Interested in going full-time bug bounty? Check out our blueprint!

Videos

March 6, 2026

Is H1 Using OUR Reports To Train LLMs?

Is H1 Using OUR Reports To Train LLMs?

#hacking #bugbounty #podcast #bugbountytips #infosec #hackerone

View more
March 5, 2026

Tommy DeVoss: From Black Hat to Bug Bounty LEGEND (Ep. 164)

Tommy DeVoss: From Black Hat to Bug Bounty LEGEND (Ep. 164)

Episode 164: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Tommy DeVoss to talk about his origin story, Yahoo bugs, and how Tommy first got Justin into Bug Bounty Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send…

View more
March 4, 2026

"If there's a vuln: move the camera"

"If there's a vuln: move the camera"

#hacking #bugbounty #podcast #bugbountytips #infosec #hardwarehacks #hardwarehacking

View more
March 3, 2026

Why Is AI Training in HackerOne's Terms? (is it still there?)

Why Is AI Training in HackerOne's Terms? (is it still there?)

#hacking #bugbounty #podcast #bugbountytips #infosec #hackerone

View more
March 2, 2026

Taking over someone's Alexa with a LASER??

Taking over someone's Alexa with a LASER??

#hacking #bugbounty #podcast #bugbountytips #infosec #hardwarehacks #hardwarehacking #alexa

View more
Feb. 28, 2026

How many devices a PRO hardware hacker needs?

How many devices a PRO hardware hacker needs?

#hacking #bugbounty #podcast #bugbountytips #infosec #hardwarehacks #hardwarehacking

View more
Feb. 27, 2026

Hardware Flaw vs. Software Flaw in Hardware

Hardware Flaw vs. Software Flaw in Hardware

#hacking #bugbounty #podcast #bugbountytips #infosec #hardwarehacks #hardwarehacking

View more
Feb. 26, 2026

Best Technical Takeaways from Portswigger Top 10 2025 (Ep. 163)

Best Technical Takeaways from Portswigger Top 10 2025 (Ep. 163)

Episode 163: In this episode of Critical Thinking - Bug Bounty Podcast It’s that time of year again! We’re looking at the Portswigger Research list of top 10 web hacking techniques of 2025. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any…

View more
Feb. 25, 2026

The Bug Bounty Maturity Framework can really take programs to the next level

The Bug Bounty Maturity Framework can really take programs to the next level

#hacking #bugbounty #podcast #bugbountytips #infosec #bugbountyprograms

View more
Feb. 24, 2026

Special skills == Special Bounties

Special skills == Special Bounties

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
Feb. 20, 2026

Incremental IDORs are common... Bet you've never seen Incremental TOKENS

Incremental IDORs are common... Bet you've never seen Incremental TOKENS

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
Feb. 19, 2026

HackerOne Training AI on Bug Bounty Data? (Ep. 162)

HackerOne Training AI on Bug Bounty Data? (Ep. 162)

Episode 162: HackerOne Training AI on Bug Bounty Data? Episode 162: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph sit down with HackerOne Founder & CTO Alex Rice to discuss concerns of Using Hacker Data for AI and decreasing bounties. Follow us on twitter at:…

View more
Feb. 17, 2026

An EXPLOIT made in Heaven

An EXPLOIT made in Heaven

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
Feb. 14, 2026

.innerHTML can make your XSS run!

.innerHTML can make your XSS run!
View more
Feb. 13, 2026

Is it even a bypass if they left you an EXTRA key?

Is it even a bypass if they left you an EXTRA key?

#hacking #bugbounty #podcast #bugbountytips #infosec #CSP

View more
Feb. 12, 2026

Cross-Consumer Attacks & DTMF Tone Exfil (Ep. 161)

Cross-Consumer Attacks & DTMF Tone Exfil (Ep. 161)

Episode 161: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gives us some quick hits regarding CSRF and Cross Consumer Attacks, and also touches on some breaking questions surrounding HackerOne Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any…

View more
Feb. 11, 2026

NULL origin iframe trick

NULL origin iframe trick

#hacking #bugbounty #podcast #bugbountytips #infosec #iframe

View more
Feb. 9, 2026

This makes no sense at all but thanks, Chrome!

This makes no sense at all but thanks, Chrome!

#hacking #bugbounty #podcast #bugbountytips #infosec #javascript

View more
Feb. 7, 2026

WAFs cannot win this battle =)

WAFs cannot win this battle =)

#hacking #bugbounty #podcast #bugbountytips #infosec #WAF #firewall

View more
Feb. 6, 2026

Did you know that Java annotations run at compile time?

Did you know that Java annotations run at compile time?

#hacking #bugbounty #podcast #bugbountytips #infosec #Java

View more
Feb. 5, 2026

Cloudflare Zero-days & Mail Unsubscribing for XSS (Ep.160)

Cloudflare Zero-days & Mail Unsubscribing for XSS (Ep.160)

Episode 160: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and Brandyn. Chat through some news, Including a Cloudflare Zero-day, Turning List-Unsubscribe into an SSRF/XSS Gadget, & Magic String Denial of Service in Claude. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free…

View more
Feb. 3, 2026

DNS Record doesn't exist... But the next does!

DNS Record doesn't exist... But the next does!

#hacking #bugbounty #podcast #bugbountytips #infosec #DNS #DNSSEC

View more
Feb. 1, 2026

Lesson learned: Old tech deserves a hack too

Lesson learned: Old tech deserves a hack too

#hacking #bugbounty #podcast #bugbountytips #infosec

View more
Jan. 30, 2026

Pwning in 3 minutes = Reverse Imposter Syndrome

Pwning in 3 minutes = Reverse Imposter Syndrome

#hacking #bugbounty #podcast #bugbountytips #infosec #impostersyndrome

View more