Critical Thinking - Bug Bounty Podcast
Justin Gardner (Rhynorater), Joseph Thacker (Rez0), & Brandyn Murtagh (gr3pme)

Latest episode
185 episodes
- Episode 183: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Brandyn talk about looking at AI features like tech features, Using AI to leak private repos, and solving PortSwigger’s Unexploitable XSS labs
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater, rez0 and gr3pme on X:
https://x.com/Rhynorater
https://x.com/rez0__
https://x.com/gr3pme
Critical Research Lab:
https://lab.ctbb.show/
Need a Pentest? We just launched CTBB Pentests!
https://pentest.ctbb.show/
Hack full time? Check out the Full-Time Hunter’s Guild!
https://ctbb.show/fthg
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
Today's Sponsor: Check out Zero Trust Network Access:
https://www.criticalthinkingpodcast.io/tl-ztna
====== This Week in Bug Bounty ======
How LLMs are changing Bug Bounty Interview series
https://www.yeswehack.com/fr/community/llms-bug-bounty-interview-aituglo
https://www.yeswehack.com/fr/community/llms-bug-bounty-interview-rhynorater
https://www.yeswehack.com/fr/community/llms-bug-bounty-interview-icare
====== Resources ======
$15k - CSPT to full account takeover, then 2FA bypass via the prototype chain
https://whoareme.com/blog/cspt-account-takeover-2fa-bypass/
Two Bypasses for Chrome’s Sanitizer API
https://slcyber.io/research-center/two-bypasses-for-chromes-sanitizer-api/
Documenting the impossible: Unexploitable XSS labs
https://portswigger.net/research/documenting-the-impossible-unexploitable-xss-labs
GitLost: How We Tricked GitHub’s AI Agent into Leaking Private Repos
https://noma.security/blog/gitlost-how-we-tricked-githubs-ai-agent-into-leaking-private-repos/
Chaining Razor SSTI into RCE via Reflection and Runtime Strings
https://phsi.se/posts/chaining-razor-ssti-into-rce-via-reflection-and-runtime-strings/
====== Timestamps ======
(00:00:00) Introduction
(00:06:07) AI Features Are Just Tech Features
(00:20:02) CSPT to full Account Takeover & Other Chains
(00:35:27) Sanitizer API for Chrome and Firefox
(00:46:57) Solving PortSwigger's Impossible Lab & GitLost
(01:01:19) SSTI into RCE via Reflection - Episode 182: In this episode of Critical Thinking - Bug Bounty Podcast we talk about some recent bugs involving WPM, MCP, and a possible emerging bug class using Wayback. We also talk about some GraphQL Hackbot finds, and what AI’s #1 mission should be.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater, rez0 and gr3pme on X:
https://x.com/Rhynorater
https://x.com/rez0__
https://x.com/gr3pme
Critical Research Lab:
https://lab.ctbb.show/
Need a Pentest? We just launched CTBB Pentests!
https://pentest.ctbb.show/
Hack full time? Check out the Full-Time Hunter’s Guild!
https://ctbb.show/fthg
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
====== This Week in Bug Bounty ======
LeHack 2026 Recap
https://event.yeswehack.com/events/lehack-2026
Don’t eat the ChocoPoCs! How vulnerability researchers were repeatedly targeted by trojanised exploits
https://www.yeswehack.com/fr/news/chocopocs-vulnerability-researchers-trojanised-exploits
Navigating the AI Wave: How We're Keeping Security Research Meaningful
https://www.hackerone.com/blog/ai-driven-report-volume-insights-and-actions
====== Resources ======
Caido Skills
https://github.com/caido/skills/pull/22
Hunting For AWS Cognito Security
Misconfigurations
https://www.yassineaboukir.com/talks/NahamConEU2022.pdf
X MCP
https://docs.x.com/tools/mcp
US South Summer Sessions: Hack the Heat
https://h1.community/events/details/hackerone-us-south-hackerone-club-presents-us-south-summer-sessions-hack-the-heat/
====== Timestamps ======
(00:00:00) Introduction
(00:08:31) WPM Bug & Wayback to Guest Bearer
(00:18:42) GraphQL Hackbot Finds, Fable Updates, & AI's #1 Mission
(00:29:45) MCP, US South H1 Event, & AI Sandbox Escapes - Episode 181: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and XSSDoctor talk about building a Hackbot.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater, rez0 and gr3pme on X:
https://x.com/Rhynorater
https://x.com/rez0__
https://x.com/gr3pme
Critical Research Lab:
https://lab.ctbb.show/
Need a Pentest? We just launched CTBB Pentests!
https://pentest.ctbb.show/
Hack full time? Check out the Full-Time Hunter’s Guild!
https://ctbb.show/fthg
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
Today's Sponsor: Check out Zero Trust Network Access:
https://www.criticalthinkingpodcast.io/tl-ztna
====== Resources ======
Are bug bounties cooked?
https://hakluke.com/are-bug-bounties-cooked
We built a Hackbot
https://josephthacker.com/hacking/2026/07/01/we-built-a-hackbot.html
====== Timestamps ======
(00:00:00) Introduction
(00:07:22) Manual vs. AI Hacking
(00:17:27) Building a Hackbot
(00:23:53) Negatives of Hackbots
(00:31:34) Logistics and Problems of Singularity
(00:46:21) Successes - Episode 180: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Steve Hernandez, founder of the Bug Bounty Maturity Framework (BBMF), to walk us through the inaugural State of Bug Bounty Maturity Posture Report. We go through the scores and cover Asset Hygiene, Operational Signal, how to re-engage the relationship between trust and researcher participation.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater, rez0 and gr3pme on X:
https://x.com/Rhynorater
https://x.com/rez0__
https://x.com/gr3pme
Critical Research Lab:
https://lab.ctbb.show/
Need a Pentest? We just launched CTBB Pentests!
https://pentest.ctbb.show/
Hack full time? Check out the Full-Time Hunter’s Guild!
https://ctbb.show/fthg
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
Today’s Guest: https://x.com/SteveHernandezM
Email Steve at info@bugbountymaturity.com
Fill out this form to enter a Critical Thinkers raffle
https://forms.ctbb.show/mdaz
====== Resources ======
State of Bug Bounty Maturity Posture
https://bugbountymaturity.com/research/state-of-bug-bounty-maturity-posture-2026
Take the Bug Bounty Maturity Assessment
https://bugbountymaturity.com/assessment
AI Is Compressing the Bug Bounty Maturity Curve
https://bugbountymaturity.com/research/ai-is-compressing-the-bug-bounty-maturity-curve
====== Timestamps ======
(00:00:00) Introduction
(00:04:09) State of Bug Bounty Maturity Posture
(00:22:33) Researcher Interface & Program Trust
(00:44:38) Maturity Bands and Scoring
(01:08:19) AI Is Compressing the Bug Bounty Maturity Curve - Episode 179: In this episode of Critical Thinking - Bug Bounty Podcast we talk about how to stay motivated and keep the vibes strong during this trying time for Bug Bounty.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater, rez0 and gr3pme on X:
https://x.com/Rhynorater
https://x.com/rez0__
https://x.com/gr3pme
Critical Research Lab:
https://lab.ctbb.show/
Need a Pentest? We just launched CTBB Pentests!
https://pentest.ctbb.show/
Hack full time? Check out the Full-Time Hunter’s Guild!
https://ctbb.show/fthg
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
Today's Sponsor: Check out Zero Trust Cloud Access:
https://www.threatlocker.com/capabilities/zero-trust-cloud-access
====== Timestamps ======
(00:00:00) Introduction
(00:04:57) Managing Hacker Motivation
(00:10:45) Community, Competition, & Curosity
(00:16:54) Using AI with Passion
(00:23:10) The LHE Method & Sharing Wins
(00:28:01) Video POCs, Scripts, & Talking about Bugs
(00:40:49) Watching your health & stopping mid-hack
More Technology podcasts
Trending Technology podcasts
About Critical Thinking - Bug Bounty Podcast
A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.
Podcast websiteListen to Critical Thinking - Bug Bounty Podcast, Search Engine and many other podcasts from around the world with the radio.net app

Get the free radio.net app
- Stations and podcasts to bookmark
- Stream via Wi-Fi or Bluetooth
- Supports Carplay & Android Auto
- Many other app features
Get the free radio.net app
- Stations and podcasts to bookmark
- Stream via Wi-Fi or Bluetooth
- Supports Carplay & Android Auto
- Many other app features


Critical Thinking - Bug Bounty Podcast
Scan code,
download the app,
start listening.
download the app,
start listening.






















