Critical Thinking - Bug Bounty Podcast

Justin Gardner (Rhynorater), Joseph Thacker (Rez0), & Brandyn Murtagh (gr3pme)

171 - Episode 169: Attacking OAuth 2.1

A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.

171 - Episode 169: Attacking OAuth 2.1

00:00

A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.

Episodios

jue., 09 abr. 2026

jue., 02 abr. 2026

jue., 26 mar. 2026

jue., 19 mar. 2026

jue., 12 mar. 2026

jue., 05 mar. 2026

jue., 26 feb. 2026

jue., 19 feb. 2026

jue., 12 feb. 2026

jue., 05 feb. 2026

jue., 29 ene. 2026

jue., 22 ene. 2026

jue., 15 ene. 2026

jue., 08 ene. 2026

jue., 01 ene. 2026

jue., 25 dic. 2025

jue., 18 dic. 2025

jue., 11 dic. 2025

jue., 04 dic. 2025

jue., 27 nov. 2025

jue., 20 nov. 2025

jue., 13 nov. 2025

jue., 06 nov. 2025

jue., 30 oct. 2025

jue., 23 oct. 2025

jue., 16 oct. 2025

jue., 09 oct. 2025

jue., 02 oct. 2025

jue., 25 sep. 2025

jue., 18 sep. 2025

jue., 11 sep. 2025

jue., 04 sep. 2025

jue., 28 ago. 2025

jue., 21 ago. 2025

jue., 14 ago. 2025

lun., 04 ago. 2025

jue., 31 jul. 2025

jue., 24 jul. 2025

jue., 17 jul. 2025

jue., 10 jul. 2025

jue., 03 jul. 2025

jue., 26 jun. 2025

jue., 19 jun. 2025

jue., 12 jun. 2025

jue., 05 jun. 2025

jue., 29 mayo 2025

jue., 22 mayo 2025

jue., 15 mayo 2025

jue., 08 mayo 2025

jue., 01 mayo 2025

Critical Thinking - Bug Bounty Podcast

Episodios

Episode 169: Attacking OAuth 2.1

Episode 168: XSSDoctor - Client-side Path Traversal Research

Episode 167: Stealing Bugs with Valeriy Shevchenko

Episode 166: Rez0’s Top Claude Skill Secrets

Episode 165: Protobuf Hacking, AI-Powered Bug Hunting, and Self-Improving Claude Workflows

Episode 164: Tommy DeVoss: From Black Hat to Bug Bounty LEGEND

Episode 163: Best Technical Takeaways from Portswigger Top 10 2025

Episode 162: HackerOne Training AI on Bug Bounty Data?

Episode 161: Cross-Consumer Attacks & DTMF Tone Exfil

Episode 160: Cloudflare Zero-days & Mail Unsubscribing for XSS

Episode 159: Avoiding Downgrades on Google Cloud VRP with Cote and Darby Hopkins

Episode 158: 10hr Marathon Hack-Along Recap + $300k Client-side Bugs

Episode 157: Crushing Pwn2Own & H1 with Kernel Driver Exploits

Episode 156: Chill AMA from bugbounty.forum

Episode 155: 2025 Hacker Stats & 2026 Goals

Episode 154: Starting a Pentesting Company on Top of Bug Bounty

Episode 153: Hacking the Robots of the Future: Hardware, AI, and Bug Bounties with Matt Brown

Episode 152: GeminiJack and Agentic Security with Sasi Levi

Episode 151: Client-side Advanced Topics

Episode 150: ASP.NET MVC Patterns, Popping Oracle Identity, and Esoteric Subdomain Enumeration

Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains

Episode 148: MCP Hacking Guide

Episode 147: Stupid Simple Hacking Workflow Tips

Episode 146: Hacking Horror Stories

Episode 145: Gr3pme's Secret: Bug Bounty Note Taking Methodology

Episode 144: Google’s Top AI Hackers: Busfactor and Monke

Episode 143: New Cohost + Client-Side Gadgets, LHE Meta — Instant Global Admin in Entra!

Episode 142: Gr3pme's Full-Time Hunting Journey Update, Insane AI research, And Some Light News

Episode 141: Hacking the Pod - Google Docs 0-day & React CreateElement Exploits with Nick Copi (7urb0)

Episode 140: Crit Research Lab Update & Client-Side Tricks Galore

Episode 139: James Kettle - Pwning in Prod & How to do Web Security Research

Episode 138: Caido Tools and Workflows

Episode 137: How We Do AI-Assisted Whitebox Review, New CSPT Gadgets, and Tools from SLCyber

Episode 136: Hacking Cluely, AI Prod Sec, and How To Not Get Sued with Jack Cable

Episode 135: Akamai's Ryan Barnett on WAFs, Unicode Confusables, and Triage Stories

Episode 134: XBOW - AI Hacking Agent and Human in the Loop with Diego Djurado

Episode 133: Building Hacker Communities - Bug Bounty Village, getDisclosed, and the LHE Squad

Episode 132: Archive Testing Methodology with Mathias Karlsson

Episode 131: SL Cyber Writeups, Bug Bounty Metastrategy, and Orphaned Github Commits

Episode 130: Minecraft Hacks to Google Hacking Star - Valentino

Episode 129: Is this how Bug Bounty Ends?

Episode 128: New Research in Blind SSRF and Self-XSS, and How to Architect Source-code Review AI Bots

Episode 127: Drama, PDF as JS Chaos, Bounty Profile Apps, And More

Episode 126: Hacking AI Series: Vulnus ex Machina - Part 3

Episode 125: How to Win Live Hacking Events

Episode 124: Bug Bounty Lifestyle = Less Hacking Time?

Episode 123: Hacking AI Series: Vulnus ex Machina - Part 2

Episode 122: We Won Google's AI Hacking Event in Tokyo - Main Takeaways

Episode 121: Slonser’s Image Injection 0-day -> ATO & New Caido Collab Plugin

Episode 120: SpaceRaccoon - From Day Zero to Zero Day