Decided to publish PPPwn early. The first PlayStation 4 Kernel RCE. Supporting FWs upto 11.00.

github.com/TheOfficialFlo…

The latest Critical Thinking - Bug Bounty Podcast HackerNotes has just dropped! Check out a bunch of fresh HTMX bypasses and a Cloudflare cdn-cgi gadget below 👇👇👇
blog.criticalthinkingpodcast.io/p/0-days-htmx-…

The latest Critical Thinking - Bug Bounty Podcast HackerNotes has dropped, covering all things VDP and bypassing restricted endpoints. Check it out below👇
blog.criticalthinkingpodcast.io/p/vdps-and-pro…

Our #LiveHackingEvent with Louis Vuitton is under the spotlight on Critical Thinking - Bug Bounty Podcast 🎙️

Big thanks to @rhynorater and Joel Margolis (teknogeek) for the shout out, highlighting the awesome target and swag. We'd love you to join our next #LHE - the ball is in your court 😉
youtu.be/PNaXwJlpcuI?si…

Just finished recording a 2.5 hour podcast with Sam Curry and whew - y'all are in for a good one this Thursday <3

In 2022 we found vulnerabilities in dormakaba Saflok hotel locks. Reading one RFID card enables us to forge a pair of cards that open any door in that hotel! Dormakaba is currently working with its customers to fix the 3 million affected locks. wired.com/story/saflok-h…

New episode with Jason Haddix just came out! As always, he drops some fire recon tips and shared some awesome stories from his vast experiences.

CTBB.show/63

In case you missed last week's Critical Thinking - Bug Bounty Podcast episode, HackerNotes covers Cool HTML Sh*t, Dealing with JS, CSS Injection and more 👇blog.criticalthinkingpodcast.io/p/frontend-lan…

I earned $133,700 + $15,855 for my submission on @bugcrowd bugcrowd.com/ebrietas
#ItTakesACrowd
Largest bounty Ive ever received and it's truly incredible that bug bounty has reached a point where these types of bounties are possible. Permission has been requested to disclose.

My interview with Joel Margolis (teknogeek) is now live on YouTube!

We discuss a variety of mobile security testing topics.

Subscribe to my newsletter, Executive Offense, to see these interviews before anyone else! ❤️

executiveoffense.beehiiv.com

Enjoy!

youtube.com/watch?v=p1qYZE…

In this article Joseph Thacker , Justin Gardner and I managed to hack Google VRP (Google Bug Hunters) AI for 50,000$

Link 👇

landh.tech/blog/20240304-…

Enjoy 🤟🔥

My Chrome bug just got disclosed! It’s a really cool chain of 4 vulns leading to local file read and universal XSS (including extensions). Maybe I’ll make a blog post about it

issues.chromium.org/issues/40942152

Go Go XSS Gadgets: Chaining a DOM Clobbering Exploit in the Wild

buer.haus/2024/02/23/go-…

Featuring Sam Curry, xEHLE

I found 2 stored XSS vulnerabilities in ChatGPT.

The XSS bug was the easy part, but sharing it required bypassing CSP, leveraging a mass assignment issue for client-side path traversal (thanks Critical Thinking - Bug Bounty Podcast) to force a request to a BFLA endpoint.

🧵 [1/5]

Check out the latest episode of Critical Thinking - Bug Bounty Podcast HackerNotes! 💻 Youssef Sammouda shares some invaluable insights on client-side gadgets and tips for ATO. Don't miss out on this one!

blog.criticalthinkingpodcast.io/p/client-side-…

We just dropped episode 58 with Youssef Sammouda (sam0)!

This episode is packed with client-side war stories and all the technical goodies we like to hear about.

Youssef is a true master of his craft - it was awesome to interview him.

ctbb.show/58

Super excited to announce this year's #NahamCon2024 hosts: tekno geek and @rhynorater!

The daily dose of Critical Thinking - Bug Bounty Podcast 🤘😎
Yesterday episode 13, today episode 16. Great tips, guys! 🙌