Jan. 26, 2023

Episode 3: H1-407 Event Madness & Takeaways Part 1

Episode 3: H1-407 Event Madness & Takeaways Part 1
The player is loading ...
Episode 3: H1-407 Event Madness & Takeaways Part 1
Episode 3: H1-407 Event Madness & Takeaways Part 1
Apple Podcasts podcast player badge
Spotify podcast player badge
Castro podcast player badge
RSS Feed podcast player badge
YouTube podcast player badge
Apple Podcasts podcast player iconSpotify podcast player iconCastro podcast player iconRSS Feed podcast player iconYouTube podcast player icon
Season 1

Episode 3: In this episode of Critical Thinking - Bug Bounty Podcast we talk about some of the interesting things we’ve learned from participating in HackerOne's H1-407 Live Hacking event. We cover decompiling binaries in various different languages, Windows URI Handlers, Caido, and SameSite Lax + POST.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Frans Rosen S3 Bucket Authorization Blog Post: https://labs.detectify.com/2018/08/02/bypassing-exploiting-bucket-upload-policies-signed-urls/

Getting code from executables:

ILSpy

DotPeek

Jadx-GUI

Pyinstxtractor

Uncompyle6

Jub0b’s SameSite Article:

https://jub0bs.com/posts/2021-01-29-great-samesite-confusion/

Mgeeky’s Powershell Script to Enumerate Windows App URI Handlers

https://gist.github.com/mgeeky/5a30a0619a7486b2fb0bd5233490fa64