Episode 109: In this episode of Critical Thinking - Bug Bounty Podcast we start off with a quick recap of some of the DeepSeek Drama that’s been going down, and discuss AI in CAPTCHA and 2FA as well. Then we switch to cover some other news before settling in to talk about Alternative Recon Techniques

Follow us on twitter at: https://x.com/ctbbpodcast

Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]

Shoutout to https://x.com/realytcracker for the awesome intro music!

====== Links ======

Follow your hosts Rhynorater and Rez0 on Twitter:

https://x.com/Rhynorater

https://x.com/rez0__

====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

You can also find some hacker swag at https://ctbb.show/merch!

Today’s Sponsor - ThreatLocker. Check out their Managed Detection and Response!

====== Resources ======

Resources

Wiz Research Uncovers Exposed DeepSeek Database

Bypass Bot Detection

Tweet from sw33tLie

rsc 2fa

Stealing HttpOnly cookies with the cookie sandwich technique

Report Pointers for Collaborative Chains

Clone2Leak: Your Git Credentials Belong To Us

Deanonymization via cache

GoogleChrome related-website-sets

====== Timestamps ======

(00:00:00) Introduction

(00:02:03) DeepSeek debacle and Bypass Bot Detection

(00:23:48) Stealing HttpOnly cookies with the cookie sandwich technique

(00:30:54) Report Pointers for Collaborative Chains

(00:34:43) Clone2Leak: Your Git Credentials Belong To Us

(00:40:04) Deanonymization for Signal and Discord

(00:41:53) Alternative Recon Techniques