcastFeel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Rez0 on twitter:https://x.com/Rhynoraterhttps://x.com/rez0__------ Ways to Support CTBBPodcast ------Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Check out our new SWAG store at https://ctbb.show/swag!ResourcesDoubleClickjacking: A New Era of UI Redressinghttps://www.paulosyibelo.com/2024/12/doubleclickjacking-what.htmlXBOW Validation Benchmarkshttps://github.com/xbow-engineering/validation-benchmarksJorian tweethttps://x.com/J0R1AN/status/1871586792455163975Simplified Payloadhttps://portswigger-labs.net/xss/charset.php?x=%1b$B%1b(B%3Ca%20href=javas%1B(Jcript:alert(1)%3Etest%3C/a%3E&charset=SVG XSS Payloadhttps://x.com/garethheyes/status/1876953751245783534curl-cffihttps://pypi.org/project/curl-cffi/Bypassing File Upload Restrictions To Exploit CSPThttps://blog.doyensec.com/2025/01/09/cspt-file-upload.htmlAI-Crash-Coursehttps://github.com/henrythe9th/AI-Crash-Course?tab=readme-ov-fileTimestamps(00:00:00) Introduction(00:02:15) Rez0's journey to Full-time hunter, Tool developer, and new Co-host(00:21:04) DoubleClickjacking(00:31:48) XBOW Validation Benchmarks, Charset Thoughts, and SVG XSS(00:42:28) curl-cffi, CSPT, and AI Crash Course

There are no comments yet.

Please log in to write the first comment.