Sign up to save your podcasts
Or
Share Episode 140: Crit Research Lab Update & Client-Side Tricks Galore
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 140: Crit Research Lab Update & Client-Side Tricks Galore
Episode 140: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph give an update from The Crit Research Lab, as well as some writeups on postMessage vulnerabilities, Cookie Chaos, and more.
Follow us on X at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Send us feedback at [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord!
Get some hacker swag here!
====== This Week in Bug Bounty ======
Cross-site request forgery
HackerOne New Milestone Program
Email [email protected] for media opportunities
====== Resources ======
Exploiting Web Worker XSS with Blobs
Critical Research Lab
Rez0's Tweet
CVE-2022-21703: cross-origin request forgery against Grafana
Conversation about Forcing Quirks Mode
AI Busniess Logic & POC or GTFO
Hunting postMessage Vulnerabilities – Part 1
Hunting postMessage Vulnerabilities – Part 2
Executive Offense
Cookie Chaos: How to bypass Host and Secure cookie prefixes
====== Timestamps ======
(00:00:00) Introduction
(00:05:48) Crit Research Update
(00:13:00) Encouragement & Collaboration
(00:19:37) Cross-origin request forgery & Anthropic's web fetch
(00:29:17) Quirks Mode, AI Business Logic & POC or GTFO
(00:44:21) Hunting postMessage & Claude Code browserbase
(00:51:25) Community story, Executive Offense, & Cookie Chaos
View all episodes
By Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
5
5353 ratings
Episode 140: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph give an update from The Crit Research Lab, as well as some writeups on postMessage vulnerabilities, Cookie Chaos, and more.
Follow us on X at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Send us feedback at [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord!
Get some hacker swag here!
====== This Week in Bug Bounty ======
Cross-site request forgery
HackerOne New Milestone Program
Email [email protected] for media opportunities
====== Resources ======
Exploiting Web Worker XSS with Blobs
Critical Research Lab
Rez0's Tweet
CVE-2022-21703: cross-origin request forgery against Grafana
Conversation about Forcing Quirks Mode
AI Busniess Logic & POC or GTFO
Hunting postMessage Vulnerabilities – Part 1
Hunting postMessage Vulnerabilities – Part 2
Executive Offense
Cookie Chaos: How to bypass Host and Secure cookie prefixes
====== Timestamps ======
(00:00:00) Introduction
(00:05:48) Crit Research Update
(00:13:00) Encouragement & Collaboration
(00:19:37) Cross-origin request forgery & Anthropic's web fetch
(00:29:17) Quirks Mode, AI Business Logic & POC or GTFO
(00:44:21) Hunting postMessage & Claude Code browserbase
(00:51:25) Community story, Executive Offense, & Cookie Chaos
More shows like Critical Thinking - Bug Bounty Podcast
View all
Hacked
190 Listeners
Hanselminutes with Scott Hanselman
384 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
374 Listeners
Risky Business
377 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
652 Listeners
CyberWire Daily
1,022 Listeners
Smashing Security
319 Listeners
Click Here
418 Listeners
Darknet Diaries
8,018 Listeners
Cybersecurity Today
177 Listeners
Hacking Humans
315 Listeners
CISO Series Podcast
189 Listeners
Defense in Depth
74 Listeners
Risky Bulletin
46 Listeners
Hacker And The Fed
171 Listeners