- Critical Thinking - Bug Bounty Podcast
- Archive
- Page -20
Archive
![[HackerNotes Ep.116] Auth Bypasses and Google VRP Writeups](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/logo/f3cc9f6e-341e-452a-9b50-a244bcc4cf92/Critical_Thinking_Podcast_Cover_Square.jpg){kind=logo}
[HackerNotes Ep.111] How to Bypass DOMPurify with Kévin Mizu
In this episode Justin interviews Kévin Mizu to showcase his knowledge regarding DOMPurify and its misconfigurations. We walk through some of Kevin’s research, highlighting things like Dangerous allow-lists and URI Attributes, DOMPurify hooks, node manipulation, and DOM Clobbering.
[HackerNotes Ep. 109] Creative Recon - Alternative Techniques
In this episode of Critical Thinking - Bug Bounty Podcast we start off with a quick recap of some of the DeepSeek Drama that’s been going down, and discuss AI in CAPTCHA and 2FA as well. Then we switch to cover some other news before settling in to talk about Alternative Recon Techniques.
[HackerNotes Ep.108] How to Hack Salesforce, ServiceNow, and Other SaaS Products With Aaron Costello
Justin and Joseph bring on Aaron Costello to discuss SaaS security and misconfigurations as a bug class. He also gives some in-depth examples on research he's performed on Salesforce, ServiceNow, and Power Pages.
