Critical Thinking – Bug Bounty Podcast
Episode 13: In this episode of Critical Thinking - Bug Bounty Podcast we talk about how to determine if a bug bounty program is good or not from the policy page. We also cover some news including Acropalypse, ZDI's Pwn2Own Competition, Node's Request library's SSRF Bypass, and a new scanning tool by JHaddix.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
JHaddix AWSScrape Tool:
https://twitter.com/Jhaddix/status/1637140192728612865?s=20
Acropalypse Links:
https://twitter.com/ItsSimonTime/status/1636857478263750656
https://www.da.vidbuchanan.co.uk/blog/exploiting-acropalypse.html
https://twitter.com/David3141593/status/1638222624084951040
https://twitter.com/David3141593/status/1638293029059477505
SSRF Bypass in NodeJS:
https://blog.doyensec.com/2023/03/16/ssrf-remediation-bypass.html
ZDI's Pwn2Own:
Kuzu7shiki's Awesome Pixiv Report:
https://hackerone.com/reports/1861974
https://twitter.com/kuzu7shiki
Some of the Programs we talk about: