gr3pme's full-time hunting journey update, insane AI research, and some light news (Ep. 142)

Episode 142: In this episode of Critical Thinking - Bug Bounty Podcast Rez0 and Gr3pme join forces to discuss Websocket research, Meta’s $111750 Bug, PROMISQROUTE, and the opportunities afforded by going full time in Bug Bounty.

Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to https://twitter.com/realytcracker for the awesome intro music!

====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
https://x.com/Rhynorater
https://x.com/rez0__

====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

You can also find some hacker swag at https://ctbb.show/merch!

Today's Sponsor: ThreatLocker. Check out ThreatLocker DAC
https://www.criticalthinkingpodcast.io/tl-dac

Today’s Guest: https://x.com/gr3pme

====== This Week in Bug Bounty ======

New Monthly Dojo challenge and Dojo UI design https://dojo-yeswehack.com/challenge-of-the-month

The ultimate Bug Bounty guide to exploiting race condition vulnerabilities in web applications
https://www.yeswehack.com/learn-bug-bounty/ultimate-guide-race-condition-vulnerabilities

Watch Our boy Brandyn on the TV https://x.com/marketingrckstr/status/1967958828424802461

====== Resources ======
murtasec
https://murtasec.com/

WebSocket Turbo Intruder: Unearthing the WebSocket Goldmine
https://portswigger.net/research/websocket-turbo-intruder-unearthing-the-websocket-goldmine

Chaining Path Traversal Vulnerability to RCE — Meta’s 111,750$ Bug
https://infosecwriteups.com/chaining-path-traversal-vulnerability-to-rce-metas-111-750-bug-a98a473c6a05

Finding vulnerabilities in modern web apps using Claude Code and OpenAI Codex
https://semgrep.dev/blog/2025/finding-vulnerabilities-in-modern-web-apps-using-claude-code-and-openai-codex/

Mind the Gap
https://arxiv.org/pdf/2508.17155

PROMISQROUTE
https://adversa.ai/blog/promisqroute-gpt-5-ai-router-novel-vulnerability-class/

====== Timestamps ======
(00:00:00) Introduction
(00:05:16) Full Time Bug Bounty and Business Startups
(00:15:50) Websockets
(00:22:17) Meta’s $111750 Bug
(00:28:38) Finding vulns using Claude Code and OpenAI Codex
(00:39:32) Time-of-Check to Time-of-Use Vulns in LLM-Enabled Agents
(00:45:22) PROMISQROUTE