Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
İçerik Justin Gardner (Rhynorater) & Joseph Thacker (Rez0), Justin Gardner (Rhynorater), and Joseph Thacker (Rez0) tarafından sağlanmıştır. Bölümler, grafikler ve podcast açıklamaları dahil tüm podcast içeriği doğrudan Justin Gardner (Rhynorater) & Joseph Thacker (Rez0), Justin Gardner (Rhynorater), and Joseph Thacker (Rez0) veya podcast platform ortağı tarafından yüklenir ve sağlanır. Birinin telif hakkıyla korunan çalışmanızı izniniz olmadan kullandığını düşünüyorsanız burada https://tr.player.fm/legal özetlenen süreci takip edebilirsiniz.
Critical Thinking - Bug Bounty Podcast benzeri
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
What is the internet doing to us? The Times tech columnist Kevin Roose discovers what happens when our lives move online. Unlock full access to New York Times podcasts and explore everything from politics to pop culture. Subscribe today at nytimes.com/podcasts or on Apple Podcasts and Spotify.
…
continue reading
We help founders make something people want.
…
continue reading
Redefining AI is the 2024 New York Digital Award winning tech podcast! Discover a whole new take on Artificial Intelligence in joining host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and ...
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Flash Forward is a show about possible (and not so possible) future scenarios. What would the warranty on a sex robot look like? How would diplomacy work if we couldn’t lie? Could there ever be a fecal transplant black market? (Complicated, it wouldn’t, and yes, respectively, in case you’re curious.) Hosted and produced by award winning science journalist Rose Eveleth, each episode combines audio drama and journalism to go deep on potential tomorrows, and uncovers what those futures might re ...
…
continue reading
Player FM - Podcast Uygulaması
Player FM uygulamasıyla çevrimdışı Player FM !
Player FM uygulamasıyla çevrimdışı Player FM !
))
Episode 72: Research TLDRs & Smuggling Payloads in Well Known Data Types
Manage episode 419795079 series 3435922
İçerik Justin Gardner (Rhynorater) & Joseph Thacker (Rez0), Justin Gardner (Rhynorater), and Joseph Thacker (Rez0) tarafından sağlanmıştır. Bölümler, grafikler ve podcast açıklamaları dahil tüm podcast içeriği doğrudan Justin Gardner (Rhynorater) & Joseph Thacker (Rez0), Justin Gardner (Rhynorater), and Joseph Thacker (Rez0) veya podcast platform ortağı tarafından yüklenir ve sağlanır. Birinin telif hakkıyla korunan çalışmanızı izniniz olmadan kullandığını düşünüyorsanız burada https://tr.player.fm/legal özetlenen süreci takip edebilirsiniz.
Episode 72: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss some hot research from the past couple months. This includes ways to smuggle payloads in phone numbers and IPv6 Addresses, the NextJS SSRF, the PDF.JS PoC drop, and a GitHub Enterprise Indirect Method Information bug. Also, we have an attack vector featured from Monke!
Follow us on twitter at: @ctbbpodcast
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
------ Ways to Support CTBBPodcast ------
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Today's Sponsor - Project Discovery: https://nux.gg/podcast
Resources:
PDF.JS Bypass to XSS
https://github.com/advisories/GHSA-wgrm-67xf-hhpq
https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/
Better Bounty Transparency for hackers
Smuggling payloads in phone numbers
Github Enterprise send() bug
https://x.com/creastery/status/1787327890943873055
https://x.com/Rhynorater/status/1788598984572813549
Timestamps:
(00:00:09) Introduction
(00:03:20) PDF.JS XSS and NextJS SSRF
(00:12:52) Better Bounty Transparency
(00:20:01) IPV6 Research and Phone Number Payloads
(00:28:20) Community Highlight and Automatic Plugin CVE-2024-27956
(00:33:26) DomPurify Bypass and Github Enterprise send() bug
(00:46:12) Caido cookie and header extension updates
111 bölüm
Paylaş
Manage episode 419795079 series 3435922
İçerik Justin Gardner (Rhynorater) & Joseph Thacker (Rez0), Justin Gardner (Rhynorater), and Joseph Thacker (Rez0) tarafından sağlanmıştır. Bölümler, grafikler ve podcast açıklamaları dahil tüm podcast içeriği doğrudan Justin Gardner (Rhynorater) & Joseph Thacker (Rez0), Justin Gardner (Rhynorater), and Joseph Thacker (Rez0) veya podcast platform ortağı tarafından yüklenir ve sağlanır. Birinin telif hakkıyla korunan çalışmanızı izniniz olmadan kullandığını düşünüyorsanız burada https://tr.player.fm/legal özetlenen süreci takip edebilirsiniz.
Episode 72: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss some hot research from the past couple months. This includes ways to smuggle payloads in phone numbers and IPv6 Addresses, the NextJS SSRF, the PDF.JS PoC drop, and a GitHub Enterprise Indirect Method Information bug. Also, we have an attack vector featured from Monke!
Follow us on twitter at: @ctbbpodcast
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
------ Ways to Support CTBBPodcast ------
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Today's Sponsor - Project Discovery: https://nux.gg/podcast
Resources:
PDF.JS Bypass to XSS
https://github.com/advisories/GHSA-wgrm-67xf-hhpq
https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/
Better Bounty Transparency for hackers
Smuggling payloads in phone numbers
Github Enterprise send() bug
https://x.com/creastery/status/1787327890943873055
https://x.com/Rhynorater/status/1788598984572813549
Timestamps:
(00:00:09) Introduction
(00:03:20) PDF.JS XSS and NextJS SSRF
(00:12:52) Better Bounty Transparency
(00:20:01) IPV6 Research and Phone Number Payloads
(00:28:20) Community Highlight and Automatic Plugin CVE-2024-27956
(00:33:26) DomPurify Bypass and Github Enterprise send() bug
(00:46:12) Caido cookie and header extension updates
111 bölüm
Minden epizód
×
Player FM'e Hoş Geldiniz!
Player FM şu anda sizin için internetteki yüksek kalitedeki podcast'leri arıyor. En iyi podcast uygulaması ve Android, iPhone ve internet üzerinde çalışıyor. Aboneliklerinizi cihazlar arasında eş zamanlamak için üye olun.
Critical Thinking - Bug Bounty Podcast benzeri
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
What is the internet doing to us? The Times tech columnist Kevin Roose discovers what happens when our lives move online. Unlock full access to New York Times podcasts and explore everything from politics to pop culture. Subscribe today at nytimes.com/podcasts or on Apple Podcasts and Spotify.
…
continue reading
We help founders make something people want.
…
continue reading
Redefining AI is the 2024 New York Digital Award winning tech podcast! Discover a whole new take on Artificial Intelligence in joining host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and ...
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Flash Forward is a show about possible (and not so possible) future scenarios. What would the warranty on a sex robot look like? How would diplomacy work if we couldn’t lie? Could there ever be a fecal transplant black market? (Complicated, it wouldn’t, and yes, respectively, in case you’re curious.) Hosted and produced by award winning science journalist Rose Eveleth, each episode combines audio drama and journalism to go deep on potential tomorrows, and uncovers what those futures might re ...
…
continue reading
Player FM - Podcast Uygulaması
Player FM uygulamasıyla çevrimdışı Player FM !
Player FM uygulamasıyla çevrimdışı Player FM !
