
Sign up to save your podcasts
Or


Episode 123: In this episode of Critical Thinking - Bug Bounty Podcast we’re back with part 2 of Rez0’s miniseries. Today we talk about mastering Prompt Injection, taxonomy of impact, and both triggering traditional Vulns and exploiting AI-specific features.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
https://x.com/Rhynorater
https://x.com/rez0__
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
Today’s Sponsor - ThreatLocker User Store
https://www.criticalthinkingpodcast.io
/tl-userstore
====== This Week in Bug Bounty ======
Earning a HackerOne 2025 Live Hacking Invite
https://www.hackerone.com/blog/earning-hackerone-2025-live-hacking-invite
HTTP header hacks: basic and advanced exploit techniques explored
https://www.yeswehack.com/learn-bug-bounty/http-header-exploitation
====== Resources ======
Grep.app
https://vercel.com/blog/migrating-grep-from-create-react-app-to-next-js
Gemini 2.5 Pro prompt leak
https://x.com/elder_plinius/status/1913734789544214841
Pliny's CL4R1T4S
https://github.com/elder-plinius/CL4R1T4S
O3
https://x.com/pdstat/status/1913701997141803329
====== Timestamps ======
(00:00:00) Introduction
(00:05:25) Grep.app, O3, and Gemini 2.5 Pro prompt leak
(00:11:09) Delivery and impactful action
(00:20:44) Mastering Prompt Injection
(00:30:36) Traditional vulns in Tool Calls, and AI Apps
(00:37:32) Exploiting AI specific features
By Justin Gardner (Rhynorater), Joseph Thacker (Rez0), & Brandyn Murtagh (gr3pme)5
5353 ratings
Episode 123: In this episode of Critical Thinking - Bug Bounty Podcast we’re back with part 2 of Rez0’s miniseries. Today we talk about mastering Prompt Injection, taxonomy of impact, and both triggering traditional Vulns and exploiting AI-specific features.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
https://x.com/Rhynorater
https://x.com/rez0__
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
Today’s Sponsor - ThreatLocker User Store
https://www.criticalthinkingpodcast.io
/tl-userstore
====== This Week in Bug Bounty ======
Earning a HackerOne 2025 Live Hacking Invite
https://www.hackerone.com/blog/earning-hackerone-2025-live-hacking-invite
HTTP header hacks: basic and advanced exploit techniques explored
https://www.yeswehack.com/learn-bug-bounty/http-header-exploitation
====== Resources ======
Grep.app
https://vercel.com/blog/migrating-grep-from-create-react-app-to-next-js
Gemini 2.5 Pro prompt leak
https://x.com/elder_plinius/status/1913734789544214841
Pliny's CL4R1T4S
https://github.com/elder-plinius/CL4R1T4S
O3
https://x.com/pdstat/status/1913701997141803329
====== Timestamps ======
(00:00:00) Introduction
(00:05:25) Grep.app, O3, and Gemini 2.5 Pro prompt leak
(00:11:09) Delivery and impactful action
(00:20:44) Mastering Prompt Injection
(00:30:36) Traditional vulns in Tool Calls, and AI Apps
(00:37:32) Exploiting AI specific features

43,923 Listeners

14,371 Listeners

188 Listeners

2,008 Listeners

3,718 Listeners

372 Listeners

1,025 Listeners

419 Listeners

8,088 Listeners

9,564 Listeners

11,983 Listeners

178 Listeners

2,664 Listeners

138 Listeners

16,495 Listeners