Critical Thinking – Bug Bounty Podcast
Episode 11: In this episode of Critical Thinking - Bug Bounty Podcast we talk about CVSS (the good, the bad, and the ugly), Web Cache Deception (an underrated vuln class) and a sick SSTI Joel and Fisher found.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
MDSec Outlook Vuln:
https://twitter.com/MDSecLabs/status/1635791863478091778
Jub0bs User-Existance Oracle Tweet:
https://twitter.com/jub0bs/status/1633786349529513986
James Kettle's Tweet About BB ID Header Standardization:
https://twitter.com/albinowax/status/1635951506791755776
15K Snapchat Numeric IDOR:
https://hackerone.com/reports/1819832
Bug Bounty Reports Explained:
https://www.bugbountyexplained.com/
CVSS Calculator:
https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator
Web Cache Deception Write-up:
https://www.blackhat.com/docs/us-17/wednesday/us-17-Gil-Web-Cache-Deception-Attack.pdf