Episode 140: Crit Research Lab Update & Client-Side Tricks Galore

Critical Thinking - Bug Bounty Podcast

المحتوى المقدم من Justin Gardner (Rhynorater) & Joseph Thacker (Rez0), Justin Gardner (Rhynorater), and Joseph Thacker (Rez0). يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة Justin Gardner (Rhynorater) & Joseph Thacker (Rez0), Justin Gardner (Rhynorater), and Joseph Thacker (Rez0) أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.

21d ago 57:41

MP3•منزل الحلقة

Episode 140: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph give an update from The Crit Research Lab, as well as some writeups on postMessage vulnerabilities, Cookie Chaos, and more.

Got any ideas and suggestions? Send us feedback at [email protected]

Shoutout to YTCracker for the awesome intro music!

====== Links ======

Follow your hosts Rhynorater and Rez0

====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord!

Get some hacker swag here!

====== This Week in Bug Bounty ======

Cross-site request forgery

HackerOne New Milestone Program

Email [email protected] for media opportunities

====== Resources ======

Exploiting Web Worker XSS with Blobs

Critical Research Lab

Rez0's Tweet

CVE-2022-21703: cross-origin request forgery against Grafana

Conversation about Forcing Quirks Mode

AI Busniess Logic & POC or GTFO

Hunting postMessage Vulnerabilities – Part 1

Hunting postMessage Vulnerabilities – Part 2

Executive Offense

Cookie Chaos: How to bypass Host and Secure cookie prefixes

====== Timestamps ======

(00:00:00) Introduction

(00:05:48) Crit Research Update

(00:13:00) Encouragement & Collaboration

(00:19:37) Cross-origin request forgery & Anthropic's web fetch

(00:29:17) Quirks Mode, AI Business Logic & POC or GTFO

(00:44:21) Hunting postMessage & Claude Code browserbase

(00:51:25) Community story, Executive Offense, & Cookie Chaos

143 حلقات

#Tech #Justin Gardner (Rhynorater