Episode 66: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss the recent YesWeHack Louis Vuitton LHE, the importance of failure as growth in bug bounty, and Justin shares his research on CDN CGI.
Follow us on twitter at: https://twitter.com/ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to https://twitter.com/realytcracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
Project Discovery Conference: https://nux.gg/hss24
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Resources:
YesWeHack Luis Vuitton LHE
https://twitter.com/yeswehack/status/1776280653744554287
https://event.yeswehack.com/events/hack-me-im-famous-2
Caido Workflows
https://github.com/caido/workflows
Oauth Redirects
https://twitter.com/Akshanshjaiswl/status/1724143813088940192
Bagipro Golden URL techniques
https://hackerone.com/reports/431002
Monke Hacks Blog
https://monkehacks.beehiiv.com/
PortSwigger post
https://x.com/PortSwiggerRes/status/1766087129908576760
post from Masato Kinugawa
https://x.com/kinugawamasato/status/916393484147290113
Timestamps:
(00:00:00) Introduction
(00:04:19) Louis Vuitton LHE
(00:13:57) Browser Market share
(00:21:13) Justin's Bug of the Week
(00:24:49) Caido Workflows
(00:27:24) Oauth Redirects
(00:32:24) Bug Bounty learning Methodology
(00:41:03) 'Intent To Ship'
(00:48:08) CDN-CGI Research
