Episode 62: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel are back with some additional research resources that didn’t make the Portswigger Top-Ten, but that are worth looking at.
Follow us on twitter at: @ctbbpodcast
Feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
------ Ways to Support CTBBPodcast ------
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.
Resources:
Cool HTML Shit
https://twitter.com/jcubic/status/1764311080661082201
https://twitter.com/encodeart/status/1764218128374943764
Bug bounty Hunting Journeys
https://twitter.com/ajxchapman/status/1762101366057525521
https://monkehacks.beehiiv.com/p/monkehacks-02
Deobfuscating/Unminifying Obfuscated Code
Abusing perspectives: https://hackerone.com/reports/2401115
PortSwigger CSS Exfiltration
https://github.com/PortSwigger/css-exfiltration
Timestamps:
(00:00:00) Introduction
(00:02:06) Cool HTML Shit
(00:15:31) Bug Bounty Journeys
(00:28:01) Yelp Cookie Bridge Bug
(00:37:56) Additional Research Resources
(00:46:34) CSS and abusing perspectives