Episodes

  • Episode 179: Maintaining Motivation in Post-AI Bug Bounty World

    Episode 179: Maintaining Motivation in Post-AI Bug Bounty World
    Jun 18 2026

    Episode 179: In this episode of Critical Thinking - Bug Bounty Podcast we talk about how to stay motivated and keep the vibes strong during this trying time for Bug Bounty.


    Follow us on twitter at: https://x.com/ctbbpodcast

    Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

    Shoutout to YTCracker for the awesome intro music!



    ====== Links ======

    Follow your hosts Rhynorater, rez0 and gr3pme on X:

    https://x.com/Rhynorater

    https://x.com/rez0__

    https://x.com/gr3pme


    Critical Research Lab:

    https://lab.ctbb.show/


    Need a Pentest? We just launched CTBB Pentests!

    https://pentest.ctbb.show/


    Hack full time? Check out the Full-Time Hunter’s Guild!

    https://ctbb.show/fthg


    ====== Ways to Support CTBBPodcast ======

    Hop on the CTBB Discord at https://ctbb.show/discord!


    We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.


    You can also find some hacker swag at https://ctbb.show/merch!


    Today's Sponsor: Check out Zero Trust Cloud Access:

    https://www.threatlocker.com/capabilities/zero-trust-cloud-access


    ====== Timestamps ======

    (00:00:00) Introduction

    (00:04:57) Managing Hacker Motivation

    (00:10:45) Community, Competition, & Curosity

    (00:16:54) Using AI with Passion

    (00:23:10) The LHE Method & Sharing Wins

    (00:28:01) Video POCs, Scripts, & Talking about Bugs

    (00:40:49) Watching your health & stopping mid-hack
    Show More Show Less
    46 mins
  • Episode 178: 600k in ~3 months - BruteCat pt 2

    Episode 178: 600k in ~3 months - BruteCat pt 2
    Jun 11 2026

    Episode 178: In this episode of Critical Thinking - Bug Bounty Podcast we’re back with BruteCat to finish up our discussion on hacking Google. This week we hit AI.


    Follow us on twitter at: https://x.com/ctbbpodcast

    Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

    Shoutout to YTCracker for the awesome intro music!



    ====== Links ======

    Follow your hosts Rhynorater, rez0 and gr3pme on X:

    https://x.com/Rhynorater

    https://x.com/rez0__

    https://x.com/gr3pme


    Critical Research Lab:

    https://lab.ctbb.show/


    Need a Pentest? We just launched CTBB Pentests!

    https://pentest.ctbb.show/


    Hack full time? Check out the Full-Time Hunter’s Guild!

    https://ctbb.show/fthg


    ====== Ways to Support CTBBPodcast ======

    Hop on the CTBB Discord at https://ctbb.show/discord!


    We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.


    You can also find some hacker swag at https://ctbb.show/merch!


    Today’s Guest: https://x.com/brutecat


    ====== Resources ======

    Hacking Google with AI

    https://brutecat.com/articles/hacking-google-with-ai/


    ====== Timestamps ======

    (00:00:00) Introduction

    (00:03:07) Discovery Docs Refresher & AI at BugSWAT Mexico

    (00:30:49) Auth & Enumeration of Referer and Origin

    (00:45:59) Pwning Google Stories

    (01:09:32) Batch Execute & GraphQL
    Show More Show Less
    1 hr and 24 mins
  • Episode 177: 2x Google RCE with VRP Legend Brutecat

    Episode 177: 2x Google RCE with VRP Legend Brutecat
    Jun 4 2026

    Episode 177: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by BruteCat to talk about his journey hacking Google Cloud, Gmail, Youtube, and Google Phone.


    Follow us on twitter at: https://x.com/ctbbpodcast

    Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

    Shoutout to YTCracker for the awesome intro music!



    ====== Links ======

    Follow your hosts Rhynorater, rez0 and gr3pme on X:

    https://x.com/Rhynorater

    https://x.com/rez0__

    https://x.com/gr3pme


    Critical Research Lab:

    https://lab.ctbb.show/


    Need a Pentest? We just launched CTBB Pentests!

    https://pentest.ctbb.show/


    Hack full time? Check out the Full-Time Hunter’s Guild!

    https://ctbb.show/fthg


    ====== Ways to Support CTBBPodcast ======

    Hop on the CTBB Discord at https://ctbb.show/discord!


    We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.


    You can also find some hacker swag at https://ctbb.show/merch!


    Today's Sponsor: Check out Zero Trust Cloud Access from ThreatLocker

    https://www.criticalthinkingpodcast.io/tl-ztca


    Today’s Guest: https://x.com/brutecat


    ====== Resources ======

    StubZero: $148,337 RCE in Google Cloud Production

    https://brutecat.com/articles/google-cloud-rce/


    Leaking the email of any YouTube user for $10,000

    https://brutecat.com/articles/leaking-youtube-emails/


    Disclosing YouTube Creator Emails for a $20k Bounty

    https://brutecat.com/articles/youtube-creator-emails/


    Leaking the phone number of any Google user

    https://brutecat.com/articles/leaking-google-phones/



    ====== Timestamps ======

    (00:00:00) Introduction

    (00:29:14) 2nd RCE in Application Integration

    (00:39:55) BruteCat's Background & RCE Follow-up Questions

    (00:48:02) Google VRP and Youtube Bugs

    (01:10:17) Google Phone Leak

    (01:18:36) Discovery Docs and Episode 178 Teaser
    Show More Show Less
    1 hr and 25 mins
  • Episode 176: 600+ CVEs on Adobe AEM with Jim Green (GreenJam)

    Episode 176: 600+ CVEs on Adobe AEM with Jim Green (GreenJam)
    May 28 2026
    Episode 176: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by top Adobe hacker Jim Green to deep-dive AEM. We talk through Sling selectors, Permissions, and how to spot AEM Red Flags.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pmeCritical Research Lab:https://lab.ctbb.show/ Need a Pentest? We just launched CTBB Pentests!https://pentest.ctbb.show/Hack full time? Check out the Full-Time Hunter’s Guild!https://ctbb.show/fthg====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today’s Sponsor: Adobe. Earn more for AI bugs with Adobe’s new AI Tier! https://blog.adobe.com/security/adobe-expands-bug-bounty-program-to-incentivize-ai-security-researchAlso don’t forget to also grab a 10% bonus for valid AI vulnerabilities in Adobe Stock and Lightroom Web. Use code: CTBB063026 in your report.Expires June 30, 2026. ====== This Week in Bug Bounty ======Scaling Bug Bounty triage in the AI era(https://www.yeswehack.com/security-best-practices/scaling-bug-bounty-triage-ai)The AI impact: a triager’s perspectivehttps://www.intigriti.com/blog/business-insights/the-ai-impact-a-triagers-perspective====== Resources ======Sling Selectors - The Key to Unlocking AEM's Attack Surfacehttps://greenjam.co.uk/blog/sling-selectors/Just a Moment CTFhttps://poc.greenjam.co.uk/just-a-moment.htmlGeneral XSS jquery .text()https://poc.greenjam.co.uk/text-xss.htmlURL XXS Challengehttps://poc.greenjam.co.uk/url-xss.html====== Timestamps ======(00:00:00) Introduction(00:04:35) Background and AEM Bug(00:17:40) Sling Selectors & the Tech Stack(00:38:14) Permissions & Apache Sling Resolution(01:01:37) The Bugs & AEM Red Flags(01:31:55) Moment in Time CTF(01:40:38) General XSS jquery .text()(01:45:45) URL XXS Challenge
    Show More Show Less
    1 hr and 51 mins
  • Episode 175: Rhyno’s Hackbot Setup, Sick Bugs, and ZDI Drama

    Episode 175: Rhyno’s Hackbot Setup, Sick Bugs, and ZDI Drama
    May 21 2026

    Episode 175: In this episode of Critical Thinking - Bug Bounty Podcast we’re comparing Hackbot setups and results. We also talk about some of the recent ZDI drama, as well as the importance of freaking beautiful POCs


    Follow us on twitter at: https://x.com/ctbbpodcast

    Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

    Shoutout to YTCracker for the awesome intro music!



    ====== Links ======

    Follow your hosts Rhynorater, rez0 and gr3pme on X:

    https://x.com/Rhynorater

    https://x.com/rez0__

    https://x.com/gr3pme


    Critical Research Lab:

    https://lab.ctbb.show/


    Need a Pentest? We just launched CTBB Pentests!

    https://pentest.ctbb.show/


    Hack full time? Check out the Full-Time Hunter’s Guild!

    https://ctbb.show/fthg


    ====== Ways to Support CTBBPodcast ======

    Hop on the CTBB Discord at https://ctbb.show/discord!


    We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.


    You can also find some hacker swag at https://ctbb.show/merch!


    Today's Sponsor: Check out Zero Trust Cloud Access from ThreatLocker

    https://www.criticalthinkingpodcast.io/tl-ztca


    ====== Resources ======

    Another day, another universal linux LPE

    https://x.com/v12sec/status/2054491454064746629


    ZDI Drama

    https://x.com/ryotkak/status/2052881664909660521


    Orange Tsai Bug on Edge

    https://x.com/thezdi/status/2054868495888777266


    Chompie's Exploit in NV Container Toolkit

    https://x.com/chompie1337/status/2054882193055601140


    GitHub Security April bug bounty stats

    https://x.com/GitHubSecurity/status/2054274356403138932


    ====== Timestamps ======

    (00:00:00) Introduction

    (00:02:14) q param prompt injection & Mobile CSPT

    (00:14:17) Admin API Key MegaCrit

    (00:17:13) Hackbots

    (00:37:10) Pretty POCs and ZDI Drama

    (00:44:48) GitHub Security April Stats
    Show More Show Less
    50 mins
  • Episode 174: Saving Bug Bounty Programs + AMPScript, tessl & GPT-5.5

    Episode 174: Saving Bug Bounty Programs + AMPScript, tessl & GPT-5.5
    May 14 2026
    Episode 174: In this episode of Critical Thinking - Bug Bounty Podcast we follow up from last episode with some advice for BB platforms, as well as cover a slew of writeups from Searchlight Cyber, watchTowr, and Starstrike.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pmeCritical Research Lab:https://lab.ctbb.show/ ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Need a Pentest? We just launched CTBB Pentests!https://pentest.ctbb.show/Hack full time? Check out the Full-Time Hunter’s Guild!https://ctbb.show/fthg====== This Week in Bug Bounty ======COST, AI frontier models and more: A measured take on the future of security testinghttps://www.yeswehack.com/security-best-practices/cost-mythos-future-security-testingCommon AI misconceptions debugged!https://www.intigriti.com/blog/business-insights/common-misconceptions-debugged#trend-3-validity-ratios-remain-constant-ai-slop-isnt-rising-as-a-proportionBountySync + Socialhttps://luma.com/bountysync_social====== Resources ======Ghosts of Encryption Pasthttps://slcyber.io/research-center/ghosts-of-encryption-past-salesforce-exacttarget/tessl Skill Optimizerhttps://tessl.io/registry/tessl/skill-optimizer/0.8.0The Internet Is Falling Down, Falling Down, Falling Downhttps://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/High Fidelity Check for the cPanel Authentication Bypasshttps://slcyber.io/research-center/high-fidelity-check-for-the-cpanel-authentication-bypass-cve-2026-41940/Achieving Deterministic Prompt Injection Through Client-Side Feedback Loopshttps://blog.starstrike.ai/posts/achieving-deterministic-prompt-injection-through-client-side-feedback-loops/GPT-5.5: Mythos-Like Hacking, Open To Allhttps://xbow.com/blog/mythos-like-hacking-open-to-allRemote Command Execution in Google Cloud with Single Directory Deletionhttps://flatt.tech/research/posts/remote-command-execution-in-google-cloud-with-single-directory-deletion/?utm_source=bugbountydaily.com&utm_medium=referral====== Timestamps ======(00:00:00) Introduction(00:09:20) AMPScript(00:25:10) Tessl Skill Optimizer(00:33:07) cPanel & WHM Authentication Bypass(00:40:46) Advice for Bug Bounty Programs(00:50:07) Prompt Injection Through Client-Side Feedback Loops(00:54:37) GPT 5.5(01:01:00) Remote Command Execution in Google Cloud
    Show More Show Less
    1 hr and 10 mins
  • Episode 173: Bug Bounty is Dead and AI Killed it.

    Episode 173: Bug Bounty is Dead and AI Killed it.
    May 7 2026

    Episode 173: In this episode of Critical Thinking - Bug Bounty Podcast we’re talking about the negative effects that AI is having on the Bug Bounty scene as a whole. Is it over, or are we so back?


    Follow us on twitter at: https://x.com/ctbbpodcast

    Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

    Shoutout to YTCracker for the awesome intro music!


    ====== Links ======

    Follow your hosts Rhynorater, rez0 and gr3pme on X:

    https://x.com/Rhynorater

    https://x.com/rez0__

    https://x.com/gr3pme


    Critical Research Lab:

    https://lab.ctbb.show/


    ====== Ways to Support CTBBPodcast ======

    Hop on the CTBB Discord at https://ctbb.show/discord!


    We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.


    You can also find some hacker swag at https://ctbb.show/merch!


    Today's Sponsor: Check out Zero Trust Cloud Access:

    https://www.criticalthinkingpodcast.io/tl-ztca


    ====== Resources ======

    We want your feedback on this!

    https://forms.ctbb.show/future_of_bug_bounty


    Evolving the Android & Chrome VRPs for the AI Era

    https://bughunters.google.com/blog/evolving-the-android-chrome-vrps-for-the-ai-era


    Paid Submissions?

    https://x.com/d0rsky/status/2047744193976742120


    Keep the Robots Out of the Gym

    https://danielmiessler.com/blog/keep-the-robots-out-of-the-gym


    Is my data used for model training?

    https://privacy.claude.com/en/articles/10023580-is-my-data-used-for-model-training


    ====== Timestamps ======

    (00:00:00) Introduction

    (00:06:28) Network effects of Bug Bounty

    (00:31:55) Hopium/Copium

    (00:47:21) The Great Training Data Debate
    Show More Show Less
    1 hr and 2 mins
  • Episode 172: Source Code Review Meta Analysis

    Episode 172: Source Code Review Meta Analysis
    Apr 30 2026

    Episode 172: In this episode of Critical Thinking - Bug Bounty Podcast trying out a new structure of episode: a Meta Analysis of sorts of many Source Code Review techniques. This episode features tips gathered from Shubs, Rafax, and FSI. Justin highlights best approaches, patterns, and common pitfalls.


    Follow us on twitter at: https://x.com/ctbbpodcast

    Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

    Shoutout to YTCracker for the awesome intro music!


    ====== Links ======

    Follow your hosts Rhynorater, rez0 and gr3pme on X:

    https://x.com/Rhynorater

    https://x.com/rez0__

    https://x.com/gr3pme


    Critical Research Lab:

    https://lab.ctbb.show/


    ====== Ways to Support CTBBPodcast ======

    Hop on the CTBB Discord at https://ctbb.show/discord!


    We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.


    You can also find some hacker swag at https://ctbb.show/merch!


    Today’s Sponsor: Adobe - Get 10% bonus for valid AI vulnerabilities in Adobe Stock and Lightroom Web. Use code: CTBB063026 in your report.

    Expires June 30, 2026.


    ====== This Week in Bug Bounty ======


    Open-source security testing: the Bug Bounty guide to code analysis

    https://www.yeswehack.com/learn-bug-bounty/open-source-guide-code-analysis?utm_source=youtube&utm_medium=sponsor-critical-thinking&utm_campaign=open-source-guide-code-analysis


    ====== Resources ======

    Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke)

    https://slcyber.io/research-center/abusing-windows-net-quirks-and-unicode-normalization-to-exploit-dnn-dotnetnuke/#:~:text=across%20different%20languages.-,A%20MUST%2DKNOW%20BEHAVIOUR%20OF%20PATH.COMBINE,-Another%20key%20implementation


    ====== Timestamps ======

    (00:00:00) Introduction

    (00:06:49) Tracing Data Flow, knowing where your playload is landing, and developer mistakes.

    (00:17:33) Mapping the software

    (00:24:46) Sniffing for blood

    (00:31:54) Common Patterns and Pitfalls
    Show More Show Less
    51 mins