Getting Live Hacking Event Invites & Bug Bounty Collab with Nagli (Ep. 49)
ฝัง
- เผยแพร่เมื่อ 16 มิ.ย. 2024
- Episode 49: In this episode of Critical Thinking - Bug Bounty Podcast, Justin Gardner is once again joined by Nagli to discuss some of their recent hacking discoveries. They talk about finding and exploiting a backup file in an ASP.NET app, discovering vulnerabilities through Swagger files, and debating the vulnerability of a specific ‘undisclosed’ domain. Then they reflect on 2023’s Live Hacking Event circuit, and preview what’s to come in 2024’s.
This episode sponsored by Wordfence! Wordfence recently launched a game-changer of a bug bounty program with ALL WordPress plugins over 50k installs are in-scope. They are currently paying 6.25x their normal bounty amounts, and have agreed to give CT listeners a 10% bonus on top of that! If you wanna pop some crits and see those bounties roll in, head over to ctbb.show/wf for more info and keep an eye on the CTBB Discord for inspiration/collabs.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater & Teknogeek on twitter:
====== Ways to Support CTBBPodcast ======
Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.
Hop on the CTBB Discord at ctbb.show/discord!
We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Today’s Guest
Episode Resources:
Shockwave
Why So Serial
New LHE Standards Dropped
Timestamps:
(00:00:00) Introduction
(00:02:37) wwwroot .zip Hack Recap
(00:13:44) Swagger File Hack Recap
(00:18:27) Undisclosed URL Hack Recap
(00:24:29) 2023 LHE Circut Recap
(00:37:14) 2024 LHE Preview and New Standards
(00:47:22) Bug Bounty Motivation - วิทยาศาสตร์และเทคโนโลยี
I love your final words, Justin about motivation in bug bounties... forcing yourself to start doing it and then from there you get curious about the target. It's gold. T.Y!!!
Peace!
This was super interesting!!!
It is always amazing to listen to you Justin. Thank you Nagli for sharing so much information. Keep up the great work. :)💯💯
Thanks Justin its very informative like my bug lol 😂
The mute button get's the best of them :)
Again an Interview? Talking is cheap, show me the Code! 🙀😿