Episode 3: H1-407 Event Madness & Takeaways Part 1 - podcast episode cover

Episode 3: H1-407 Event Madness & Takeaways Part 1

Critical Thinking - Bug Bounty Podcast
Jan 26, 202346 minSeason 1Ep. 3
--:--
--:--
Listen in podcast apps:
Metacast
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Episode 3: In this episode of Critical Thinking - Bug Bounty Podcast we talk about some of the interesting things we’ve learned from participating in HackerOne's H1-407 Live Hacking event. We cover decompiling binaries in various different languages, Windows URI Handlers, Caido, and SameSite Lax + POST.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: [email protected]

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Frans Rosen S3 Bucket Authorization Blog Post: https://labs.detectify.com/2018/08/02/bypassing-exploiting-bucket-upload-policies-signed-urls/

Getting code from executables:

ILSpy

DotPeek

Jadx-GUI

Pyinstxtractor

Uncompyle6

Jub0b’s SameSite Article:

https://jub0bs.com/posts/2021-01-29-great-samesite-confusion/

Mgeeky’s Powershell Script to Enumerate Windows App URI Handlers

https://gist.github.com/mgeeky/5a30a0619a7486b2fb0bd5233490fa64

For the best experience, listen in Metacast app for iOS or Android
Open in Metacast
Episode 3: H1-407 Event Madness & Takeaways Part 1 | Critical Thinking - Bug Bounty Podcast - Listen or read transcript on Metacast