Archive
[HackerNotes Ep.104] 2024 Hacker Stats & 2025 Goals
In this HackerNotes, we have two fresh CTBB announcements including the launch of the bug bounty hunters guild and research lab. We also have a Bug Bounty Hunter Worksheet for ya'll to reflect on your 2024 as a hunter, and set some goals up for 2025.
[HackerNotes Ep.103] Getting ANSI about Unicode Normalization
In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph delve into the vulnerabilities associated with ANSI codes and large language models (LLMs), as well as talk through some research about _json Juggling, cookie handling quirks, and the value of micro-blogging in general.
[HackerNotes Ep.101] AI Attack Vectors - CTBB Hijacked - Rez0__ and Johann
In this HackerNotes, Rez0 joins Johann Rehberger to explore the complexities of AI application vulnerabilities. They dive into the significance of system prompts, obfuscation techniques to bypass security, and discuss the top AI platforms shaping the future of AI security.
[HackerNotes Ep.97] Bcrypt Hash Input Truncation & Mobile Device Threat Modeling
We're back with some cool news items, including a recent Okta Bcrypt vulnerability, insights into crypto bugs, and some intricacies of Android and Chrome security. We also explore the latest research from Portswigger on payload concealment techniques, and the introduction of the Lightyear tool for PHP exploits.
[HackerNotes Ep.95 & Ep.96] Cookies, Caching & Attacking Chrome Extensions with MatanBer
We've got a HUGE double whammy HackerNotes. How to attack Chrome Extensions, understanding the extension threat model and diving deep into extension components. Then we finish off with a bunch of cool cookie parsing behaviours along with some clientside gadgets from the HeroV6 CTF writeup by Kevin Mizu.