Artwork

Content provided by Justin Gardner (Rhynorater) & Joel Margolis (teknogeek), Justin Gardner (Rhynorater), and Joel Margolis (teknogeek). All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Justin Gardner (Rhynorater) & Joel Margolis (teknogeek), Justin Gardner (Rhynorater), and Joel Margolis (teknogeek) or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!

Episode 69: Johan Carlsson - 3 Month Check-in on Full-time Bug Bounty.

1:49:04
 
Share
 

Manage episode 415958448 series 3435922
Content provided by Justin Gardner (Rhynorater) & Joel Margolis (teknogeek), Justin Gardner (Rhynorater), and Joel Margolis (teknogeek). All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Justin Gardner (Rhynorater) & Joel Margolis (teknogeek), Justin Gardner (Rhynorater), and Joel Margolis (teknogeek) or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Episode 69: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Johan Carlsson to hear about some updates on his bug hunting journey. We deep-dive a CSP bypass he found in GitHub, a critical he found in GitLab's pipeline, and also talk through his approach to using script gadgets and adapting to highly CSP'd environments. Then we talk about his transition to full-time bug hunting, including the goals he’s set, the successes and challenges, and his current focus on specific bug types like ReDoS and OAuth, and the serendipitous nature of bug hunting.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.

Nuclei 3.2 Release: https://nux.gg/podcast

Today’s Guest:

https://twitter.com/joaxcar

https://joaxcar.com/blog/

Resources

Github CSP Bypass

https://gist.github.com/joaxcar/6e5a0a34127704f4ea9449f6ce3369fc

CSP Validator

https://cspvalidator.org/

Cross Window Forgery

https://www.paulosyibelo.com/2024/02/cross-window-forgery-web-attack-vector.html

Gitlab Crit

https://gist.github.com/joaxcar/9419b2df8778f26e9b02a741a8ec12f8

Timestamps

(00:00:00) Introduction

(00:09:34) Github CSP Bypass

(00:38:48) Script Gadgets and growth through Gitlab

(00:53:53) Gitlab pipeline bug

(01:12:32) Full-time Bug Bounty

  continue reading

96 episodes

Artwork
iconShare
 
Manage episode 415958448 series 3435922
Content provided by Justin Gardner (Rhynorater) & Joel Margolis (teknogeek), Justin Gardner (Rhynorater), and Joel Margolis (teknogeek). All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Justin Gardner (Rhynorater) & Joel Margolis (teknogeek), Justin Gardner (Rhynorater), and Joel Margolis (teknogeek) or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Episode 69: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Johan Carlsson to hear about some updates on his bug hunting journey. We deep-dive a CSP bypass he found in GitHub, a critical he found in GitLab's pipeline, and also talk through his approach to using script gadgets and adapting to highly CSP'd environments. Then we talk about his transition to full-time bug hunting, including the goals he’s set, the successes and challenges, and his current focus on specific bug types like ReDoS and OAuth, and the serendipitous nature of bug hunting.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.

Nuclei 3.2 Release: https://nux.gg/podcast

Today’s Guest:

https://twitter.com/joaxcar

https://joaxcar.com/blog/

Resources

Github CSP Bypass

https://gist.github.com/joaxcar/6e5a0a34127704f4ea9449f6ce3369fc

CSP Validator

https://cspvalidator.org/

Cross Window Forgery

https://www.paulosyibelo.com/2024/02/cross-window-forgery-web-attack-vector.html

Gitlab Crit

https://gist.github.com/joaxcar/9419b2df8778f26e9b02a741a8ec12f8

Timestamps

(00:00:00) Introduction

(00:09:34) Github CSP Bypass

(00:38:48) Script Gadgets and growth through Gitlab

(00:53:53) Gitlab pipeline bug

(01:12:32) Full-time Bug Bounty

  continue reading

96 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Quick Reference Guide