Free Daily Podcast Summary
Critical Thinking - Bug Bounty Podcast: Daily Summaries Delivered
by Justin Gardner (Rhynorater), Joseph Thacker (Rez0), & Brandyn Murtagh (gr3pme)
Get key takeaways, quotes, and insights from Critical Thinking - Bug Bounty Podcast in a 5-minute read. Delivered straight to your inbox.
Latest Episodes
The most recent episodes — sign up to get AI-powered summaries of each one.
- 5 days ago1h 9m
Episode 174: Saving Bug Bounty Programs + AMPScript, tessl & GPT-5.5
Episode 174: In this episode of Critical Thinking - Bug Bounty Podcast we follow up from last episode with some advice for BB platforms, as well as cover a slew of writeups from Searchlight Cyber, watchTowr, and Starstrike.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pmeCritical Research Lab:https://lab.ctbb.show/ ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Need a Pentest? We just launched CTBB Pentests!https://pentest.ctbb.show/Hack full time? Check out the Full-Time Hunter’s Guild!https://ctbb.show/fthg====== This Week in Bug Bounty ======COST, AI frontier models and more: A measured take on the future of security testinghttps://www.yeswehack.com/security-best-practices/cost-mythos-future-security-testingCommon AI misconceptions debugged!https://www.intigriti.com/blog/business-insights/common-misconceptions-debugged#trend-3-validity-ratios-remain-constant-ai-slop-isnt-rising-as-a-proportionBountySync + Socialhttps://luma.com/bountysync_social====== Resources ======Ghosts of Encryption Past<a href="https:/
- 1 weeks ago1h 1m
Episode 173: Bug Bounty is Dead and AI Killed it.
Episode 173: In this episode of Critical Thinking - Bug Bounty Podcast we’re talking about the negative effects that AI is having on the Bug Bounty scene as a whole. Is it over, or are we so back?Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pmeCritical Research Lab:https://lab.ctbb.show/ ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today's Sponsor: Check out Zero Trust Cloud Access:https://www.criticalthinkingpodcast.io/tl-ztca====== Resources ====== We want your feedback on this!https://forms.ctbb.show/future_of_bug_bountyEvolving the Android & Chrome VRPs for the AI Erahttps://bughunters.google.com/blog/evolving-the-android-chrome-vrps-for-the-ai-eraPaid Submissions?https://x.com/d0rsky/status/2047744193976742120Keep the Robots Out of the Gymhttps://danielmiessler.com/blog/keep-the-robots-out-of-the-gymIs my data used for model training?https://privacy.claude.com/en/articles/10023580-is-my-data-use
- 2 weeks ago51 min
Episode 172: Source Code Review Meta Analysis
Episode 172: In this episode of Critical Thinking - Bug Bounty Podcast trying out a new structure of episode: a Meta Analysis of sorts of many Source Code Review techniques. This episode features tips gathered from Shubs, Rafax, and FSI. Justin highlights best approaches, patterns, and common pitfalls.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pmeCritical Research Lab:https://lab.ctbb.show/ ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today’s Sponsor: Adobe - Get 10% bonus for valid AI vulnerabilities in Adobe Stock and Lightroom Web. Use code: CTBB063026 in your report.Expires June 30, 2026. ====== This Week in Bug Bounty ======Open-source security testing: the Bug Bounty guide to code analysishttps://www.yeswehack.com/learn-bug-bounty/open-source-guide-code-analysis?utm_source=youtube&utm_medium=sponsor-critical-thinking&utm_campaign=open-source-guide-code-analysis====== Resources ======Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke)https://slcyber.io/research-center/abusing-windows-net-quirks-and-unicode-normalization-to-exploit-dnn-dotnetnuke/#:~:text=across%20different%20languages.-,A%20MUST%2DKNOW%20BE
- 3 weeks ago22 min
Episode 171: Path-Scoped Cookie Hacks with Uppercase & Post-based Raw Protobuf XSS
Episode 171: In this episode of Critical Thinking - Bug Bounty Podcast Justin gives us some quick tips from his own hacking, including some clickjacking, using capital letters, and the potential value of leaking agesFollow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pmeCritical Research Lab:https://lab.ctbb.show/ ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today's Sponsor: Check out ThreatLocker Ringfencinghttps://www.criticalthinkingpodcast.io/tl-rf====== Resources ======The ultimate Bug Bounty guide to OS command injection vulnerabilitieshttps://www.yeswehack.com/learn-bug-bounty/ultimate-guide-os-command-injection?utm_source=critical-thinking-podcast&utm_medium=youtube&utm_campaign=article-os-command-injectionCritical auth bypass in WordPress Azure AD SSO plugin due to missing OIDC id_token validationhttps://www.yeswehack.com/news/auth-bypass-wordpress-azure-plugin?utm_source=critical-thinking-podcast&utm_medium=youtube&utm_campaign=article-wordpress-bypass-pluginAituglo featured on YWHhttps://www.yeswehack.com/community/developer-aituglo-bug-bounty-storyAdobe will be sponsoring Ekoparty in Miami and hosting a live hacking event on May 21st<a href="https://ekoparty.org/ekoparty
- Apr 16, 202632 min
Episode 170: Claude Code + Tmux, Websockets, and Other Korea LHE Takeaways
Episode 170: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph their trip to Korea with some quick takeaways from the LHE. Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pmeCritical Research Lab:https://lab.ctbb.show/ ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!====== Timestamps ====== Introduction Google LHE Debrief Old AI Exfils & AI report writing Human Tokens Protoscope & Caido Websocket Repeater
- Apr 9, 202630 min
Episode 169: Attacking OAuth 2.1
Episode 169: In this episode of Critical Thinking - Bug Bounty Podcast gr3pme goes over some of the changes from OAuth 2.0 vs 2.1 and how Hackers can capitalize.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pmeCritical Research Lab:https://lab.ctbb.show/ ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today's Sponsor: Check out ThreatLocker Ringfencinghttps://www.criticalthinkingpodcast.io/tl-rf====== This Week in Bug Bounty ======Intigriti is providing free Burp Pro for Hackers!https://www.intigriti.com/blog/news/intigriti-collaborates-with-portswigger-to-support-ethical-hacking-excellence====== Resources ======Django-allauth Account Takeover (ZeroPath Audit)https://zeropath.com/blog/django-allauth-account-takeover-vulnerabilitiesCVE-2025-4144: Cloudflare Workers PKCE Bypasshttps://github.com/cloudflare/workers-oauth-provider/security/advisories/GHSA-qgp8-v765-qxx9CVE-2025-54576: OAuth2-Proxy Auth Bypasshttps://zeropath.com/blog/cve-2025-54576-oauth2-proxy-auth-bypass<span style="bac
- Apr 2, 20261h 35m
Episode 168: XSSDoctor - Client-side Path Traversal Research
Episode 168: In this episode of Critical Thinking - Bug Bounty Podcast we’re getting a visit from the XSS Doctor. Jonathan joins us to go through his Client-side workflow, run labs, and diagnose some bugs live.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pmeCritical Research Lab:https://lab.ctbb.show/ ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today’s Guest: https://x.com/xssdoctor====== Resources ======The Dot-Dot-Slash That Frameworks Hand You: CSPT Across Every Major Frontend Frameworkhttps://lab.ctbb.show/research/the-dot-dot-slash-that-frameworks-hand-youURL validation bypass cheat sheethttps://portswigger.net/web-security/ssrf/url-validation-bypass-cheat-sheet====== Timestamps ====== Introduction Home Automation AI Hack & E-signature bug stories E-signature bug XSS DR Intro and Bug Bounty Journey CSPT Workflows Wildcard Path Parameters Custom Sinks
- Mar 26, 202651 min
Episode 167: Stealing Bugs with Valeriy Shevchenko
Episode 167: In this episode of Critical Thinking - Bug Bounty Podcast we welcome Valeriy Shevchenko to talk about program management, anchor programs, and Theft in Bug Bounty.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pmeCritical Research Lab:https://lab.ctbb.show/ ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today's Sponsor: Check out ThreatLocker Ringfencinghttps://www.criticalthinkingpodcast.io/tl-rfToday’s Guest: https://x.com/Krevetk0Valeriy====== This Week in Bug Bounty ======HackerOne’s Bug Bounty Maturity Framework:https://www.hackerone.com/blog/program-maturity-framework-bug-bounty-operationsIntigriti is hiring a Product Security Analysthttps://jobs.criticalthinkingpodcast.io/jobs/product-security-analyst-25ef4706====== Resources ======Valeriy’s Bloghttps://krevetk0.medium.com/====== Timestamps ====== Introduction Valeriy's Bug story Anchor Programs and B
Get Critical Thinking - Bug Bounty Podcast summaries in your inbox
Free AI-powered daily recaps. Key takeaways, quotes, and mentions — in a 5-minute read.
Get Free Summaries →Free forever for up to 3 podcasts. No credit card required.
You Might Also Like
Listeners also like.
AIBlade Podcast
David Willis-Owen
Three Buddy Problem
Security Conversations
Hackers to Founders
Chris Magistrado
Decipher Security Podcast
Decipher
The Hacker's Cache
Kyser Clark - Cybersecurity
Hacker Talk
Firo Solutions LTD
Hack the Planet
Symbol Crash
Talkin' Bout [Infosec] News
Black Hills Information Security
Hack The Box: Stories
Hack The Box
The Cybersecurity Defenders Podcast
LimaCharlie
Hacked
Hacked
The HackerSploit Podcast
Alexis
About Critical Thinking - Bug Bounty Podcast
A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.
Customized Recaps
AI-powered recaps with compact key takeaways, quotes, and insights.
Straight to Your Inbox
Get key takeaways from Critical Thinking - Bug Bounty Podcast in a 5-minute read.
Save Hours Every Week
Stay current on your favorite podcasts without falling behind.
Frequently Asked Questions
What is Podzilla's Critical Thinking - Bug Bounty Podcast daily summary?
It's a free AI-powered email that summarizes new episodes of Critical Thinking - Bug Bounty Podcast as soon as they're published. You get the key takeaways, notable quotes, and links & mentions — all in a quick read.
How does the Critical Thinking - Bug Bounty Podcast podcast summary work?
When a new episode drops, our AI transcribes and analyzes it, then generates a personalized summary tailored to your interests and profession. It's delivered to your inbox every morning.
Is this an official Critical Thinking - Bug Bounty Podcast product?
No. Podzilla is an independent service that summarizes publicly available podcast content. We're not affiliated with or endorsed by Justin Gardner (Rhynorater), Joseph Thacker (Rez0), & Brandyn Murtagh (gr3pme).
Can I get summaries of other podcasts too?
Absolutely! The free plan covers up to 3 podcasts. Upgrade to Pro for 15, or Premium for 50. Browse our full catalog at /podcasts.
How often does Critical Thinking - Bug Bounty Podcast release new episodes?
Critical Thinking - Bug Bounty Podcast publishes weekly. Our AI generates a summary within hours of each new episode.
What topics does Critical Thinking - Bug Bounty Podcast cover?
Critical Thinking - Bug Bounty Podcast covers topics including Technology. Our AI identifies the specific themes in each episode and highlights what matters most to you.
Start getting Critical Thinking - Bug Bounty Podcast summaries tomorrow morning.
Free forever for up to 3 podcasts. No credit card required.
Free forever for up to 3 podcasts. No credit card required.