Getting Live Hacking Event Invites & Bug Bounty Collab with Nagli (Ep. 49)
Episode 49: In this episode of Critical Thinking - Bug Bounty Podcast, Justin Gardner is once again joined by Nagli to discuss some of their recent hacking discoveries. They talk about finding and exploiting a backup file in an ASP.NET app, discovering vulnerabilities through Swagger files, and debating the vulnerability of a specific ‘undisclosed’ domain. Then they reflect on 2023’s Live Hacking Event circuit, and preview what’s to come in 2024’s. This episode sponsored by Wordfence! Wordfence recently launched a game-changer of a bug bounty program with ALL WordPress plugins over 50k installs are in-scope. They are currently paying 6.25x their normal bounty amounts, and have agreed to give CT listeners a 10% bonus on top of that! If you wanna pop some crits and see those bounties roll in, head over to https://ctbb.show/wf for more info and keep an eye on the CTBB Discord for inspiration/collabs. Follow us on twitter at: @ctbbpodcast We're new to this podcasting thing, so feel free to send us any feedback here: [email protected] Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater & Teknogeek on twitter: ====== Ways to Support CTBBPodcast ====== Sign up for Caido using the referral code CTBBPODCAST for a 10% discount. Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. Today’s Guest Episode Resources: Shockwave Why So Serial New LHE Standards Dropped Timestamps: (00:00:00) Introduction (00:02:37) wwwroot .zip Hack Recap (00:13:44) Swagger File Hack Recap (00:18:27) Undisclosed URL Hack Recap (00:24:29) 2023 LHE Circut Recap (00:37:14) 2024 LHE Preview and New Standards (00:47:22) Bug Bounty Motivation

Mathias "Fall in a well" Karlsson - Bug Bounty Prophet (Ep. 50)

PortSwigger Research Impossible XSS SOLVED (Ep. 183)

NahamSec Teaches Me Bug Bounty Basics

How to Hide in Plain Sight: Next-Level Digital Privacy | Ivan Banov at BSidesCache 2025

Local AI voice cloning

DEF CON 33 - Unmasking the Snitch Puck: IoT surveillance tech in the school bathroom - Reynaldo, nyx

Choose Your Starter Pokemon, BUT The Pokedex is Shuffled!

Gal Nagli: The Israeli Million-Dollar Hacker (Ep. 15)

The Odyssey's Jon Bernthal Breaks Down His Most Iconic Characters

Attacking AI - Jason Haddix - NDC Security 2026

He Hacked Flock Cameras. What He Found Was Worse Than Expected

Youssef Sammouda - Client-Side & ATO War Stories (Ep. 58)

The Secret Market for Zero Day Exploits | VICE: Cyberwar | Blueprint

He Risked Everything To Warn You: No One Is Ready For What's Coming, And The AI Companies Know It!

Using Data Science to win Bug Bounty - Mayonaise (aka Jon Colston) (Ep. 56)

CHOSEN ONE!! THEY'RE BEGGING HIM TO WARN YOU... BUT HE JUST GRINNED AND SAID "TOO LATE"

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup

DEF CON 32 - Inside the FBI’s Secret Encrypted Phone Company ‘Anom’ - Joseph Cox

Beta64 - Rhythm Heaven / Rhythm Paradise

