Critical Thinking - Bug Bounty Podcast

A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.

More
Recent Episodes
  • Episode 124: Bug Bounty Lifestyle = Less Hacking Time?
    May 29, 2025 – 45:26
  • Episode 123: Hacking AI Series: Vulnus ex Machina - Part 2
    May 22, 2025 – 44:12
  • Episode 122: We Won Google's AI Hacking Event in Tokyo - Main Takeaways
    May 15, 2025 – 01:45:30
  • Episode 121: Slonser’s Image Injection 0-day -> ATO & New Caido Collab Plugin
    May 8, 2025 – 57:27
  • Episode 120: SpaceRaccoon - From Day Zero to Zero Day
    May 1, 2025 – 01:36:57
  • Episode 119: Abusing Iframes from a client-side hacker
    Apr 17, 2025 – 33:54
  • Episode 118: Hacking Happy Hour: 0days on Tap and SQLi Shots
    Apr 10, 2025 – 58:29
  • Episode 117: Hacking AI Series: Vulnus ex Machina - Part 1
    Apr 3, 2025 – 32:20
  • Episode 116: Auth Bypasses and Google VRP Writeups
    Mar 27, 2025 – 26:48
  • Episode 115: Mentee to Career Hacker - Mokusou (So Sakaguchi)
    Mar 20, 2025 – 01:40:58
  • Episode 114: Single Page Application Hacking Playbook
    Mar 13, 2025 – 01:22:25
  • Episode 113: Best Technical Takeaways from Portswigger Top 10 2024
    Mar 6, 2025 – 01:29:19
  • Episode 112: Interview with Ciarán Cotter (MonkeHack) - Critical Lab Researcher and Full-time Hunter
    Feb 27, 2025 – 01:07:37
  • Episode 111: How to Bypass DOMPurify in Bug Bounty with Kevin Mizu
    Feb 20, 2025 – 01:49:15
  • Episode 110: Oauth Gadget Correlation and Common Attacks
    Feb 13, 2025 – 49:41
  • Episode 109: Creative Recon - Alternative Techniques
    Feb 6, 2025 – 01:01:42
  • Episode 108: How to Hack Salesforce, ServiceNow, and Other SaaS Products With Aaron Costello
    Jan 30, 2025 – 01:31:08
  • Episode 107: Bypassing Cross-Origin Browser Headers
    Jan 23, 2025 – 01:06:17
  • Episode 106: Announcing our new cohost...
    Jan 16, 2025 – 58:10
  • Episode 105: Best Critical Thinking Moments from 2024
    Jan 9, 2025 – 02:17:47
  • Episode 104: 2024 Hacker Stats & 2025 Goals
    Jan 2, 2025 – 29:00
  • Episode 103: Getting ANSI about Unicode Normalization
    Dec 26, 2024 – 01:00:30
  • Episode 102: Building Web Hacking Micro Agents with Jason Haddix
    Dec 19, 2024 – 01:02:49
  • Episode 101: CTBB Hijacked: Rez0__ on AI Attack Vectors with Johann Rehberger
    Dec 12, 2024 – 51:24
  • Ep 100 - 8 Fav Bugs of 2024, Farewell Joel, Hello Shift - Cursor of Hacking
    Dec 5, 2024 – 01:41:40
  • Episode 99: Back to the Basics - Web Fundamental to 100k a Year in Bug Bounty
    Nov 28, 2024 – 01:42:54
  • Episode 98: Team 82 Sharon Brizinov - The Live Hacking Polymath
    Nov 21, 2024 – 01:43:57
  • Episode 97: Bcrypt Hash Input Truncation & Mobile Device Threat Modeling
    Nov 14, 2024 – 53:05
  • Episode 96: Cookies & Caching with MatanBer
    Nov 7, 2024 – 49:09
  • Episode 95: Attacking Chrome Extensions with MatanBer - Big Impact on the Client-Side
    Oct 31, 2024 – 01:56:23
  • Episode 94: Zendesk Fiasco & the CTBB Naughty List
    Oct 24, 2024 – 49:29
  • Episode 93: A Chat with Dr. Bouman - Life as a Hacker and a Doctor
    Oct 17, 2024 – 01:41:29
  • Episode 92 - SAML XPath Confusion, Chinese DNS Poisoning, and AI Powered 403 Bypasser
    Oct 10, 2024 – 47:38
  • Episode 91: Zero to LHE in 9 Months (feat gr3pme)
    Oct 3, 2024 – 01:22:50
  • Episode 90: 5k Clickjacking, Encryption Oracles, and Cursor for PoCs
    Sep 26, 2024 – 51:42
  • Episode 89: The Untapped Bug Bounty Landscape of IoT w/ Matt Brown
    Sep 19, 2024 – 01:58:03
  • Episode 88: News, Tools, and Writeups
    Sep 12, 2024 – 01:06:08
  • Episode 87: 'Hacker Wife' Mariah Gardner on Bug Bounty mentality and relationships
    Sep 5, 2024 – 01:26:41
  • Episode 86: The X-Correlation between Frans & RCE - Research Drop
    Aug 29, 2024 – 42:09
  • Episode 85: Practical Applications of DEFCON 32 Web Research
    Aug 22, 2024 – 01:30:30
  • Episode 84: 0xLupin & Takeaways from Google's Las Vegas BugSwat
    Aug 15, 2024 – 27:15
  • Episode 83: Brainstorming Proxy Plugins
    Aug 8, 2024 – 54:50
  • Episode 82: Part-Time Bug Bounty
    Aug 1, 2024 – 36:32
  • Episode 81: Crushing Client-Side on Any Scope with MatanBer
    Jul 25, 2024 – 02:04:48
  • Episode 80: Pwn2Own VS H1 Live Hacking Event (feat SinSinology)
    Jul 18, 2024 – 02:49:26
  • Episode 79: The State of CSS Injection - Leaking Text Nodes & HTML Attributes
    Jul 11, 2024 – 01:10:25
  • Episode 78: Less Writing, More Hacking - Reporting Efficiency Techniques
    Jul 4, 2024 – 01:06:25
  • Episode 77: Bug Bounty Mental - Practical Tips for Staying Sharp & Motivated
    Jun 27, 2024 – 01:50:26
  • Episode 76: Match & Replace - HTTP Proxies' Most Underrated Feature
    Jun 20, 2024 – 01:34:43
  • Episode 75: *Rerun* of The OG Bug Bounty King - Frans Rosen
    Jun 13, 2024 – 02:44:52
Recent Reviews
  • Evan Connelly
    A much needed resource
    The podcast and the community gave me a kind of plausibility structure, a mental model, where I could genuinely see myself being successful. And once I had that, I started consistently investing time. And it paid off.
  • Packet Surf3r
    Best Web Security Podcast In The History of All Security Podcasts
    I listen to this podcast every single day. You will absolutely not find a single podcast matching the quality here. From the seasoned veterans that share cutting edge research on the pod, to the hosts that are absolute legends in the industry, there is no reason why you shouldn’t be tuned in and listening if you consider yourself involved in web app security. Thanks to everyone who makes Critical Thinking happen, you are truly making history with this pod. Thank you so much. -Packet Surf3r
  • BlindNotBroken84
    Love to binge on my long trips to Mexico
    Terrific podcast
  • DAJOE2020
    Awesome Podcast!
    As a beginner wanting to learn about bug bounty, I really enjoyed this podcast. They dive deep into a variety of topics, talk with other experts, and are very well informed themselves. Definitely give it a listen, it’s worth your time!
  • C3lt1c Hacker
    Amazing Content!
    I just found this podcast. I am a new bug bounty hunter. In the morning, I’m a culinary chef, by night I’m a bug bounty hunter. I listen to this (just started 2 days ago) while I’m at work to get my hyped up and excited about after work. Knowing these 2 guys literally pays their bills with bug bounties gives me hope I can too! Thank you for the encouragement and the new tools you guys speak of! The methods are worth their weight in gold, and eager to start learning & doing more!
  • Behrad from iran
    Thanks for your awesome content
    Your podcast is really informative and keep me motivated to keep learning.
  • revxor
    Informative && Insightful && Entertaining++
    I enjoy how informative, fun and insightful the podcast is. I appreciate the casual and down to earth feel of the conversations, which I can relate to from working in the offensive security space. I always take something away from it, keep it coming guys!
  • danmulvey
    My new favorite podcast!
    Absolutely love this podcast, super informative and entertaining. I love the advice, motivation, and discussions of recent bug disclosures/writeups. Keep up the great work and thank you guys for putting so much effort into the show, I love it and have been recommending it to everyone!
  • Maleick
    Best Bug Bounty Podcast
    Very informative and helpful podcast for new and old bug hunters!
  • Maxpower99
    Great bug bounty podcast
    Only 5 episodes and it’s already a must listen for me. It’s entertaining and insightful. Great show. Update: Now 18 episodes in and I’d give this show 10 stars if I could. The content continues to be fantastic. Also bonus points for incredible intro and now outro music.
  • EntmootOpening
    One of my new go-to listens
    I too came here from Unsupervised Learning, and now I binge these episodes. This will easily become a staple of the bug bounty scene for its up-to-date info and funny banter between two great hosts
  • 14erDave
    Fantastic pod
    So much great, fresh content. An absolute must for security researchers and engineers alike.
  • bitloop
    IRL Razor & Blade (from hackers)
    I’ve to this episodes at least three to for times each. Golden. If you ever wanted a IRL version of Razor & Blade, this is it.
  • nathanc0de
    Great stuff by two goated hackers
    This podcast is incredible!! If you have any interest in cybersecurity, ethical hacking, or just tech in general then this is for you. Happy listening!
  • threatacting
    Favorite Security Podcast
    Amazing content from two supremely talented hackers. A must-listen for anyone looking for high-quality security content.
  • Ey0t
    I’m loving it!
    I found this show from Unsupervised Learning Podcast. I was able to find some great recommendations and useful knowledge with this podcast!
  • defparam
    Great show!
    Justin and Joel do a great job providing commentary on the bug bounty community. It’s a pleasure to listen!
  • 1911Rocky
    Love it
    Dammnit I’m enjoying these episodes.
  • rez0__
    The best bug bounty podcast
    Joel and Justin are extremely talented hackers sharing amazing insights into appsec. Give it a listen!
Disclaimer: The podcast and artwork on this page are property of the podcast owner, and not endorsed by UP.audio.