
התחל במצב לא מקוון עם האפליקציה Player FM !
Episode 143: New Cohost + Client-Side Gadgets, LHE Meta — Instant Global Admin in Entra!
Manage episode 512551083 series 3435922
Episode 143: In this episode of Critical Thinking - Bug Bounty Podcast Justin brings Brandyn back to announce him as our newest co-host. We chat about recent LHE experiences, and then break down some news.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
====== This Week in Bug Bounty ======
YesWeHack won the European commission: https://www.yeswehack.com/news/european-commission-tender-won-yeswehack
YesWeHack now have authorised cve numbering authority: https://www.yeswehack.com/news/yeswehack-authorised-cve-numbering-authority
A wide range of highly used open source bug bounty program such as Log4J, Systemd, GNOME and a lot more:
https://event.yeswehack.com/events/open-the-code-source-the-bounty
====== Resources ======
Attributes reference inside HTML
Explaining XSS without parentheses and semi-colons
Beyond Sandbox Domains: Rendering Untrusted Web Content with SafeContentFrame
====== Timestamps ======
(00:00:00) Introduction
(00:03:16) LHE approaches and accomplishments
(00:30:54) Attributes reference inside HTML & Explaining XSS without parentheses and semi-colons
(00:44:33) One Token to rule them all
(00:57:13) Flareprox & Caido 101
143 פרקים
Manage episode 512551083 series 3435922
Episode 143: In this episode of Critical Thinking - Bug Bounty Podcast Justin brings Brandyn back to announce him as our newest co-host. We chat about recent LHE experiences, and then break down some news.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
====== This Week in Bug Bounty ======
YesWeHack won the European commission: https://www.yeswehack.com/news/european-commission-tender-won-yeswehack
YesWeHack now have authorised cve numbering authority: https://www.yeswehack.com/news/yeswehack-authorised-cve-numbering-authority
A wide range of highly used open source bug bounty program such as Log4J, Systemd, GNOME and a lot more:
https://event.yeswehack.com/events/open-the-code-source-the-bounty
====== Resources ======
Attributes reference inside HTML
Explaining XSS without parentheses and semi-colons
Beyond Sandbox Domains: Rendering Untrusted Web Content with SafeContentFrame
====== Timestamps ======
(00:00:00) Introduction
(00:03:16) LHE approaches and accomplishments
(00:30:54) Attributes reference inside HTML & Explaining XSS without parentheses and semi-colons
(00:44:33) One Token to rule them all
(00:57:13) Flareprox & Caido 101
143 פרקים
כל הפרקים
×ברוכים הבאים אל Player FM!
Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.