انتقل إلى وضع عدم الاتصال باستخدام تطبيق Player FM !
Episode 77: Bug Bounty Mental - Practical Tips for Staying Sharp & Motivated
Manage episode 425883246 series 3435922
Episode 77: In this episode of Critical Thinking - Bug Bounty Podcast Joel and Justin discuss some fresh writeups including some MongoDB injections, ORMs, and exploits in Kakao and iOS before pivoting into a conversation about staying motivated and avoiding burnout while hunting.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
------ Ways to Support CTBBPodcast ------
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Resources:
MongoDB NoSQL Injection
https://soroush.me/blog/2024/06/mongodb-nosql-injection-with-aggregation-pipelines/
Mongo DB Is Web Scale
https://www.youtube.com/watch?v=b2F-DItXtZs
1-click Exploit in Kakao
https://stulle123.github.io/posts/kakaotalk-account-takeover/
Unsecure time-based secret and Sandwich Attack
https://www.aeth.cc/public/Article-Reset-Tolkien/secret-time-based-article-en.html
Reset Tolkien
https://github.com/AethliosIK/reset-tolkien
iOS URL Scheme Hijacking Revamped
https://evanconnelly.github.io/post/ios-oauth/
PLORMBING YOUR DJANGO ORM
https://www.elttam.com/blog/plormbing-your-django-orm/#content
Timestamps:
(00:00:00) Introduction
(00:02:07) MongoDB NoSQL Injection
(00:12:42) 1-click Exploit in Kakao
(00:33:21) Time-based secrets and Reset Tolkien
(00:39:26) iOS URL Scheme Hijacking Revamped
(00:51:42) ORMs
(00:58:57) Community Bug Submission
(01:07:45) Motivation, Mental Sharpness, and Burnout avoidance
77 حلقات
Manage episode 425883246 series 3435922
Episode 77: In this episode of Critical Thinking - Bug Bounty Podcast Joel and Justin discuss some fresh writeups including some MongoDB injections, ORMs, and exploits in Kakao and iOS before pivoting into a conversation about staying motivated and avoiding burnout while hunting.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
------ Ways to Support CTBBPodcast ------
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Resources:
MongoDB NoSQL Injection
https://soroush.me/blog/2024/06/mongodb-nosql-injection-with-aggregation-pipelines/
Mongo DB Is Web Scale
https://www.youtube.com/watch?v=b2F-DItXtZs
1-click Exploit in Kakao
https://stulle123.github.io/posts/kakaotalk-account-takeover/
Unsecure time-based secret and Sandwich Attack
https://www.aeth.cc/public/Article-Reset-Tolkien/secret-time-based-article-en.html
Reset Tolkien
https://github.com/AethliosIK/reset-tolkien
iOS URL Scheme Hijacking Revamped
https://evanconnelly.github.io/post/ios-oauth/
PLORMBING YOUR DJANGO ORM
https://www.elttam.com/blog/plormbing-your-django-orm/#content
Timestamps:
(00:00:00) Introduction
(00:02:07) MongoDB NoSQL Injection
(00:12:42) 1-click Exploit in Kakao
(00:33:21) Time-based secrets and Reset Tolkien
(00:39:26) iOS URL Scheme Hijacking Revamped
(00:51:42) ORMs
(00:58:57) Community Bug Submission
(01:07:45) Motivation, Mental Sharpness, and Burnout avoidance
77 حلقات
كل الحلقات
×مرحبًا بك في مشغل أف ام!
يقوم برنامج مشغل أف أم بمسح الويب للحصول على بودكاست عالية الجودة لتستمتع بها الآن. إنه أفضل تطبيق بودكاست ويعمل على أجهزة اندرويد والأيفون والويب. قم بالتسجيل لمزامنة الاشتراكات عبر الأجهزة.