Episode 143: New Cohost + Client-Side Gadgets, LHE Meta — Instant Global Admin in Entra!
Podcast: Critical Thinking - Bug Bounty PodcastPublished On: Thu Oct 09 2025
Description: Episode 143: In this episode of Critical Thinking - Bug Bounty Podcast Justin brings Brandyn back to announce him as our newest co-host. We chat about recent LHE experiences, and then break down some news. Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater and Rez0 on Twitter: https://x.com/Rhynoraterhttps://x.com/rez0__====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!====== This Week in Bug Bounty ======YesWeHack won the European commission: https://www.yeswehack.com/news/european-commission-tender-won-yeswehackYesWeHack now have authorised cve numbering authority: https://www.yeswehack.com/news/yeswehack-authorised-cve-numbering-authorityA wide range of highly used open source bug bounty program such as Log4J, Systemd, GNOME and a lot more: https://event.yeswehack.com/events/open-the-code-source-the-bounty====== Resources ======Attributes reference inside HTMLExplaining XSS without parentheses and semi-colonsBeyond Sandbox Domains: Rendering Untrusted Web Content with SafeContentFrameOne Token to rule them allflareproxCaido 101: How to master it====== Timestamps ======(00:00:00) Introduction(00:03:16) LHE approaches and accomplishments(00:30:54) Attributes reference inside HTML & Explaining XSS without parentheses and semi-colons(00:44:33) One Token to rule them all(00:57:13) Flareprox & Caido 101
The note was deleted
The note was saved
Your message was sent