Sign up to save your podcasts
Or
Share Episode 140: Crit Research Lab Update & Client-Side Tricks Galore
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 140: Crit Research Lab Update & Client-Side Tricks Galore
Episode 140: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph give an update from The Crit Research Lab, as well as some writeups on postMessage vulnerabilities, Cookie Chaos, and more.
Follow us on X at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Send us feedback at [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord!
Get some hacker swag here!
====== This Week in Bug Bounty ======
Cross-site request forgery
HackerOne New Milestone Program
Email [email protected] for media opportunities
====== Resources ======
Exploiting Web Worker XSS with Blobs
Critical Research Lab
Rez0's Tweet
CVE-2022-21703: cross-origin request forgery against Grafana
Conversation about Forcing Quirks Mode
AI Busniess Logic & POC or GTFO
Hunting postMessage Vulnerabilities – Part 1
Hunting postMessage Vulnerabilities – Part 2
Executive Offense
Cookie Chaos: How to bypass Host and Secure cookie prefixes
====== Timestamps ======
(00:00:00) Introduction
(00:05:48) Crit Research Update
(00:13:00) Encouragement & Collaboration
(00:19:37) Cross-origin request forgery & Anthropic's web fetch
(00:29:17) Quirks Mode, AI Business Logic & POC or GTFO
(00:44:21) Hunting postMessage & Claude Code browserbase
(00:51:25) Community story, Executive Offense, & Cookie Chaos
View all episodes
By Justin Gardner (Rhynorater), Joseph Thacker (Rez0), & Brandyn Murtagh (gr3pme)
5
5353 ratings
Episode 140: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph give an update from The Crit Research Lab, as well as some writeups on postMessage vulnerabilities, Cookie Chaos, and more.
Follow us on X at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Send us feedback at [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord!
Get some hacker swag here!
====== This Week in Bug Bounty ======
Cross-site request forgery
HackerOne New Milestone Program
Email [email protected] for media opportunities
====== Resources ======
Exploiting Web Worker XSS with Blobs
Critical Research Lab
Rez0's Tweet
CVE-2022-21703: cross-origin request forgery against Grafana
Conversation about Forcing Quirks Mode
AI Busniess Logic & POC or GTFO
Hunting postMessage Vulnerabilities – Part 1
Hunting postMessage Vulnerabilities – Part 2
Executive Offense
Cookie Chaos: How to bypass Host and Secure cookie prefixes
====== Timestamps ======
(00:00:00) Introduction
(00:05:48) Crit Research Update
(00:13:00) Encouragement & Collaboration
(00:19:37) Cross-origin request forgery & Anthropic's web fetch
(00:29:17) Quirks Mode, AI Business Logic & POC or GTFO
(00:44:21) Hunting postMessage & Claude Code browserbase
(00:51:25) Community story, Executive Offense, & Cookie Chaos
More shows like Critical Thinking - Bug Bounty Podcast
View all
Radiolab
43,837 Listeners
StarTalk Radio
14,353 Listeners
Hacked
187 Listeners
Security Now (Audio)
2,011 Listeners
The Vergecast
3,722 Listeners
Risky Business
371 Listeners
CyberWire Daily
1,028 Listeners
Click Here
418 Listeners
Darknet Diaries
8,077 Listeners
The Indicator from Planet Money
9,556 Listeners
The Jordan Harbinger Show
12,004 Listeners
Cybersecurity Today
175 Listeners
My First Million
2,660 Listeners
Cybersecurity Headlines
139 Listeners
The Ezra Klein Show
16,525 Listeners