Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Вміст надано Justin Gardner (Rhynorater) & Joseph Thacker (Rez0), Justin Gardner (Rhynorater), and Joseph Thacker (Rez0). Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією Justin Gardner (Rhynorater) & Joseph Thacker (Rez0), Justin Gardner (Rhynorater), and Joseph Thacker (Rez0) або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.
Схожі до Critical Thinking - Bug Bounty Podcast
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Welcome to Hands-On Tech, where host Mikah Sargent turns tech troubles into tech triumphs. Each episode zooms in on a specific theme, unpacking listener questions with expert analysis and easy-to-follow advice. From decoding the latest gadgets to simplifying everyday tech, Mikah's got you covered. Submit your tech queries through email at [email protected] or via TWiT's social media. You might hear your question answered on air! And keep an ear out for guest experts who drop by to share their spec ...
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
We help founders make something people want.
…
continue reading
Redefining AI is the 2024 New York Digital Award winning tech podcast! Discover a whole new take on Artificial Intelligence in joining host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and ...
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Get the most out of your home theater with the latest advances, product reviews, and all things audio and video. Every Thursday, Scott Wilkinson shares his expertise, energy, and enthusiasm about how to make your A/V system sound and look its best. In this short-format podcast, Scott brings you news, reviews, interviews, and commentary, and answers your questions. You can join Club TWiT for $7 a month and get ad-free audio and video feeds for all our shows plus everything else the club offer ...
…
continue reading
Flash Forward is a show about possible (and not so possible) future scenarios. What would the warranty on a sex robot look like? How would diplomacy work if we couldn’t lie? Could there ever be a fecal transplant black market? (Complicated, it wouldn’t, and yes, respectively, in case you’re curious.) Hosted and produced by award winning science journalist Rose Eveleth, each episode combines audio drama and journalism to go deep on potential tomorrows, and uncovers what those futures might re ...
…
continue reading
Player FM - додаток Podcast
Переходьте в офлайн за допомогою програми Player FM !
Переходьте в офлайн за допомогою програми Player FM !
))
Episode 77: Bug Bounty Mental - Practical Tips for Staying Sharp & Motivated
Manage episode 425883246 series 3435922
Вміст надано Justin Gardner (Rhynorater) & Joseph Thacker (Rez0), Justin Gardner (Rhynorater), and Joseph Thacker (Rez0). Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією Justin Gardner (Rhynorater) & Joseph Thacker (Rez0), Justin Gardner (Rhynorater), and Joseph Thacker (Rez0) або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.
Episode 77: In this episode of Critical Thinking - Bug Bounty Podcast Joel and Justin discuss some fresh writeups including some MongoDB injections, ORMs, and exploits in Kakao and iOS before pivoting into a conversation about staying motivated and avoiding burnout while hunting.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
------ Ways to Support CTBBPodcast ------
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Resources:
MongoDB NoSQL Injection
https://soroush.me/blog/2024/06/mongodb-nosql-injection-with-aggregation-pipelines/
Mongo DB Is Web Scale
https://www.youtube.com/watch?v=b2F-DItXtZs
1-click Exploit in Kakao
https://stulle123.github.io/posts/kakaotalk-account-takeover/
Unsecure time-based secret and Sandwich Attack
https://www.aeth.cc/public/Article-Reset-Tolkien/secret-time-based-article-en.html
Reset Tolkien
https://github.com/AethliosIK/reset-tolkien
iOS URL Scheme Hijacking Revamped
https://evanconnelly.github.io/post/ios-oauth/
PLORMBING YOUR DJANGO ORM
https://www.elttam.com/blog/plormbing-your-django-orm/#content
Timestamps:
(00:00:00) Introduction
(00:02:07) MongoDB NoSQL Injection
(00:12:42) 1-click Exploit in Kakao
(00:33:21) Time-based secrets and Reset Tolkien
(00:39:26) iOS URL Scheme Hijacking Revamped
(00:51:42) ORMs
(00:58:57) Community Bug Submission
(01:07:45) Motivation, Mental Sharpness, and Burnout avoidance
108 епізодів
Поширити
Manage episode 425883246 series 3435922
Вміст надано Justin Gardner (Rhynorater) & Joseph Thacker (Rez0), Justin Gardner (Rhynorater), and Joseph Thacker (Rez0). Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією Justin Gardner (Rhynorater) & Joseph Thacker (Rez0), Justin Gardner (Rhynorater), and Joseph Thacker (Rez0) або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.
Episode 77: In this episode of Critical Thinking - Bug Bounty Podcast Joel and Justin discuss some fresh writeups including some MongoDB injections, ORMs, and exploits in Kakao and iOS before pivoting into a conversation about staying motivated and avoiding burnout while hunting.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
------ Ways to Support CTBBPodcast ------
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Resources:
MongoDB NoSQL Injection
https://soroush.me/blog/2024/06/mongodb-nosql-injection-with-aggregation-pipelines/
Mongo DB Is Web Scale
https://www.youtube.com/watch?v=b2F-DItXtZs
1-click Exploit in Kakao
https://stulle123.github.io/posts/kakaotalk-account-takeover/
Unsecure time-based secret and Sandwich Attack
https://www.aeth.cc/public/Article-Reset-Tolkien/secret-time-based-article-en.html
Reset Tolkien
https://github.com/AethliosIK/reset-tolkien
iOS URL Scheme Hijacking Revamped
https://evanconnelly.github.io/post/ios-oauth/
PLORMBING YOUR DJANGO ORM
https://www.elttam.com/blog/plormbing-your-django-orm/#content
Timestamps:
(00:00:00) Introduction
(00:02:07) MongoDB NoSQL Injection
(00:12:42) 1-click Exploit in Kakao
(00:33:21) Time-based secrets and Reset Tolkien
(00:39:26) iOS URL Scheme Hijacking Revamped
(00:51:42) ORMs
(00:58:57) Community Bug Submission
(01:07:45) Motivation, Mental Sharpness, and Burnout avoidance
108 епізодів
Усі епізоди
×
Ласкаво просимо до Player FM!
Player FM сканує Інтернет для отримання високоякісних подкастів, щоб ви могли насолоджуватися ними зараз. Це найкращий додаток для подкастів, який працює на Android, iPhone і веб-сторінці. Реєстрація для синхронізації підписок між пристроями.
Схожі до Critical Thinking - Bug Bounty Podcast
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Welcome to Hands-On Tech, where host Mikah Sargent turns tech troubles into tech triumphs. Each episode zooms in on a specific theme, unpacking listener questions with expert analysis and easy-to-follow advice. From decoding the latest gadgets to simplifying everyday tech, Mikah's got you covered. Submit your tech queries through email at [email protected] or via TWiT's social media. You might hear your question answered on air! And keep an ear out for guest experts who drop by to share their spec ...
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
We help founders make something people want.
…
continue reading
Redefining AI is the 2024 New York Digital Award winning tech podcast! Discover a whole new take on Artificial Intelligence in joining host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and ...
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Get the most out of your home theater with the latest advances, product reviews, and all things audio and video. Every Thursday, Scott Wilkinson shares his expertise, energy, and enthusiasm about how to make your A/V system sound and look its best. In this short-format podcast, Scott brings you news, reviews, interviews, and commentary, and answers your questions. You can join Club TWiT for $7 a month and get ad-free audio and video feeds for all our shows plus everything else the club offer ...
…
continue reading
Flash Forward is a show about possible (and not so possible) future scenarios. What would the warranty on a sex robot look like? How would diplomacy work if we couldn’t lie? Could there ever be a fecal transplant black market? (Complicated, it wouldn’t, and yes, respectively, in case you’re curious.) Hosted and produced by award winning science journalist Rose Eveleth, each episode combines audio drama and journalism to go deep on potential tomorrows, and uncovers what those futures might re ...
…
continue reading
Player FM - додаток Podcast
Переходьте в офлайн за допомогою програми Player FM !
Переходьте в офлайн за допомогою програми Player FM !
