https://www.criticalthinkingpodcast.io/2026-03-02https://www.criticalthinkingpodcast.io/episode-168-the-doctor-is-in-devtools/2026-04-02https://www.criticalthinkingpodcast.io/episode-167-stealing-bugs-with-valeriy-shevchenko/2026-03-26https://www.criticalthinkingpodcast.io/episode-166-rez0s-top-claude-skill-secrets/2026-03-19https://www.criticalthinkingpodcast.io/episode-165-protobuf-hacking-ai-powered-bug-hunting-and-self-improving-claude-workflows/2026-03-12https://www.criticalthinkingpodcast.io/episode-164-tommy-devoss-from-black-hat-to-bug-bounty-legend/2026-03-05https://www.criticalthinkingpodcast.io/episode-163-best-technical-takeaways-from-portswigger-top-10-2025/2026-03-05https://www.criticalthinkingpodcast.io/episode-162-hackerone-training-ai-on-bug-bounty-data/2026-02-26https://www.criticalthinkingpodcast.io/episode-161-cross-consumer-attacks-dtmf-tone-exfil/2026-02-12https://www.criticalthinkingpodcast.io/episode-160-cloudflare-zero-days-mail-unsubscribing-for-xss/2026-02-06https://www.criticalthinkingpodcast.io/episode-159-avoiding-downgrades-on-google-cloud-vrp-with-cote-and-darby-hopkins/2026-01-29https://www.criticalthinkingpodcast.io/episode-159-avoiding-downgrades-on-google-cloud-vrp-with-cote-and-darby-hopkins-1/2026-02-02https://www.criticalthinkingpodcast.io/episode-158-10hr-marathon-hack-along-recap-300k-client-side-bugs/2026-01-22https://www.criticalthinkingpodcast.io/episode-158-10hr-marathon-hack-along-recap-300k-client-side-bugs-1/2026-02-02https://www.criticalthinkingpodcast.io/episode-157-crushing-pwn2own-h1-with-kernel-driver-exploits/2026-01-15https://www.criticalthinkingpodcast.io/episode-156-chill-ama-from-bugbountyforum/2026-01-08https://www.criticalthinkingpodcast.io/episode-155-2025-hacker-stats-2026-goals/2026-01-03https://www.criticalthinkingpodcast.io/episode-154-starting-a-pentesting-company-on-top-of-bug-bounty/2026-01-03https://www.criticalthinkingpodcast.io/episode-153-hacking-the-robots-of-the-future-hardware-ai-and-bug-bounties-with-matt-brown/2025-12-18https://www.criticalthinkingpodcast.io/episode-152-geminijack-and-agentic-security-with-sasi-levi/2025-12-11https://www.criticalthinkingpodcast.io/episode-151-client-side-advanced-topics/2025-12-04https://www.criticalthinkingpodcast.io/episode-150-aspnet-mvc-patterns-popping-oracle-identity-and-esoteric-subdomain-enumeration/2025-11-27https://www.criticalthinkingpodcast.io/episode-149-defcon-debrief-ai-vulns-unicode-weirdness-and-wild-vulnerability-chains/2025-11-20https://www.criticalthinkingpodcast.io/episode-148-mcp-hacking-guide/2025-11-13https://www.criticalthinkingpodcast.io/episode-147-stupid-simple-hacking-workflow-tips/2025-11-06https://www.criticalthinkingpodcast.io/episode-146-hacking-horror-stories/2025-10-30https://www.criticalthinkingpodcast.io/episode-145-gr3pmes-secret-bug-bounty-note-taking-methodology/2025-10-23https://www.criticalthinkingpodcast.io/episode-144-googles-top-ai-hackers-busfactor-and-monke/2025-10-16https://www.criticalthinkingpodcast.io/episode-143-new-cohost-client-side-gadgets-lhe-meta-instant-global-admin-in-entra/2025-10-09https://www.criticalthinkingpodcast.io/episode-142-gr3pmes-full-time-hunting-journey-update-insane-ai-research-and-some-light-news/2025-10-02https://www.criticalthinkingpodcast.io/episode-141-hacking-the-pod-google-docs-0-day-react-createelement-exploits-with-nick-copi-7urb/2025-09-25https://www.criticalthinkingpodcast.io/episode-140-crit-research-lab-update-client-side-tricks-galore/2025-09-18https://www.criticalthinkingpodcast.io/episode-139-james-kettle-pwning-in-prod-how-to-do-web-security-research/2025-09-12https://www.criticalthinkingpodcast.io/episode-138-caido-tools-and-workflows/2025-09-04https://www.criticalthinkingpodcast.io/episode-137-how-we-do-ai-assisted-whitebox-review-new-cspt-gadgets-and-tools-from-slcyber/2025-08-28https://www.criticalthinkingpodcast.io/episode-136-hacking-cluely-ai-prod-sec-and-how-to-not-get-sued-with-jack-cable/2025-08-21https://www.criticalthinkingpodcast.io/episode-135-akamais-ryan-barnett-on-wafs-unicode-confusables-and-triage-stories/2025-08-14https://www.criticalthinkingpodcast.io/episode-134-xbow-ai-hacking-agent-and-human-in-the-loop-with-diego-djurado/2025-08-04https://www.criticalthinkingpodcast.io/episode-133-building-hacker-communities-bug-bounty-village-getdisclosed-and-the-lhe-squad/2025-07-31https://www.criticalthinkingpodcast.io/episode-132-archive-testing-methodology-with-mathias-karlsson/2025-07-24https://www.criticalthinkingpodcast.io/episode-131-christmas-in-july-hacking-style-sl-cyber-writeups-bug-bounty-metastrategy-and-orphan/2025-07-17https://www.criticalthinkingpodcast.io/episode-130-minecraft-hacks-to-google-hacking-star-valentino/2025-07-10https://www.criticalthinkingpodcast.io/episode-129-is-this-how-bug-bounty-ends/2025-07-03https://www.criticalthinkingpodcast.io/episode-128-new-research-in-blind-ssrf-and-self-xss-and-how-to-architect-source-code-review-ai-bot/2025-06-26https://www.criticalthinkingpodcast.io/episode-127-drama-pdf-as-js-chaos-bounty-profile-apps-and-more/2025-06-19https://www.criticalthinkingpodcast.io/episode-126-hacking-ai-series-vulnus-ex-machina-part-3/2025-06-12https://www.criticalthinkingpodcast.io/episode-125-how-to-win-live-hacking-events/2025-06-05https://www.criticalthinkingpodcast.io/episode-124-bug-bounty-lifestyle-less-hacking-time/2025-05-29https://www.criticalthinkingpodcast.io/episode-123-hacking-ai-series-vulnus-ex-machina-part-2/2025-05-23https://www.criticalthinkingpodcast.io/episode-122-we-won-googles-ai-hacking-event-in-tokyo-main-takeaways/2025-05-15https://www.criticalthinkingpodcast.io/episode-121-slonsers-image-injection-0-day-ato-new-caido-collab-plugin/2025-05-08https://www.criticalthinkingpodcast.io/episode-120-spaceraccoon-from-day-zero-to-zero-day/2025-05-01https://www.criticalthinkingpodcast.io/episode-119-abusing-iframes-from-a-client-side-hacker/2025-04-17https://www.criticalthinkingpodcast.io/episode-118-hacking-happy-hour-0days-on-tap-and-sqli-shots/2025-04-10https://www.criticalthinkingpodcast.io/hacking-ai-series-vulnus-ex-machina-part-1/2025-04-03https://www.criticalthinkingpodcast.io/episode-116-auth-bypasses-and-google-vrp-writeups/2025-03-27https://www.criticalthinkingpodcast.io/episode-115-mentee-to-career-hacker-mokusou-so-sakaguchi/2025-03-20https://www.criticalthinkingpodcast.io/episode-114-single-page-application-hacking-playbook/2025-03-13https://www.criticalthinkingpodcast.io/best-technical-takeaways-from-portswigger-top-10-2024/2025-03-06https://www.criticalthinkingpodcast.io/episode-112-interview-with-ciaran-cotter-critical-lab-researcher-h1-irish-ambassador/2025-02-27https://www.criticalthinkingpodcast.io/episode-111-how-to-bypass-dompurify-in-bug-bounty-with-kevin-mizu/2025-02-20https://www.criticalthinkingpodcast.io/episode-110-oauth-gadget-correlation-and-common-attacks/2025-02-13https://www.criticalthinkingpodcast.io/episode-109-creative-recon-alternative-techniques/2025-02-06https://www.criticalthinkingpodcast.io/episode-108-how-to-hack-salesforce-servicenow-and-other-saas-products-with-aaron-costello/2025-01-30https://www.criticalthinkingpodcast.io/episode-107-bypassing-cross-origin-browser-headers/2025-01-23https://www.criticalthinkingpodcast.io/episode-106-announcing-our-new-cohost/2025-01-16https://www.criticalthinkingpodcast.io/episode-105-best-critical-thinking-moments-from-2024/2025-01-09https://www.criticalthinkingpodcast.io/episode-104-2024-hacker-stats-2025-goals/2025-01-02https://www.criticalthinkingpodcast.io/episode-103-getting-ansi-about-unicode-normalization/2024-12-27https://www.criticalthinkingpodcast.io/episode-102-building-web-hacking-micro-agents-with-jason-haddix/2024-12-19https://www.criticalthinkingpodcast.io/episode-101-ctbb-hijacked-rez0__-on-ai-attack-vectors-with-johann-rehberger/2024-12-12https://www.criticalthinkingpodcast.io/ep-100-8-fav-bugs-of-2024-farewell-joel-hello-shift-cursor-of-hacking/2024-12-05https://www.criticalthinkingpodcast.io/episode-99-back-to-the-basics-web-fundamental-to-100k-a-year-in-bug-bounty/2024-11-28https://www.criticalthinkingpodcast.io/episode-98-team-82-sharon-brizinov-the-live-hacking-polymath/2024-11-21https://www.criticalthinkingpodcast.io/episode-97-bcrypt-hash-input-truncation-mobile-device-threat-modeling/2024-11-14https://www.criticalthinkingpodcast.io/episode-96-cookies-caching-with-matanber/2024-11-07https://www.criticalthinkingpodcast.io/episode-95-attacking-chrome-extensions-with-matanber-big-impact-on-the-client-side/2024-11-07https://www.criticalthinkingpodcast.io/episode-94-zendesk-fiasco-the-ctbb-naughty-list/2024-10-24https://www.criticalthinkingpodcast.io/episode-93-a-chat-with-dr-bouman-life-as-a-hacker-and-a-doctor/2024-10-18https://www.criticalthinkingpodcast.io/episode-92-saml-xpath-confusion-chinese-dns-poisoning-and-ai-powered-403-bypasser/2024-10-10https://www.criticalthinkingpodcast.io/episode-91-zero-to-lhe-in-9-months-feat-gr3pme/2024-10-03https://www.criticalthinkingpodcast.io/episode-90-5k-clickjacking-encryption-oracles-and-cursor-for-pocs/2024-09-26https://www.criticalthinkingpodcast.io/episode-89-the-untapped-bug-bounty-landscape-of-iot-w-matt-brown/2024-09-19https://www.criticalthinkingpodcast.io/episode-88-news-tools-and-writeups/2024-09-12https://www.criticalthinkingpodcast.io/episode-87-hacker-wife-mariah-garder-on-bug-bounty-mentality-and-relationships/2024-09-05https://www.criticalthinkingpodcast.io/episode-86-the-x-correlation-between-frans-rce-research-drop/2024-08-29https://www.criticalthinkingpodcast.io/episode-85-practical-applications-of-defcon-32-web-research/2024-08-22https://www.criticalthinkingpodcast.io/episode-84-0xlupin-takeaways-from-googles-las-vegas-bugswat/2024-08-15https://www.criticalthinkingpodcast.io/episode-83-brainstorming-proxy-plugins/2024-08-08https://www.criticalthinkingpodcast.io/episode-82-part-time-bug-bounty/2024-08-01https://www.criticalthinkingpodcast.io/episode-81-crushing-client-side-on-any-scope-with-matanber/2024-07-25https://www.criticalthinkingpodcast.io/episode-80-pwn2own-vs-h1-live-hacking-event-feat-sinsinology/2024-07-18https://www.criticalthinkingpodcast.io/episode-79-the-state-of-css-injection-leaking-text-nodes-html-attributes/2024-07-11https://www.criticalthinkingpodcast.io/episode-78-less-writing-more-hacking-reporting-efficiency-techniques/2024-07-04https://www.criticalthinkingpodcast.io/episode-77-bug-bounty-mental-practical-tips-for-staying-sharp-motivated/2024-07-04https://www.criticalthinkingpodcast.io/critical-thinking-bug-bounty-podcast/episode-76-match-replace-http-proxies-most-underrated-feature/2024-06-20https://www.criticalthinkingpodcast.io/episode-75-rerun-of-the-og-bug-bounty-king-frans-rosen/2024-06-13https://www.criticalthinkingpodcast.io/critical-thinking-bug-bounty-podcast/episode-74-supply-chain-attack-primer-popping-rce-without-an-http-request-feat-0xlupin/2024-06-06https://www.criticalthinkingpodcast.io/episode-73-sandboxed-iframes-and-waf-bypasses/2024-05-30https://www.criticalthinkingpodcast.io/episode-72-research-tldrs-smuggling-payloads-in-well-known-data-types/2024-05-23https://www.criticalthinkingpodcast.io/episode-71-more-vdp-chats-ai-bias-bounty-strats-with-keith-hoodlet/2024-05-16https://www.criticalthinkingpodcast.io/episode-70-smuggling-data-and-bypasses-all-around/2024-05-09https://www.criticalthinkingpodcast.io/episode-69-johan-carlsson-3-month-check-in-on-full-time-bug-bounty/2024-05-02https://www.criticalthinkingpodcast.io/episode-68-htmx-ss-with-mathias/2024-04-25https://www.criticalthinkingpodcast.io/episode-67-vdps-accidental-program-vs-hacker-debate-part-2/2024-04-18https://www.criticalthinkingpodcast.io/episode-66-cdn-cgi-resarch-intent-to-ship-and-louis-vuitton/2024-04-11https://www.criticalthinkingpodcast.io/episode-65-motivation-and-methodology-with-sam-curry-zlz/2024-04-04https://www.criticalthinkingpodcast.io/episode-64-net-remoting-cdn-attack-surface-and-recon-vs-main-app/2024-03-28https://www.criticalthinkingpodcast.io/episode-63-jhaddix-returns/2024-03-21https://www.criticalthinkingpodcast.io/episode-62-frontend-language-oddities/2024-03-14https://www.criticalthinkingpodcast.io/episode-61-a-hacker-on-wall-street-jr0ch17/2024-03-07https://www.criticalthinkingpodcast.io/episode-60-our-take-on-portswiggers-top-10-web-hacking-techniques-of-2023/2024-02-29https://www.criticalthinkingpodcast.io/episode-59-bug-bounty-gadget-hunting-hackers-intuition/2024-02-22https://www.criticalthinkingpodcast.io/episode-58-youssef-sammouda-client-side-ato-war-stories/2024-02-15https://www.criticalthinkingpodcast.io/episode-57-live-hacking-event-inside-scoop-h1-305/2024-02-08https://www.criticalthinkingpodcast.io/episode-56-using-data-science-to-win-bug-bounty-mayonaise-aka-jon-colston/2024-02-01https://www.criticalthinkingpodcast.io/episode-55-popping-wordpress-plugins-methodology-braindump/2024-01-25https://www.criticalthinkingpodcast.io/episode-54-white-box-formulas-vulnerable-coding-patterns/2024-01-19https://www.criticalthinkingpodcast.io/500kyr-as-full-time-bug-hunter-content-creator-nahamsec/2024-01-11https://www.criticalthinkingpodcast.io/episode-52-best-technical-content-from-year-1-of-ctbb-podcast/2024-01-04https://www.criticalthinkingpodcast.io/episode-51-hacker-stats-2023-2024-goals/2023-12-28https://www.criticalthinkingpodcast.io/episode-50-mathias-fall-in-a-well-karlsson-bug-bounty-prophet/2023-12-21https://www.criticalthinkingpodcast.io/episode-49-getting-live-hacking-event-invites-bug-bounty-collab-with-nagli/2023-12-14https://www.criticalthinkingpodcast.io/episode-48-mvh-defcon-black-badge-googler-sam-erb/2023-12-08https://www.criticalthinkingpodcast.io/episode-47-csp-research-iframe-hopping-and-client-side-shenanigans/2023-12-01https://www.criticalthinkingpodcast.io/episode-46-the-saml-ramble/2023-12-01https://www.criticalthinkingpodcast.io/episode-45-the-og-bug-bounty-king-frans-rosen/2025-02-16https://www.criticalthinkingpodcast.io/episode-44-url-parsing-auth-bypass-magic/2023-11-13https://www.criticalthinkingpodcast.io/critical-thinking-bug-bounty-podcast/episode-43-caido-the-up-and-coming-http-proxy/2023-11-03https://www.criticalthinkingpodcast.io/episode-42-renniepak-interview-intigriti-lhe-recap/2023-10-27https://www.criticalthinkingpodcast.io/episode-41-mini-masterclass-attack-vector-ideation/2023-10-19https://www.criticalthinkingpodcast.io/episode-40-bug-bounty-mentoring/2023-10-12https://www.criticalthinkingpodcast.io/episode-39-the-art-of-architectures/2023-10-12https://www.criticalthinkingpodcast.io/episode-38-mobile-hacking-maestro-sergey-toshin/2023-10-12https://www.criticalthinkingpodcast.io/episode-37-tokyo-hacking-interview-with-0xlupin/2023-09-22https://www.criticalthinkingpodcast.io/episode-36-bug-bounty-ethics-ct-exclusive-bug-reports/2023-09-18https://www.criticalthinkingpodcast.io/episode-35-king-of-collaboration-douglas-day/2023-09-07https://www.criticalthinkingpodcast.io/episode-34-program-vs-hacker-debate/2023-08-31https://www.criticalthinkingpodcast.io/episode-33-the-master-of-hacker-showtell-inti-de-ceukelaire/2023-08-30https://www.criticalthinkingpodcast.io/episode-32-the-great-write-up-low-down/2023-08-30https://www.criticalthinkingpodcast.io/episode-31-alex-chapman-the-man-of-many-crits/2023-08-30https://www.criticalthinkingpodcast.io/episode-30-recon-legend-shubs-from-burgers-to-bounties/2023-08-25https://www.criticalthinkingpodcast.io/episode-29-live-episode-with-sean-yeoh-assetnote-engineer/2023-08-30https://www.criticalthinkingpodcast.io/episode-28-surfin-with-csrfs/2023-08-25https://www.criticalthinkingpodcast.io/episode-27-top-7-esoteric-web-vulnerabilities/2023-08-30https://www.criticalthinkingpodcast.io/episode-26-client-side-quirks-browser-hacks/2023-08-29https://www.criticalthinkingpodcast.io/episode-25-2xmvh-multi-million-dollar-hacker-inhibitor181/2023-08-30https://www.criticalthinkingpodcast.io/episode-24-ai-hacking-with-daniel-miessler-and-rez0/2023-08-30https://www.criticalthinkingpodcast.io/episode-23-hacker-loadouts/2023-08-30https://www.criticalthinkingpodcast.io/episode-22-chipping-away-at-hardware-hacking/2023-08-30https://www.criticalthinkingpodcast.io/episode-21-chill-chat-with-legendary-dod-hacker-corben-leo/2023-08-30https://www.criticalthinkingpodcast.io/episode-20-hacker-brain-hacks-overcoming-bug-bountys-mental-tolls/2023-08-30https://www.criticalthinkingpodcast.io/episode-19-audit-code-earn-bounties-part-2-zip-snip-sitecore-and-more/2023-08-30https://www.criticalthinkingpodcast.io/episode-18-audit-code-earn-bounties/2023-08-30https://www.criticalthinkingpodcast.io/episode-17-la-live-chat-with-five-legendary-hackers/2023-08-30https://www.criticalthinkingpodcast.io/episode-16-the-hackers-toolkit/2023-08-30https://www.criticalthinkingpodcast.io/episode-15-the-israeli-million-dollar-hacker/2023-08-30https://www.criticalthinkingpodcast.io/episode-14-mobile-hacking-dynamic-analysis-w-frida-random-hacker-stuff/2023-11-13https://www.criticalthinkingpodcast.io/episode-13-how-to-find-a-good-bbp-acropalypse-zdi/2023-08-30https://www.criticalthinkingpodcast.io/episode-12-jhaddix-on-hacker-gthacker-ciso-og-hacking-techniques-and-crazy-reports/2023-08-30https://www.criticalthinkingpodcast.io/episode-11-cv-web-cache-deception-and-ssti/2023-08-30https://www.criticalthinkingpodcast.io/episode-10-the-life-of-a-full-time-bug-bounty-hunter-bb-news-reports-from-mentees/2023-08-30https://www.criticalthinkingpodcast.io/episode-9-headless-browser-ssrf-rebindmultia-tool-release-web3-bug/2023-08-30https://www.criticalthinkingpodcast.io/episode-8-postmessage-bugs-css-injection-and-bug-drops/2023-08-30https://www.criticalthinkingpodcast.io/episode-7-portswigger-top-10-trufflesecurity-drama-and-more/2023-08-30https://www.criticalthinkingpodcast.io/episode-6-mobile-hacking-attack-vectors-with-teknogeek-joel-margolis/2023-08-17https://www.criticalthinkingpodcast.io/episode-4-h1-407-event-madness-takeaways-part-2-w-special-guest-spaceraccoon/2023-08-17https://www.criticalthinkingpodcast.io/episode-5-ai-security-hacking-wifi-the-new-xss-hunter-and-more/2023-08-17https://www.criticalthinkingpodcast.io/episode-3-h1-407-event-madness-takeaways-part-1/2023-08-17https://www.criticalthinkingpodcast.io/episode-2-exploit-writing-automation-do-you-need-to-know-how-to-program-to-hack/2023-08-17https://www.criticalthinkingpodcast.io/episode-1-introductions-bug-bounty-reports-and-bb-tips/2023-08-17https://www.criticalthinkingpodcast.io/guests/aaron-costello/2025-01-30https://www.criticalthinkingpodcast.io/guests/alex-chapman/2024-12-05https://www.criticalthinkingpodcast.io/guests/alex-rice/2026-02-19https://www.criticalthinkingpodcast.io/guests/ariel-garcia/2025-07-31https://www.criticalthinkingpodcast.io/guests/ben-sadeghipour/2024-01-11https://www.criticalthinkingpodcast.io/guests/brandyn-murtagh/2024-10-03https://www.criticalthinkingpodcast.io/guests/c/2025-02-27https://www.criticalthinkingpodcast.io/guests/ciaran-cotter/2025-02-27https://www.criticalthinkingpodcast.io/guests/darby-hopkins/2026-01-29https://www.criticalthinkingpodcast.io/guests/diego-jurado/2025-08-04https://www.criticalthinkingpodcast.io/guests/douglas-day/2023-10-04https://www.criticalthinkingpodcast.io/guests/dr-jonathan-bouman/2024-10-18https://www.criticalthinkingpodcast.io/guests/emile-fugulin/2023-11-03https://www.criticalthinkingpodcast.io/guests/eugene-lim-1/2025-05-01https://www.criticalthinkingpodcast.io/guests/eugene-lim/2025-05-01https://www.criticalthinkingpodcast.io/guests/frans-rosen-1/2024-06-13https://www.criticalthinkingpodcast.io/guests/harley-kimball/2025-07-31https://www.criticalthinkingpodcast.io/guests/hypr/2026-01-15https://www.criticalthinkingpodcast.io/guests/jack-cable/2025-08-21https://www.criticalthinkingpodcast.io/guests/james-kettle/2025-09-12https://www.criticalthinkingpodcast.io/guests/jasmin-landry/2024-03-07https://www.criticalthinkingpodcast.io/guests/jason-haddix/2024-03-21https://www.criticalthinkingpodcast.io/guests/johan-carlsson/2024-05-02https://www.criticalthinkingpodcast.io/guests/johann-rehberger/2024-12-12https://www.criticalthinkingpodcast.io/guests/jonathan-dunn/2026-04-02https://www.criticalthinkingpodcast.io/guests/jon-colston/2024-02-01https://www.criticalthinkingpodcast.io/guests/joseph-thacker-1/2024-12-05https://www.criticalthinkingpodcast.io/guests/keith-hoodlet/2024-05-16https://www.criticalthinkingpodcast.io/guests/kevin/2025-02-20https://www.criticalthinkingpodcast.io/guests/kevin-mizu/2025-02-20https://www.criticalthinkingpodcast.io/guests/matanber/2024-07-25https://www.criticalthinkingpodcast.io/guests/mathias-karlsson/2023-12-21https://www.criticalthinkingpodcast.io/guests/matt-brown/2024-09-19https://www.criticalthinkingpodcast.io/guests/michael-cote/2026-01-29https://www.criticalthinkingpodcast.io/guests/nagli/2024-12-05https://www.criticalthinkingpodcast.io/guests/nick-copi/2025-09-25https://www.criticalthinkingpodcast.io/guests/rene-de-sain-renni/2023-10-10https://www.criticalthinkingpodcast.io/guests/roni-carta/2024-06-06https://www.criticalthinkingpodcast.io/guests/ryan-barnett/2025-08-14https://www.criticalthinkingpodcast.io/guests/sam-curry/2024-04-04https://www.criticalthinkingpodcast.io/guests/sam-erb/2023-12-07https://www.criticalthinkingpodcast.io/guests/sasi-levi/2025-12-11https://www.criticalthinkingpodcast.io/guests/sharon-brizinov/2024-11-21https://www.criticalthinkingpodcast.io/guests/shubs/2024-12-05https://www.criticalthinkingpodcast.io/guests/sina-kheirkhah/2024-07-18https://www.criticalthinkingpodcast.io/guests/so/2025-03-20https://www.criticalthinkingpodcast.io/guests/so-sakaguchi/2025-03-20https://www.criticalthinkingpodcast.io/guests/tommy-devoss/2026-03-05https://www.criticalthinkingpodcast.io/guests/valentino/2025-07-10https://www.criticalthinkingpodcast.io/guests/valeriy-shevchenko/2026-03-26https://www.criticalthinkingpodcast.io/guests/vitor-falcao/2025-10-16https://www.criticalthinkingpodcast.io/guests/youssef-sammouda/2024-02-15https://www.criticalthinkingpodcast.io/guests/zak-bennett/2025-05-15https://www.criticalthinkingpodcast.io/people/justin-gardner-rhy/2023-10-04https://www.criticalthinkingpodcast.io/people/joseph-thacker-rez/2025-02-13https://www.criticalthinkingpodcast.io/100th-episode-giveaways/2026-02-11https://www.criticalthinkingpodcast.io/critical-research-lab/2026-02-11https://www.criticalthinkingpodcast.io/critical-thinking-referral-program/2026-02-11https://www.criticalthinkingpodcast.io/cashout/2026-02-11https://www.criticalthinkingpodcast.io/discord-landing/2026-03-02https://www.criticalthinkingpodcast.io/full-time-hunters-guild/2026-02-11https://www.criticalthinkingpodcast.io/how-to-go-full-time-bug-bounty/2026-02-11https://www.criticalthinkingpodcast.io/whoami/2026-02-11https://www.criticalthinkingpodcast.io/wf/2026-02-11https://www.criticalthinkingpodcast.io/follow/2026-03-02https://www.criticalthinkingpodcast.io/episodes/2026-03-02https://www.criticalthinkingpodcast.io/reviews/2026-03-02https://www.criticalthinkingpodcast.io/contact/2026-03-02https://www.criticalthinkingpodcast.io/about/2026-03-02https://www.criticalthinkingpodcast.io/videos/2026-03-02https://www.criticalthinkingpodcast.io/videos/csrfing-on-some-audio-waves/2026-04-02https://www.criticalthinkingpodcast.io/videos/xssdoctor-client-side-path-traversal-research-ep168/2026-04-02https://www.criticalthinkingpodcast.io/videos/trying-some-iot-hacking-is-definitely-worth-your-time/2026-03-31https://www.criticalthinkingpodcast.io/videos/rez0-told-us-everything-about-his-claude-hacking-agents/2026-03-30https://www.criticalthinkingpodcast.io/videos/postmessagego-brrrrr/2026-03-27https://www.criticalthinkingpodcast.io/videos/stealing-bugs-with-valeriy-shevchenko-ep-167/2026-03-26https://www.criticalthinkingpodcast.io/videos/if-a-key-is-undefined-do-we-need-to-send-it/2026-03-25https://www.criticalthinkingpodcast.io/videos/the-unexplainable-180k-bug-that-bought-him-a-gtr/2026-03-23https://www.criticalthinkingpodcast.io/videos/and-theres-still-no-such-thing-as-a-secure-system/2026-03-20https://www.criticalthinkingpodcast.io/videos/building-claude-skills-as-a-bug-bounty-hunter-ep-166/2026-03-19https://www.criticalthinkingpodcast.io/videos/new-feature-head-start-if-you-know-the-target-well-enough/2026-03-17https://www.criticalthinkingpodcast.io/videos/the-easiest-way-to-500k-a-year-is/2026-03-13https://www.criticalthinkingpodcast.io/videos/bad-reproduction-steps-can-cost-you-money/2026-03-12https://www.criticalthinkingpodcast.io/videos/protobuf-hacking-ai-powered-bug-hunting-and-self-improving-claude-workflows-ep-165/2026-03-12https://www.criticalthinkingpodcast.io/videos/1-byte-diff-leaking-cross-site-data/2026-03-11https://www.criticalthinkingpodcast.io/videos/stable-income-or-higher-highs-and-lower-lows/2026-03-09https://www.criticalthinkingpodcast.io/videos/why-did-hackerone-decrease-its-bounties/2026-03-08https://www.criticalthinkingpodcast.io/videos/is-h1-using-our-reports-to-train-llms/2026-03-06https://www.criticalthinkingpodcast.io/videos/tommy-devoss-from-black-hat-to-bug-bounty-legend-ep-164/2026-03-05https://www.criticalthinkingpodcast.io/videos/if-theres-a-vuln-move-the-camera/2026-03-04https://www.criticalthinkingpodcast.io/videos/why-is-ai-training-in-hackerones-terms-is-it-still-there/2026-03-03https://www.criticalthinkingpodcast.io/videos/taking-over-someones-alexa-with-a-laser/2026-03-02https://www.criticalthinkingpodcast.io/videos/how-many-devices-a-pro-hardware-hacker-needs/2026-02-28https://www.criticalthinkingpodcast.io/videos/hardware-flaw-vs-software-flaw-in-hardware/2026-02-27https://www.criticalthinkingpodcast.io/videos/best-technical-takeaways-from-portswigger-top-10-2025-ep-163/2026-02-26https://www.criticalthinkingpodcast.io/videos/the-bug-bounty-maturity-framework-can-really-take-programs-to-the-next-level/2026-02-25https://www.criticalthinkingpodcast.io/videos/special-skills-special-bounties/2026-02-24https://www.criticalthinkingpodcast.io/videos/incremental-idors-are-common-bet-youve-never-seen-incremental-tokens/2026-02-21https://www.criticalthinkingpodcast.io/videos/hackerone-training-ai-on-bug-bounty-data-ep-162/2026-02-19https://www.criticalthinkingpodcast.io/videos/an-exploit-made-in-heaven/2026-02-18https://www.criticalthinkingpodcast.io/videos/innerhtml-can-make-your-xss-run/2026-02-15https://www.criticalthinkingpodcast.io/videos/is-it-even-a-bypass-if-they-left-you-an-extra-key/2026-02-14https://www.criticalthinkingpodcast.io/videos/cross-consumer-attacks-dtmf-tone-exfil-ep-161/2026-02-12https://www.criticalthinkingpodcast.io/videos/null-origin-iframe-trick/2026-02-12https://www.criticalthinkingpodcast.io/videos/this-makes-no-sense-at-all-but-thanks-chrome/2026-02-10https://www.criticalthinkingpodcast.io/videos/wafs-cannot-win-this-battle/2026-02-08https://www.criticalthinkingpodcast.io/videos/did-you-know-that-java-annotations-run-at-compile-time/2026-02-07https://www.criticalthinkingpodcast.io/videos/cloudflare-zero-days-mail-unsubscribing-for-xss-ep160/2026-02-05https://www.criticalthinkingpodcast.io/videos/dns-record-doesnt-exist-but-the-next-does/2026-02-04https://www.criticalthinkingpodcast.io/videos/lesson-learned-old-tech-deserves-a-hack-too/2026-02-02https://www.criticalthinkingpodcast.io/videos/pwning-in-3-minutes-reverse-imposter-syndrome/2026-01-31https://www.criticalthinkingpodcast.io/videos/avoiding-downgrades-on-google-cloud-vrp-with-michael-cote-and-darby-hopkins-ep-159/2026-01-29https://www.criticalthinkingpodcast.io/videos/supporting-the-git-scheme-enables-so-much/2026-01-28https://www.criticalthinkingpodcast.io/videos/hacking-ai-can-be-more-than-convincing-it-to-get-hacked/2026-01-26https://www.criticalthinkingpodcast.io/videos/give-me-2-ways-of-doing-something-ill-find-the-third/2026-01-25https://www.criticalthinkingpodcast.io/videos/300k-meta-client-side-bugs-10hr-marathon-hack-along-recap-ep-158/2026-01-22https://www.criticalthinkingpodcast.io/videos/arbitrary-file-read-as-a-service/2026-01-20https://www.criticalthinkingpodcast.io/videos/policy-level-mitigation-strats/2026-01-19https://www.criticalthinkingpodcast.io/videos/my-kids-friends-think-im-a-criminal/2026-01-17https://www.criticalthinkingpodcast.io/videos/crushing-pwn2own-h1-with-kernel-driver-exploits-ep-157/2026-01-16https://www.criticalthinkingpodcast.io/videos/conditional-breakpoints-are-underrated/2026-01-15https://www.criticalthinkingpodcast.io/videos/break-the-schools-safety-app-for-good-reasons/2026-01-13https://www.criticalthinkingpodcast.io/videos/pro-tip-for-js-analysis-with-ai/2026-01-11https://www.criticalthinkingpodcast.io/videos/justin-was-using-ffuf-like-a-caveman/2026-01-09https://www.criticalthinkingpodcast.io/videos/chill-ama-from-bugbountyforum-ep-156/2026-01-09https://www.criticalthinkingpodcast.io/videos/how-to-get-fired-as-a-pentester/2026-01-07https://www.criticalthinkingpodcast.io/videos/2025-hacker-stats-2026-goals-ep-155/2026-01-02https://www.criticalthinkingpodcast.io/videos/16yo-gr3pme-accidentally-killed-the-server/2026-01-01https://www.criticalthinkingpodcast.io/videos/a-hack-that-should-only-exist-in-games/2025-12-30https://www.criticalthinkingpodcast.io/videos/admin-here-no-alert-needed/2025-12-27https://www.criticalthinkingpodcast.io/videos/starting-a-pentesting-company-on-top-of-bug-bounty-ep-154/2025-12-25https://www.criticalthinkingpodcast.io/videos/zero-interaction-full-cameramic-access-whats-the-scariest-bug-youve-ever-found/2025-12-24https://www.criticalthinkingpodcast.io/videos/this-makes-you-a-better-hacking-partner/2025-12-22https://www.criticalthinkingpodcast.io/videos/better-target-insight-easier-hacks/2025-12-20https://www.criticalthinkingpodcast.io/videos/hacking-the-robots-of-the-future-hardware-ai-and-bug-bounties-with-matt-brown-ep153/2025-12-18https://www.criticalthinkingpodcast.io/videos/never-too-late-to-start-a-good-habit/2025-12-15https://www.criticalthinkingpodcast.io/videos/pay-attention-to-these-details-to-be-a-better-hacker-take-better-notes/2025-12-14https://www.criticalthinkingpodcast.io/videos/cool-syntax-confusion-tips-from-ywh/2025-12-12https://www.criticalthinkingpodcast.io/videos/geminijack-and-agentic-security-with-sasi-levi-ep-152/2025-12-11https://www.criticalthinkingpodcast.io/videos/reality-check-on-going-full-time-on-bug-bounty/2025-12-10https://www.criticalthinkingpodcast.io/videos/ai-bugs-can-be-so-simple-they-feel-wrong/2025-12-09https://www.criticalthinkingpodcast.io/videos/sneak-peek-at-what-its-like-to-be-rhynos-mentee/2025-12-06https://www.criticalthinkingpodcast.io/videos/client-side-advanced-topics-ep-151/2025-12-04https://www.criticalthinkingpodcast.io/videos/client-vs-server-side-which-one-is-your-favourite/2025-12-03https://www.criticalthinkingpodcast.io/videos/this-is-how-a-hacker-gets-their-handle/2025-12-02https://www.criticalthinkingpodcast.io/videos/50-bonus-on-a-critical-vuln-busfactor-minified-javascript/2025-11-29https://www.criticalthinkingpodcast.io/videos/aspnet-mvc-patterns-popping-oracle-identity-and-esoteric-subdomain-enumeration-ep-150/2025-11-27https://www.criticalthinkingpodcast.io/videos/smuggling-from-url-hash-directly-into-an-event-handler/2025-11-25https://www.criticalthinkingpodcast.io/videos/the-god-token-whos-going-to-find-the-next-one/2025-11-23https://www.criticalthinkingpodcast.io/videos/when-the-context-bypasses-the-waf-for-you/2025-11-22https://www.criticalthinkingpodcast.io/videos/the-meta-for-performing-at-live-hacking-events/2025-11-21https://www.criticalthinkingpodcast.io/videos/defcon-breakdown-wildcards-passkeys-and-dom-clobbering-and-more-ep-149/2025-11-20https://www.criticalthinkingpodcast.io/videos/over-50-of-the-reports-by-himself-were-so-proud-of-you-brandyn/2025-11-19https://www.criticalthinkingpodcast.io/videos/promisqroute-is-a-new-technique-to-jailbreak-llms-by-triggering-downgrade/2025-11-18https://www.criticalthinkingpodcast.io/videos/this-means-we-can-all-create-our-own-hackbots-right-now/2025-11-16https://www.criticalthinkingpodcast.io/videos/mcp-hacking-guide-ep-148/2025-11-13https://www.criticalthinkingpodcast.io/videos/reverse-engineering-cves-with-ai-this-is-a-hackers-dream/2025-11-11https://www.criticalthinkingpodcast.io/videos/clientserver-balance-does-not-exist-when-everything-runs-on-the-client-cool-bug/2025-11-09https://www.criticalthinkingpodcast.io/videos/being-a-full-time-hunter-does-not-have-to-mean-8h-of-bug-bounty-per-day/2025-11-07https://www.criticalthinkingpodcast.io/videos/stupid-simple-hacking-workflow-tips-ep-147/2025-11-06https://www.criticalthinkingpodcast.io/videos/the-struggle-of-stripping-down-a-payload-we-all-love/2025-11-05https://www.criticalthinkingpodcast.io/videos/comparing-gadget-linking-with-redstone-kinda-makes-sense/2025-11-04https://www.criticalthinkingpodcast.io/videos/imagine-being-so-good-that-bugs-find-you/2025-11-03https://www.criticalthinkingpodcast.io/videos/7urb0-hacked-the-pod-instead-of-prepping-for-it/2025-11-01https://www.criticalthinkingpodcast.io/videos/executing-code-from-a-yaml-file/2025-10-31https://www.criticalthinkingpodcast.io/videos/hacker-horror-stories-halloween-special-ep-146/2025-10-30https://www.criticalthinkingpodcast.io/videos/fancytracker-is-justins-new-favourite-tool-to-detect-postmessage-listeners/2025-10-28https://www.criticalthinkingpodcast.io/critical-thinking-bug-bounty-podcast/videos/great-post-by-jorian-you-can-find-this-post-and-a-lot-more-at-httpslabctbbshow/2025-10-26https://www.criticalthinkingpodcast.io/videos/the-secret-is-to-not-quit/2025-10-25https://www.criticalthinkingpodcast.io/videos/gr3pmes-secret-bug-bounty-note-taking-methodology-ep-145/2025-10-23https://www.criticalthinkingpodcast.io/videos/sharing-knowledge-helps-the-community-grow/2025-10-21https://www.criticalthinkingpodcast.io/videos/h1-hacker-milestone-rewards-lets-get-them-all/2025-10-20https://www.criticalthinkingpodcast.io/videos/googles-top-ai-hackers-busfactor-and-monke-ep-144/2025-10-16https://www.criticalthinkingpodcast.io/videos/your-worst-mistake-is-not-trying/2025-10-15https://www.criticalthinkingpodcast.io/videos/how-james-pwned-akamai-theres-so-much-cool-stuff-in-old-research-papers/2025-10-14https://www.criticalthinkingpodcast.io/videos/a-look-into-james-thought-process-and-methodology-what-a-masterclass/2025-10-13https://www.criticalthinkingpodcast.io/videos/sharing-knowledge-is-the-best-way-to-learn/2025-10-11https://www.criticalthinkingpodcast.io/videos/how-james-kettles-desync-research-started/2025-10-09https://www.criticalthinkingpodcast.io/videos/new-cohost-client-side-gadgets-lhe-meta-instant-global-admin-in-entra-ep-143/2025-10-09https://www.criticalthinkingpodcast.io/videos/caido-tricks-highlighting-top-level-navigation/2025-10-06https://www.criticalthinkingpodcast.io/videos/caido-tricks-never-worry-about-updating-your-cookies-again/2025-10-04https://www.criticalthinkingpodcast.io/videos/caido-tricks-search-only-recent-requests/2025-10-03https://www.criticalthinkingpodcast.io/videos/gr3pmes-full-time-hunting-journey-update-insane-ai-research-and-some-light-news-ep-142/2025-10-02https://www.criticalthinkingpodcast.io/videos/caido-tricks-drop-your-friends-a-bug/2025-10-01https://www.criticalthinkingpodcast.io/videos/caido-tricks-command-palette-and-workflows/2025-09-30https://www.criticalthinkingpodcast.io/videos/this-is-how-you-become-a-true-ai-master/2025-09-27https://www.criticalthinkingpodcast.io/videos/hacking-the-pod-google-docs-0-day-react-createelement-exploits-with-nick-copi-7urb0-ep-141/2025-09-25https://www.criticalthinkingpodcast.io/videos/just-a-sick-hackery-way-of-using-ai/2025-09-25https://www.criticalthinkingpodcast.io/videos/you-should-not-be-afraid-of-hacking-google/2025-09-23https://www.criticalthinkingpodcast.io/videos/exploiting-an-impossible-cache-deception-with-cspt/2025-09-21https://www.criticalthinkingpodcast.io/videos/crit-research-lab-update-client-side-tricks-galore-ep-140/2025-09-18https://www.criticalthinkingpodcast.io/videos/35k-for-a-universal-transferable-jailbreak/2025-09-18https://www.criticalthinkingpodcast.io/videos/wafs-vs-payloads-this-battle-win-never-end/2025-09-15https://www.criticalthinkingpodcast.io/videos/ryans-self-inflicted-xss/2025-09-13https://www.criticalthinkingpodcast.io/videos/james-kettle-pwning-in-prod-how-to-do-web-security-research-ep-139/2025-09-11https://www.criticalthinkingpodcast.io/videos/wafs-live-in-a-sources-world-bug-hunters-live-in-a-sinks-world/2025-09-10https://www.criticalthinkingpodcast.io/videos/should-programs-let-us-hack-without-wafs/2025-09-09https://www.criticalthinkingpodcast.io/videos/caido-tools-and-workflows-ep-138/2025-09-04https://www.criticalthinkingpodcast.io/videos/giving-up-because-of-ai-think-again/2025-09-02https://www.criticalthinkingpodcast.io/critical-thinking-bug-bounty-podcast/videos/are-we-heading-to-a-hackerless-hacking-future-full-episode-httpsyoutuberva8ibyogj0/2025-08-31https://www.criticalthinkingpodcast.io/critical-thinking-bug-bounty-podcast/videos/we-can-finally-see-the-intelligence-in-ai-watch-the-episode-here-httpsyoutuberva8ibyogj0/2025-08-30https://www.criticalthinkingpodcast.io/videos/how-we-do-ai-assisted-whitebox-review-new-cspt-ep-137/2025-08-28https://www.criticalthinkingpodcast.io/critical-thinking-bug-bounty-podcast/videos/how-xbow-works-is-incredible-watch-the-episode-here-httpsyoutuberva8ibyogj0/2025-08-27https://www.criticalthinkingpodcast.io/critical-thinking-bug-bounty-podcast/videos/xbow-url-attack-type-hack-watch-the-episode-here-httpsyoutuberva8ibyogj0/2025-08-26https://www.criticalthinkingpodcast.io/videos/hacking-cluely-ai-prod-sec-and-how-to-not-get-sued-with-jack-cable-ep-136/2025-08-21https://www.criticalthinkingpodcast.io/videos/helping-yall-is-what-keeps-us-going/2025-08-20https://www.criticalthinkingpodcast.io/critical-thinking-bug-bounty-podcast/videos/from-dupes-to-making-a-living-from-bug-bounties-full-episode-httpsyoutubeni-exmlxma4/2025-08-18https://www.criticalthinkingpodcast.io/videos/have-you-tried-their-ctf-at-defcon-tell-us-how-you-did/2025-08-16https://www.criticalthinkingpodcast.io/videos/akamais-ryan-barnett-on-wafs-unicode-confusables-and-triage-stories-ep-135/2025-08-15https://www.criticalthinkingpodcast.io/videos/this-is-how-and-why-the-bug-bounty-village-was-created/2025-08-13https://www.criticalthinkingpodcast.io/videos/xbow-ai-hacking-agent-and-human-in-the-loop-with-diego-jurado-ep-134/2025-08-05https://www.criticalthinkingpodcast.io/videos/command-injection-in-vertex-ai/2025-08-03https://www.criticalthinkingpodcast.io/videos/the-ai-infinite-money-glitch/2025-08-02https://www.criticalthinkingpodcast.io/videos/building-hacker-communities-bug-bounty-village-getdisclosed-and-the-lhe-squad-ep-133/2025-07-31https://www.criticalthinkingpodcast.io/videos/free-after-use-or-web-cache-deception/2025-07-29https://www.criticalthinkingpodcast.io/videos/nesting-tags-to-break-sanitisers/2025-07-28https://www.criticalthinkingpodcast.io/videos/hacker-x-ai-vs-hacker-ai/2025-07-26https://www.criticalthinkingpodcast.io/videos/exploiting-fetchlater-with-redirect-chaining/2025-07-25https://www.criticalthinkingpodcast.io/videos/archive-testing-methodology-with-mathias-karlsson-ep132/2025-07-24https://www.criticalthinkingpodcast.io/videos/clever-way-to-weaponise-ai-retrieval-systems/2025-07-22https://www.criticalthinkingpodcast.io/videos/obs-websockets-to-rce-research/2025-07-21https://www.criticalthinkingpodcast.io/videos/this-is-how-you-bypass-ip-allow-lists/2025-07-19https://www.criticalthinkingpodcast.io/videos/reverse-engineering-json-request-bodies-with-caido-shift/2025-07-18https://www.criticalthinkingpodcast.io/videos/sl-cyber-writeups-metastrategy-orphaned-github-commits-ep-131/2025-07-17https://www.criticalthinkingpodcast.io/videos/url-normalization-gone-wrong/2025-07-11https://www.criticalthinkingpodcast.io/videos/minecraft-hacks-to-google-hacking-star-valentino-ep-130/2025-07-10https://www.criticalthinkingpodcast.io/videos/the-ultimate-double-clickjacking-poc/2025-07-09https://www.criticalthinkingpodcast.io/videos/sometimes-all-you-have-to-do-is-ask-and-its-not-the-first-time-we-say-this/2025-07-07https://www.criticalthinkingpodcast.io/videos/hack-rest-reset-peak-performance/2025-07-06https://www.criticalthinkingpodcast.io/videos/you-need-to-see-this-uuid-trick/2025-07-04https://www.criticalthinkingpodcast.io/videos/is-this-how-bug-bounty-ends-ep-129/2025-07-03https://www.criticalthinkingpodcast.io/videos/this-is-what-full-time-bug-bounty-really-means/2025-06-30https://www.criticalthinkingpodcast.io/videos/poc-embedding-pages-data-theft/2025-06-26https://www.criticalthinkingpodcast.io/videos/new-research-in-blind-ssrf-and-self-xss-and-how-to-architect-source-code-review-ai-bots-ep-128/2025-06-26https://www.criticalthinkingpodcast.io/videos/csrf-command-execution-in-mcp/2025-06-24https://www.criticalthinkingpodcast.io/videos/drama-pdf-as-js-chaos-bounty-profile-apps-and-more-ep-127/2025-06-19https://www.criticalthinkingpodcast.io/videos/hacking-ai-series-vulnus-ex-machina-part-3-ep-126/2025-06-12https://www.criticalthinkingpodcast.io/videos/how-to-win-live-hacking-events-ep-125/2025-06-06https://www.criticalthinkingpodcast.io/videos/balancing-bug-bounty-freedom-with-hacking-time-ep-124/2025-05-30https://www.criticalthinkingpodcast.io/videos/hacking-ai-series-vulnus-ex-machina-part-2-ep123/2025-05-23https://www.criticalthinkingpodcast.io/videos/just-patch-the-binary-what-the/2025-05-17https://www.criticalthinkingpodcast.io/videos/watch-learn-looking-back-at-the-aws-event/2025-05-16https://www.criticalthinkingpodcast.io/videos/we-won-googles-ai-hacking-event-in-tokyo-main-takeaways-ep122/2025-05-15https://www.criticalthinkingpodcast.io/videos/bring-back-full-disclosure/2025-05-13https://www.criticalthinkingpodcast.io/videos/slonsers-image-injection-0-day-ato-new-caido-collab-plugin-ep-121/2025-05-08https://www.criticalthinkingpodcast.io/videos/spaceraccoon-from-day-zero-to-zero-day-ep120/2025-05-01https://www.criticalthinkingpodcast.io/videos/abusing-iframes-from-a-client-side-hacker-ep-119/2025-04-17https://www.criticalthinkingpodcast.io/videos/hacking-happy-hour-0days-on-tap-and-sqli-shots-ep-118/2025-04-14https://www.criticalthinkingpodcast.io/videos/vulnus-ex-machina-ai-hacking-part-1-ep-117/2025-04-14https://www.criticalthinkingpodcast.io/videos/auth-bypasses-and-google-vrp-writeups-ep-116/2025-04-14https://www.criticalthinkingpodcast.io/videos/mentee-to-career-hacker-mokusou-so-sakaguchi-ep-115/2025-04-14https://www.criticalthinkingpodcast.io/videos/trick-for-popping-xss-on-ai-apps/2025-03-17https://www.criticalthinkingpodcast.io/videos/ai-hacking-kinda-feels-like-social-engineering/2025-03-16https://www.criticalthinkingpodcast.io/videos/clever-trick-for-bypassing-sop/2025-03-16https://www.criticalthinkingpodcast.io/videos/single-page-application-hacking-playbook-ep-114/2025-03-13https://www.criticalthinkingpodcast.io/videos/polluting-llm-memory-for-future-exploits/2025-03-12https://www.criticalthinkingpodcast.io/videos/playing-with-dompurifys-text-output/2025-03-10https://www.criticalthinkingpodcast.io/videos/ep-113-best-technical-takeaways-from-portswigger-top-10-2024/2025-03-06https://www.criticalthinkingpodcast.io/videos/a-shortcut-for-inspecting-the-sanitize-function/2025-03-03https://www.criticalthinkingpodcast.io/videos/bug-bounty-101-identifying-dompurify-in-blind-scenarios/2025-03-01https://www.criticalthinkingpodcast.io/videos/ep-112-interview-with-ciaran-cotter-monkehack-critical-lab-researcher-and-full-time-hunter/2025-03-01https://www.criticalthinkingpodcast.io/videos/google-is-hard-to-hack-but-thats-exactly-why-its-worth-trying/2025-03-01https://www.criticalthinkingpodcast.io/videos/treating-public-client-keys-as-secret-keys-great-idea/2025-02-25https://www.criticalthinkingpodcast.io/videos/our-community-is-truly-the-best/2025-02-24https://www.criticalthinkingpodcast.io/videos/tracking-oauth-tokens-backwards/2025-02-22https://www.criticalthinkingpodcast.io/videos/ep-111-how-to-bypass-dompurify-in-bug-bounty-with-kevin-mizu/2025-02-20https://www.criticalthinkingpodcast.io/videos/bug-drop-xssdoctors-sick-xss-chain/2025-02-20https://www.criticalthinkingpodcast.io/videos/ep-110-oauth-gadget-correlation-and-common-attacks/2025-02-13https://www.criticalthinkingpodcast.io/videos/cookie-bombing-of-course-hahah/2025-02-10https://www.criticalthinkingpodcast.io/videos/just-get-intimate-with-the-app/2025-02-08https://www.criticalthinkingpodcast.io/videos/ep-109-creative-recon-alternative-techniques/2025-02-07https://www.criticalthinkingpodcast.io/videos/exploiting-saas-misconfigurations/2025-02-06https://www.criticalthinkingpodcast.io/videos/ep-108-how-to-hack-salesforce-servicenow-and-other-saas-products-with-aaron-costello/2025-01-30https://www.criticalthinkingpodcast.io/videos/bypassing-cross-origin-browser-headers-ep-107/2025-01-23https://www.criticalthinkingpodcast.io/videos/announcing-our-new-cohost-ep-106/2025-01-16https://www.criticalthinkingpodcast.io/videos/best-moments-of-2024-on-the-pod-ep-105/2025-01-09https://www.criticalthinkingpodcast.io/videos/the-secret-to-knowing-what-and-when-to-learn/2025-01-05https://www.criticalthinkingpodcast.io/videos/concealing-payloads-in-url-credentials/2025-01-03https://www.criticalthinkingpodcast.io/videos/2024-hacker-stats-2025-goals-ep-104/2025-01-02https://www.criticalthinkingpodcast.io/videos/missing-browser-prompts-big-bounties/2024-12-31https://www.criticalthinkingpodcast.io/videos/this-bcrypt-thing-is-insane/2024-12-29https://www.criticalthinkingpodcast.io/videos/getting-ansi-about-unicode-normalization-ep-105/2024-12-28https://www.criticalthinkingpodcast.io/videos/getting-ansi-about-unicode-normalization-ep-104/2024-12-27https://www.criticalthinkingpodcast.io/videos/xss-via-the-shared-cache-in-service-workers-with-matan-berson/2024-12-27https://www.criticalthinkingpodcast.io/videos/getting-ansi-about-unicode-normalization-ep-103/2024-12-26https://www.criticalthinkingpodcast.io/videos/the-character-that-broke-safaris-cookies/2024-12-25https://www.criticalthinkingpodcast.io/videos/have-you-heard-of-the-cookie-value-to-key-trick/2024-12-23https://www.criticalthinkingpodcast.io/videos/chrome-extensions-101-with-justin-and-matan/2024-12-21https://www.criticalthinkingpodcast.io/videos/building-web-hacking-micro-agents-with-jason-haddix-ep-102/2024-12-20https://www.criticalthinkingpodcast.io/videos/weaponizing-browser-extensions-via-xss/2024-12-15https://www.criticalthinkingpodcast.io/videos/beyond-the-isolated-world-of-the-closed-shadow-dom/2024-12-14https://www.criticalthinkingpodcast.io/videos/need-more-attack-surface-try-this/2024-12-13https://www.criticalthinkingpodcast.io/videos/ai-attack-vectors-ctbb-hijacked-rez0__-and-johann-ep-101/2024-12-13https://www.criticalthinkingpodcast.io/videos/crazy-simple-chrome-extension-web-accessibility-quirk-120k/2024-12-12https://www.criticalthinkingpodcast.io/videos/8-fav-bugs-of-2024-farewell-joel-hello-shift-cursor-of-hacking-ep-100/2024-12-06https://www.criticalthinkingpodcast.io/videos/zendesks-public-facepalm/2024-12-01https://www.criticalthinkingpodcast.io/videos/the-program-hall-of-shame-yay-or-nay/2024-11-29https://www.criticalthinkingpodcast.io/videos/back-to-the-basics-web-fundamental-to-100k-a-year-in-bug-bounty-ep-99/2024-11-29https://www.criticalthinkingpodcast.io/videos/whats-the-point-of-tattoos-if-you-cant-show-them-off/2024-11-27https://www.criticalthinkingpodcast.io/videos/have-you-heard-the-hackerone-cake-story/2024-11-25https://www.criticalthinkingpodcast.io/videos/amazon-told-me-to-book-a-better-hotel-room/2024-11-24https://www.criticalthinkingpodcast.io/videos/why-i-cant-stop-hacking-amazon/2024-11-22https://www.criticalthinkingpodcast.io/videos/team-82-sharon-brizinov-the-live-hacking-polymath-ep-98/2024-11-22https://www.criticalthinkingpodcast.io/videos/can-eating-carrots-make-you-a-better-hacker/2024-11-20https://www.criticalthinkingpodcast.io/videos/how-i-was-knighted-by-amazon-yes-really/2024-11-18https://www.criticalthinkingpodcast.io/videos/bcrypt-hash-input-truncation-mobile-device-threat-modeling-ep-97/2024-11-15https://www.criticalthinkingpodcast.io/videos/cookies-caching-with-matanber-ep-96/2024-11-07https://www.criticalthinkingpodcast.io/videos/why-you-must-review-xpath-in-saml-code/2024-11-04https://www.criticalthinkingpodcast.io/videos/the-ai-powered-403-bypasser-caido-plugin/2024-11-03https://www.criticalthinkingpodcast.io/videos/my-crypto-bug-that-could-delete-entire-wallets/2024-11-02https://www.criticalthinkingpodcast.io/videos/how-the-great-firewall-of-china-uses-dns-poisoning/2024-11-01https://www.criticalthinkingpodcast.io/videos/attacking-chrome-extensions-with-matanber-big-impact-on-the-client-side-ep-95/2024-10-31https://www.criticalthinkingpodcast.io/videos/zendesk-fiasco-the-ctbb-naughty-list-ep-94/2024-10-24https://www.criticalthinkingpodcast.io/videos/why-note-taking-is-good-for-your-health/2024-10-23https://www.criticalthinkingpodcast.io/videos/my-struggle-with-lhe-burnout/2024-10-21https://www.criticalthinkingpodcast.io/videos/is-this-the-most-underrated-skill-in-bug-bounty/2024-10-20https://www.criticalthinkingpodcast.io/videos/i-ignored-ssrf-for-too-long/2024-10-18https://www.criticalthinkingpodcast.io/videos/a-chat-with-dr-bouman-life-as-a-hacker-and-a-doctor-ep93/2024-10-17https://www.criticalthinkingpodcast.io/videos/the-best-bugs-for-new-hunters-with-gr3pme/2024-10-16https://www.criticalthinkingpodcast.io/videos/when-iot-hacking-meets-indiana-jones/2024-10-14https://www.criticalthinkingpodcast.io/videos/want-to-learn-hardware-hacking-try-this/2024-10-12https://www.criticalthinkingpodcast.io/videos/plain-text-session-tokens-on-facebook/2024-10-10https://www.criticalthinkingpodcast.io/videos/saml-xpath-confusion-chinese-dns-poisoning-and-ai-powered-403-bypasser-ep-92/2024-10-10https://www.criticalthinkingpodcast.io/videos/be-careful-what-you-sell-on-ebay/2024-10-08https://www.criticalthinkingpodcast.io/videos/pocs-failing-heres-the-problem-and-the-fix/2024-10-07https://www.criticalthinkingpodcast.io/videos/php-stripslashes-doesnt-strip-slashes/2024-10-05https://www.criticalthinkingpodcast.io/videos/zero-to-lhe-in-9-months-feat-gr3pme-ep-91/2024-10-03https://www.criticalthinkingpodcast.io/videos/portswiggers-new-release-is-a-banger/2024-10-02https://www.criticalthinkingpodcast.io/videos/how-25-characters-can-get-you-a-shell/2024-09-30https://www.criticalthinkingpodcast.io/videos/unbelievable-os-command-injection-technique/2024-09-28https://www.criticalthinkingpodcast.io/videos/using-x-request-id-to-access-any-account-via-header-injection/2024-09-27https://www.criticalthinkingpodcast.io/videos/5k-clickjacking-encryption-oracles-and-cursor-for-pocs-ep-90/2024-09-26https://www.criticalthinkingpodcast.io/videos/exploiting-x-request-id-to-write-php-in-varwww/2024-09-25https://www.criticalthinkingpodcast.io/videos/relationship-hacks-for-bug-bounty-hunters/2024-09-23https://www.criticalthinkingpodcast.io/videos/how-does-justin-stay-motivated-heres-how/2024-09-23https://www.criticalthinkingpodcast.io/videos/how-long-does-it-take-to-find-a-bug-in-a-new-scope/2024-09-20https://www.criticalthinkingpodcast.io/videos/the-untapped-bug-bounty-landscape-of-iot-w-matt-brown-ep-89/2024-09-19https://www.criticalthinkingpodcast.io/videos/mariah-embarrassing-justin-about-the-first-time-he-met-frans-rosen/2024-09-18https://www.criticalthinkingpodcast.io/videos/news-tools-and-writeups-ep-88/2024-09-12https://www.criticalthinkingpodcast.io/videos/is-this-the-ultimate-swag-flex/2024-09-11https://www.criticalthinkingpodcast.io/videos/how-to-dump-etcpasswd-with-3f/2024-09-09https://www.criticalthinkingpodcast.io/videos/first-time-at-defcon-as-a-content-creator/2024-09-09https://www.criticalthinkingpodcast.io/videos/why-didnt-i-know-about-this/2024-09-08https://www.criticalthinkingpodcast.io/videos/hacker-wife-mariah-gardner-on-bug-bounty-mentality-and-relationships-ep-87/2024-09-05https://www.criticalthinkingpodcast.io/videos/the-missing-plugin-for-api-testing/2024-09-05https://www.criticalthinkingpodcast.io/videos/why-is-note-taking-so-bad/2024-09-01https://www.criticalthinkingpodcast.io/videos/why-are-hackers-so-scrappy/2024-08-30https://www.criticalthinkingpodcast.io/videos/the-x-correlation-between-frans-rce-research-drop-ep-86/2024-08-29https://www.criticalthinkingpodcast.io/videos/practical-applications-of-defcon-32-web-research-ep-85/2024-08-22https://www.criticalthinkingpodcast.io/videos/0xlupin-takeaways-from-googles-las-vegas-bugswat-ep-84/2024-08-15https://www.criticalthinkingpodcast.io/videos/hacking-your-first-iot-device/2024-08-11https://www.criticalthinkingpodcast.io/videos/surviving-last-minute-patches-in-pwn2own/2024-08-10https://www.criticalthinkingpodcast.io/videos/brainstorming-proxy-plugins-ep83/2024-08-08https://www.criticalthinkingpodcast.io/videos/stop-overriding-debug-functions-use-this-devtools-secret-instead/2024-08-08https://www.criticalthinkingpodcast.io/videos/this-js-function-xss-as-a-service/2024-08-07https://www.criticalthinkingpodcast.io/videos/disgustingly-amazing-vuln-leaves-me-almost-speechless/2024-08-06https://www.criticalthinkingpodcast.io/videos/mind-blowing-debugging-trick/2024-08-05https://www.criticalthinkingpodcast.io/videos/muscle-up-your-bug-bounty-game-literally/2024-08-02https://www.criticalthinkingpodcast.io/videos/part-time-bug-bounty-ep-82/2024-08-02https://www.criticalthinkingpodcast.io/videos/this-vuln-keeps-justin-awake-at-night/2024-07-27https://www.criticalthinkingpodcast.io/videos/crazy-chaining-technique-for-rce-through-browser-extensions/2024-07-26https://www.criticalthinkingpodcast.io/videos/crushing-client-side-on-any-scope-with-matanber-ep-81/2024-07-26https://www.criticalthinkingpodcast.io/videos/this-technique-halves-the-time-to-leak-tokens/2024-07-24https://www.criticalthinkingpodcast.io/videos/apply-display-block-to-script-tags-to-view-them-like-p-tags/2024-07-22https://www.criticalthinkingpodcast.io/videos/watch-this-one-til-the-end/2024-07-20https://www.criticalthinkingpodcast.io/videos/this-is-why-you-should-grep-for-headers/2024-07-20https://www.criticalthinkingpodcast.io/videos/pwn2own-vs-h1-live-hacking-event-feat-sinsinology-ep-80/2024-07-18https://www.criticalthinkingpodcast.io/videos/xss-waf-bypass-using-multi-character-html-entities/2024-07-18https://www.criticalthinkingpodcast.io/videos/mongodb-nosql-injection-via-aggregation-pipelines/2024-07-17https://www.criticalthinkingpodcast.io/videos/password-exfiltration-in-django-orm/2024-07-16https://www.criticalthinkingpodcast.io/videos/how-to-exploit-ios-auth-flaw-if-you-have-an-iphone/2024-07-15https://www.criticalthinkingpodcast.io/videos/one-click-account-takeover-victim-clicks-link-attacker-gets-auth-token/2024-07-14https://www.criticalthinkingpodcast.io/videos/the-state-of-css-injection-leaking-text-nodes-html-attributes-ep-79/2024-07-12https://www.criticalthinkingpodcast.io/videos/the-best-time-to-stop-hacking/2024-07-08https://www.criticalthinkingpodcast.io/videos/definitely-worth-checking-out-this-postmessage-tracker/2024-07-05https://www.criticalthinkingpodcast.io/videos/stealing-oauth-tokens-with-frans-rosen/2024-07-04https://www.criticalthinkingpodcast.io/videos/less-writing-more-hacking-reporting-efficiency-techniques-ep78/2024-07-04https://www.criticalthinkingpodcast.io/videos/that-time-frans-rosen-roasted-justin-for-being-young/2024-07-01https://www.criticalthinkingpodcast.io/videos/this-is-why-you-need-to-look-gadgets/2024-06-30https://www.criticalthinkingpodcast.io/videos/case-sensitive-bypass-for-x-forwarded-for-headers/2024-06-28https://www.criticalthinkingpodcast.io/videos/bug-bounty-mental-practical-tips-for-staying-sharp-motivated-ep77/2024-06-27https://www.criticalthinkingpodcast.io/videos/is-this-one-of-the-craziest-xxes-ever/2024-06-26https://www.criticalthinkingpodcast.io/videos/stop-overcomplicating-bug-bounties/2024-06-25https://www.criticalthinkingpodcast.io/videos/cookie-xss-affecting-every-page-and-subdomain-on-zoom/2024-06-25https://www.criticalthinkingpodcast.io/videos/how-to-do-a-brain-reset/2024-06-21https://www.criticalthinkingpodcast.io/critical-thinking-bug-bounty-podcast/videos/match-replace-http-proxies-most-underrated-feature-ep-76/2024-06-20https://www.criticalthinkingpodcast.io/videos/how-to-stay-motivated-in-bug-bounty/2024-06-19https://www.criticalthinkingpodcast.io/videos/npx-package-manager-confusion-with-lupin/2024-06-18https://www.criticalthinkingpodcast.io/videos/the-emotional-rollercoaster-that-is-bug-hunting/2024-06-16https://www.criticalthinkingpodcast.io/videos/rerun-of-the-og-bug-bounty-king-frans-rosen-ep-75/2024-06-13https://www.criticalthinkingpodcast.io/videos/how-deep-do-you-go-when-looking-for-secrets-in-cicd-pipelines/2024-06-12https://www.criticalthinkingpodcast.io/videos/accidentally-found-cache-poisoning-in-npm/2024-06-11https://www.criticalthinkingpodcast.io/videos/iframe-hijacking-via-predictable-windowopen-target-names/2024-06-09https://www.criticalthinkingpodcast.io/videos/you-can-escape-a-sandbox-from-inside-an-iframe/2024-06-07https://www.criticalthinkingpodcast.io/critical-thinking-bug-bounty-podcast/videos/supply-chain-attack-primer-popping-rce-without-an-http-request-feat-0xlupin-ep-74/2024-06-06https://www.criticalthinkingpodcast.io/videos/adding-padding-to-your-requests-to-bypass-wafs/2024-06-05https://www.criticalthinkingpodcast.io/videos/justin-getting-schooled-by-johan-calrsson/2024-06-03https://www.criticalthinkingpodcast.io/videos/exploiting-phone-number-parsing-for-xss/2024-06-03https://www.criticalthinkingpodcast.io/videos/dropping-a-mega-crit-on-boxing-day/2024-05-31https://www.criticalthinkingpodcast.io/videos/sandboxed-iframes-and-waf-bypasses-ep-73/2024-05-30https://www.criticalthinkingpodcast.io/videos/what-to-look-for-when-reviewing-source-code/2024-05-29https://www.criticalthinkingpodcast.io/videos/indirect-method-invocation-in-5-different-languages/2024-05-27https://www.criticalthinkingpodcast.io/videos/the-vdp-debate-continues/2024-05-25https://www.criticalthinkingpodcast.io/videos/research-tldrs-smuggling-payloads-in-well-known-data-types-ep-72/2024-05-23https://www.criticalthinkingpodcast.io/videos/this-is-how-to-prove-the-impact-of-ai-bias/2024-05-23https://www.criticalthinkingpodcast.io/videos/should-the-government-subsidize-vdps/2024-05-21https://www.criticalthinkingpodcast.io/videos/is-security-just-another-feature/2024-05-20https://www.criticalthinkingpodcast.io/videos/nahamsec-secures-50k-bonuses-for-nahamcon/2024-05-19https://www.criticalthinkingpodcast.io/videos/most-people-dont-use-this-simple-recon-trick/2024-05-17https://www.criticalthinkingpodcast.io/videos/300000-for-a-single-bounty-with-meta/2024-05-17https://www.criticalthinkingpodcast.io/videos/more-vdp-chats-ai-bias-bounty-strats-with-keith-hoodlet-ep-71/2024-05-16https://www.criticalthinkingpodcast.io/videos/getting-schooled-by-nahamsec-again/2024-05-15https://www.criticalthinkingpodcast.io/videos/why-you-need-to-start-looking-for-script-gadgets/2024-05-13https://www.criticalthinkingpodcast.io/videos/he-couldve-backdoored-gitlabs-code-base/2024-05-12https://www.criticalthinkingpodcast.io/videos/accidental-xss-followed-by-his-first-encounter-with-a-csp/2024-05-10https://www.criticalthinkingpodcast.io/videos/nahamcon-and-csp-bypasses-everywhere-ep-70/2024-05-09https://www.criticalthinkingpodcast.io/videos/next-level-chaining-for-a-csp-bypass-in-github/2024-05-08https://www.criticalthinkingpodcast.io/videos/cloudflare-image-optimization-proxy-allows-subdomain-redirects-via-onerror-attribute-injection/2024-05-07https://www.criticalthinkingpodcast.io/videos/xss-via-htmx-trigger-attribute-injection-into-an-html-element/2024-05-05https://www.criticalthinkingpodcast.io/videos/xss-via-response-header-injection-in-htmx-explained/2024-05-03https://www.criticalthinkingpodcast.io/videos/johan-carlsson-3-month-check-in-on-full-time-bug-bounty-ep-69/2024-05-02https://www.criticalthinkingpodcast.io/videos/global-csp-bypass-using-htmx-triggers-and-unsafe-eval/2024-05-01https://www.criticalthinkingpodcast.io/videos/bug-bounty-programs-are-incentivised-not-to-pay/2024-04-29https://www.criticalthinkingpodcast.io/videos/how-do-we-solve-the-leaderboard-problem-in-bug-bounties/2024-04-27https://www.criticalthinkingpodcast.io/videos/0-days-htmx-ss-with-mathias-ep-68/2024-04-25https://www.criticalthinkingpodcast.io/videos/why-do-companies-with-deep-pockets-only-have-a-vdp/2024-04-25https://www.criticalthinkingpodcast.io/videos/pro-tips-dropped-by-joel-on-the-pod-last-week/2024-04-24https://www.criticalthinkingpodcast.io/videos/training-yourself-to-deal-with-failure-in-bug-bounties-by-changing-your-mindset/2024-04-23https://www.criticalthinkingpodcast.io/videos/discord-channel-to-monitor-the-blink-dev-google-group/2024-04-21https://www.criticalthinkingpodcast.io/videos/announcement-caido-is-dropping-global-workflows-this-week/2024-04-19https://www.criticalthinkingpodcast.io/videos/vdps-accidental-program-vs-hacker-debate-part-2-ep-67/2024-04-18https://www.criticalthinkingpodcast.io/videos/breaking-the-auth-flow-using-to-terminate-the-redirect-uri/2024-04-18https://www.criticalthinkingpodcast.io/videos/hacking-a-korean-mmo-for-3-million-dollars-worth-of-in-game-purchases/2024-04-16https://www.criticalthinkingpodcast.io/videos/popping-teslas-with-secondary-pt-and-javascripts-intparse-just-sam-curry-shit/2024-04-15https://www.criticalthinkingpodcast.io/videos/sam-doing-his-thing-and-generating-infinite-money-with-a-request-replay-attack-lol-3mm-shakes-head/2024-04-14https://www.criticalthinkingpodcast.io/videos/the-story-of-how-sam-curry-got-detained-at-an-airport/2024-04-12https://www.criticalthinkingpodcast.io/videos/cdn-cgi-research-intent-to-ship-and-louis-vuitton-ep-66/2024-04-12https://www.criticalthinkingpodcast.io/videos/got-paid-150-for-a-bug-by-adding-more-visual-impact/2024-04-09https://www.criticalthinkingpodcast.io/videos/dom-purify-type-confusion-by-slonser/2024-04-06https://www.criticalthinkingpodcast.io/videos/words-of-wisdom-from-naffy-nnwakelam/2024-04-04https://www.criticalthinkingpodcast.io/videos/motivation-and-methodology-with-sam-curry-zlz-ep-65/2024-04-04https://www.criticalthinkingpodcast.io/videos/exploiting-net-remoting-via-a-header/2024-04-02https://www.criticalthinkingpodcast.io/videos/is-this-the-best-tool-jhaddix-has-ever-built/2024-03-29https://www.criticalthinkingpodcast.io/videos/net-remoting-cdn-attack-surface-and-recon-vs-main-app-ep-64/2024-03-28https://www.criticalthinkingpodcast.io/videos/finding-unknown-apex-domains-using-dig-whoisxml-api-and-grep/2024-03-27https://www.criticalthinkingpodcast.io/videos/taking-things-out-of-the-too-hard-basket-to-find-bugs/2024-03-25https://www.criticalthinkingpodcast.io/videos/jhaddix-inspects-webhooks-to-catch-bugs/2024-03-24https://www.criticalthinkingpodcast.io/videos/smuggling-sensitive-data-via-css-injection-and-sequential-import-chaining/2024-03-23https://www.criticalthinkingpodcast.io/videos/episode-63-jhaddix-returns/2024-03-22https://www.criticalthinkingpodcast.io/videos/dropping-cookie-bombs-for-full-ato/2024-03-21https://www.criticalthinkingpodcast.io/videos/iframe-hijacking-via-windowopen/2024-03-19https://www.criticalthinkingpodcast.io/videos/heres-a-weird-race-condition-bug-for-yall/2024-03-18https://www.criticalthinkingpodcast.io/videos/this-is-the-funniest-blind-xss-story-ive-heard/2024-03-17https://www.criticalthinkingpodcast.io/videos/exploiting-dompurify-with-meta-tag-and-redirects-for-oauth-token-leakage-with-jr0ch17/2024-03-15https://www.criticalthinkingpodcast.io/videos/frontend-language-oddities-ep-62/2024-03-15https://www.criticalthinkingpodcast.io/videos/courses-certs-or-self-taught-jr0ch17-shares-his-thoughts/2024-03-10https://www.criticalthinkingpodcast.io/videos/exploiting-php-filter-chains-for-arbitrary-file-read/2024-03-08https://www.criticalthinkingpodcast.io/videos/god-mode-pwnage-with-d3d-abusing-akamai-to-abuse-f5-to-abuse-traffic-routes-to-steal-ntlm-creds/2024-03-08https://www.criticalthinkingpodcast.io/videos/a-hacker-on-wall-street-jr0ch17-ep-61/2024-03-07https://www.criticalthinkingpodcast.io/videos/insane-technique-to-exploit-near-unexploitable-races-with-sub-one-millisecond-hit-times/2024-03-04https://www.criticalthinkingpodcast.io/videos/is-the-backslash-escaped-if-not-this-is-how-you-can-use-them-to-break-context-for-js-execution/2024-03-03https://www.criticalthinkingpodcast.io/videos/how-i-exploited-a-stored-image-injection-vulnerability/2024-03-01https://www.criticalthinkingpodcast.io/videos/our-take-on-portswiggers-top-10-web-hacking-techniques-of-2023-ep-60/2024-03-01https://www.criticalthinkingpodcast.io/videos/this-bug-is-so-clutch-client-side-path-traversal-via-open-redirect/2024-02-28https://www.criticalthinkingpodcast.io/videos/how-i-use-gadgets-to-stay-motivated-in-bug-hunting/2024-02-26https://www.criticalthinkingpodcast.io/videos/weve-got-an-exciting-announcement/2024-02-25https://www.criticalthinkingpodcast.io/videos/how-to-turn-mathrandom-into-mathnotrandom-by-calculating-the-seed/2024-02-23https://www.criticalthinkingpodcast.io/videos/bug-bounty-gadget-hunting-hackers-intuition-ep-59/2024-02-23https://www.criticalthinkingpodcast.io/videos/youssef-confuses-the-triage-team-with-this-scroll-to-text-fragment-exploitation/2024-02-21https://www.criticalthinkingpodcast.io/videos/client-side-race-condition-via-postmessage-with-youssef-sammouda-ep-58/2024-02-19https://www.criticalthinkingpodcast.io/videos/youssef-hasnt-duped-in-like-6-years-how/2024-02-18https://www.criticalthinkingpodcast.io/videos/youssef-sammouda-client-side-ato-war-stories-ep-58/2024-02-16https://www.criticalthinkingpodcast.io/videos/episode-57-live-hacking-event-inside-scoop-h1-305/2024-02-09https://www.criticalthinkingpodcast.io/videos/using-data-science-to-win-bug-bounty-mayonaise-aka-jon-colston-ep-56/2024-02-01https://www.criticalthinkingpodcast.io/videos/popping-wordpress-plugins-methodology-brain-dump-ep-55/2024-01-25https://www.criticalthinkingpodcast.io/videos/white-box-formulas-vulnerable-coding-patterns-ep-54/2024-01-18https://www.criticalthinkingpodcast.io/videos/500kyr-as-full-time-bug-hunter-content-creator-nahamsec-ep-53/2024-01-11https://www.criticalthinkingpodcast.io/videos/best-technical-content-from-year-1-of-ctbb-podcast-ep-52/2024-01-04https://www.criticalthinkingpodcast.io/videos/hacker-stats-2023-2024-goals-ep-51/2023-12-28https://www.criticalthinkingpodcast.io/videos/mathias-fall-in-a-well-karlsson-bug-bounty-prophet-ep-50/2023-12-21https://www.criticalthinkingpodcast.io/videos/getting-live-hacking-event-invites-bug-bounty-collab-with-nagli-ep-49/2023-12-14https://www.criticalthinkingpodcast.io/videos/mvh-defcon-black-badge-googler-sam-erb-ep-48/2023-12-07https://www.criticalthinkingpodcast.io/videos/csp-research-iframe-hopping-and-client-side-shenanigans-ep-47/2023-11-30https://www.criticalthinkingpodcast.io/videos/the-saml-ramble-ep-46/2023-11-23https://www.criticalthinkingpodcast.io/videos/the-og-bug-bounty-king-frans-rosen-ep-45/2023-11-16https://www.criticalthinkingpodcast.io/videos/url-parsing-auth-bypass-magic-ep-44/2023-11-09https://www.criticalthinkingpodcast.io/critical-thinking-bug-bounty-podcast/videos/caido-the-up-and-coming-http-proxy-ep-43/2023-11-02https://www.criticalthinkingpodcast.io/videos/renniepak-interview-intigriti-lhe-recap-ep-42/2023-10-26https://www.criticalthinkingpodcast.io/videos/mini-masterclass-attack-vector-ideation-ep-41/2023-10-19https://www.criticalthinkingpodcast.io/videos/but-bounty-mentorships-ep-40/2023-10-12https://www.criticalthinkingpodcast.io/videos/the-art-of-architectures-ep-39/2023-10-05https://www.criticalthinkingpodcast.io/videos/mobile-hacking-maestro-sergey-toshin-ep-38/2023-09-28https://www.criticalthinkingpodcast.io/videos/tokyo-hacking-interview-with-0xlupin-ep-37/2023-09-21https://www.criticalthinkingpodcast.io/videos/bug-bounty-ethics-ct-exclusive-bug-reports-ep-36/2023-09-14https://www.criticalthinkingpodcast.io/videos/mapping-your-hacking-summary-shorts/2023-09-13https://www.criticalthinkingpodcast.io/videos/the-bugs-are-there-mapping-your-hacking-shorts/2023-09-13https://www.criticalthinkingpodcast.io/videos/bug-bounty-philosophy-opportunity-cost-shorts/2023-09-13https://www.criticalthinkingpodcast.io/videos/rhynorater-trust-boundaries-shorts/2023-09-13https://www.criticalthinkingpodcast.io/videos/douglas-day-the-king-of-collaboration-ep-35/2023-09-07https://www.criticalthinkingpodcast.io/videos/should-bug-bounty-programs-pay-for-0-days-podcast-bugbounty-hackerone-bugcrowd-shorts/2023-09-05https://www.criticalthinkingpodcast.io/videos/bug-bounties-should-be-going-down-podcast-bugbounty-hackerone-bugcrowd-intigriti-shorts/2023-09-05https://www.criticalthinkingpodcast.io/videos/the-great-hacker-vs-program-debate-ep-34/2023-08-31https://www.criticalthinkingpodcast.io/videos/finding-your-first-bug-bounty-bugbounty-podcast-intigriti-bugcrowd-hackerone-shorts/2023-09-01https://www.criticalthinkingpodcast.io/videos/inti-de-ceukelaire-how-to-hack-you-way-to-metallica-vip-ep-33/2023-08-25https://www.criticalthinkingpodcast.io/videos/5-bug-bounty-write-ups-you-cannot-miss-ep-32/2023-08-25https://www.criticalthinkingpodcast.io/videos/alex-chapman-how-to-be-a-high-impact-hacker-ep-31/2023-08-25https://www.criticalthinkingpodcast.io/videos/shubham-shah-from-burgers-to-bounties-ep-30/2023-08-25https://www.criticalthinkingpodcast.io/videos/sean-yeoh-live-chat-with-an-assetnote-engineer-ep-29/2023-08-25https://www.criticalthinkingpodcast.io/videos/csrfs-surfing-the-web-to-higher-bounties-ep-28/2023-08-25https://www.criticalthinkingpodcast.io/videos/the-best-esoteric-web-vulnerabilities-ep-27/2023-08-25https://www.criticalthinkingpodcast.io/videos/client-side-quirks-and-browser-hacks-ep-26/2023-08-25https://www.criticalthinkingpodcast.io/videos/inhibitor181-two-time-mvh-multi-million-dollar-hacker-ep-25/2023-08-25https://www.criticalthinkingpodcast.io/videos/daniel-miessler-and-rez0-hacking-with-ai-ep-24/2023-08-25https://www.criticalthinkingpodcast.io/videos/building-the-ultimate-hacker-setup-ep-23/2023-08-25https://www.criticalthinkingpodcast.io/videos/chip-ing-away-at-hardware-hacking-ep-22/2023-08-25https://www.criticalthinkingpodcast.io/videos/corben-leo-legendary-dod-hacker-ep-21/2023-08-25https://www.criticalthinkingpodcast.io/videos/bounty-burnout-overcoming-the-mental-tolls-of-hacking-ep-20/2023-08-25https://www.criticalthinkingpodcast.io/videos/source-review-part-2-audit-code-earn-bounties-ep-19/2023-08-25https://www.criticalthinkingpodcast.io/videos/source-review-audit-code-earn-bounties-ep-18/2023-08-25https://www.criticalthinkingpodcast.io/videos/live-chat-with-legendary-hackers-in-la-ep-17/2023-08-25https://www.criticalthinkingpodcast.io/videos/the-hackers-toolkit-ep-16/2023-08-25https://www.criticalthinkingpodcast.io/videos/gal-nagli-the-israeli-million-dollar-hacker-ep-15/2023-08-25https://www.criticalthinkingpodcast.io/videos/mobile-hacking-dynamic-analysis-using-frida-ep-14/2023-08-25https://www.criticalthinkingpodcast.io/videos/acropalypse-now-ep-13/2023-08-25https://www.criticalthinkingpodcast.io/videos/jason-haddix-from-hacker-to-ciso-ep-12/2023-08-25https://www.criticalthinkingpodcast.io/videos/cv-web-cache-deception-and-ssti-ep-11/2023-08-25https://www.criticalthinkingpodcast.io/videos/the-life-of-a-full-time-bug-bounty-hunter-ep-10/2023-08-25https://www.criticalthinkingpodcast.io/videos/headless-browser-ssrf-new-tool-release-ep-9/2023-08-25https://www.criticalthinkingpodcast.io/videos/postmessage-exploits-and-css-injection-ep-8/2023-08-25https://www.criticalthinkingpodcast.io/videos/portswigger-top-10-trufflesec-drama-and-more-ep-7/2023-08-25https://www.criticalthinkingpodcast.io/rate/2026-03-02https://www.criticalthinkingpodcast.io/categories/2026-03-02https://www.criticalthinkingpodcast.io/podroll/2026-03-02https://www.criticalthinkingpodcast.io/newsletter/2026-03-02https://www.criticalthinkingpodcast.io/sponsors/2026-03-02