Go offline with the Player FM app!
Episode 131: SL Cyber Writeups, Bug Bounty Metastrategy, and Orphaned Github Commits
Manage episode 494938225 series 3435922
Episode 131: In this episode of Critical Thinking - Bug Bounty Podcast we're covering Christmas in July with several banger articles from Searchlight Cyber, as well as covering things like Raycast for Windows, Third-Person prompting, and touch on the recent McDonalds Leak
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
Today’s Sponsor is Adobe. Use code CTBBP0907 in your first report on Adobe Behance, Portfolio, Fonts or Acrobat Web, and earn a one-time 10% bonus reward!
====== Resources ======
v1 Instance Metadata Service protections bypass
Would you like an IDOR with that? Leaking 64 million McDonald’s job applications
How we got persistent XSS on every AEM cloud site, thrice
Google docs now supports export as markdown
Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke)
How I Scanned all of GitHub’s “Oops Commits” for Leaked Secrets
Bug bounty, feedback, strategy and alchemy
====== Timestamps ======
(00:00:00) Introduction
(00:05:39) Metadata Service protections bypass & Mcdonalds Leak
(00:12:30) Christmas in July with Searchlight Cyber Pt 1
(00:19:43) Export as Markdown, Raycast for Windows, & Third-Person prompting
(00:23:56) Christmas in July with Searchlight Cyber Pt 2
(00:27:39) GitHub’s “Oops Commits” for Leaked Secrets
(00:36:53) Bug bounty, feedback, strategy and alchemy
132 episodes
Manage episode 494938225 series 3435922
Episode 131: In this episode of Critical Thinking - Bug Bounty Podcast we're covering Christmas in July with several banger articles from Searchlight Cyber, as well as covering things like Raycast for Windows, Third-Person prompting, and touch on the recent McDonalds Leak
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
Today’s Sponsor is Adobe. Use code CTBBP0907 in your first report on Adobe Behance, Portfolio, Fonts or Acrobat Web, and earn a one-time 10% bonus reward!
====== Resources ======
v1 Instance Metadata Service protections bypass
Would you like an IDOR with that? Leaking 64 million McDonald’s job applications
How we got persistent XSS on every AEM cloud site, thrice
Google docs now supports export as markdown
Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke)
How I Scanned all of GitHub’s “Oops Commits” for Leaked Secrets
Bug bounty, feedback, strategy and alchemy
====== Timestamps ======
(00:00:00) Introduction
(00:05:39) Metadata Service protections bypass & Mcdonalds Leak
(00:12:30) Christmas in July with Searchlight Cyber Pt 1
(00:19:43) Export as Markdown, Raycast for Windows, & Third-Person prompting
(00:23:56) Christmas in July with Searchlight Cyber Pt 2
(00:27:39) GitHub’s “Oops Commits” for Leaked Secrets
(00:36:53) Bug bounty, feedback, strategy and alchemy
132 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.