March 5, 2026

Episode 164: Tommy DeVoss: From Black Hat to Bug Bounty LEGEND

Episode 164: Tommy DeVoss: From Black Hat to Bug Bounty LEGEND
The player is loading ...
Episode 164: Tommy DeVoss: From Black Hat to Bug Bounty LEGEND
Episode 164: Tommy DeVoss: From Black Hat to Bug Bounty LEGEND
Apple Podcasts podcast player badge
Spotify podcast player badge
Castro podcast player badge
RSS Feed podcast player badge
YouTube podcast player badge
Apple Podcasts podcast player iconSpotify podcast player iconCastro podcast player iconRSS Feed podcast player iconYouTube podcast player icon
Season 1

Episode 164: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Tommy DeVoss to talk about his origin story, Yahoo bugs, and how Tommy first got Justin into Bug Bounty


Follow us on twitter at: https://x.com/ctbbpodcast

Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!



====== Links ======

Follow your hosts Rhynorater, rez0 and gr3pme on X: 

https://x.com/Rhynorater

https://x.com/rez0__

https://x.com/gr3pme


Critical Research Lab:

https://lab.ctbb.show/ 


====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord at https://ctbb.show/discord!


We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.


You can also find some hacker swag at https://ctbb.show/merch!


Today’s Guest: https://x.com/thedawgyg


====== This Week in Bug Bounty ======


Python pitfalls: Turning developer mistakes into vulnerabilities

https://www.yeswehack.com/learn-bug-bounty/python-pitfalls-turning-developer-mistakes?utm_source=critical-thinking&utm_medium=sponsored&utm_campaign=article-research-python-pitfalls


====== Timestamps ======

(00:00:00) Introduction

(00:06:22) Yahoo SSRF

(00:14:56) Tommy's Origin

(00:44:10) Bug Bounty

(00:51:47) SSRF Attraction, AI implementation, & Browser Hacking