Joel Margolis (teknogeek)
@0xteknogeek
AppSec by day, Hacker by night || Co-host of @ctbbpodcast || Puzzle addict
ID:355571375
https://linktr.ee/teknogeek 15-08-2011 15:25:35
9,0K Tweets
13,7K Followers
1,3K Following
The latest Critical Thinking - Bug Bounty Podcast HackerNotes has just dropped! Check out a bunch of fresh HTMX bypasses and a Cloudflare cdn-cgi gadget below ๐๐๐
blog.criticalthinkingpodcast.io/p/0-days-htmx-โฆ
The latest Critical Thinking - Bug Bounty Podcast HackerNotes has dropped, covering all things VDP and bypassing restricted endpoints. Check it out below๐
blog.criticalthinkingpodcast.io/p/vdps-and-proโฆ
Our #LiveHackingEvent with Louis Vuitton is under the spotlight on Critical Thinking - Bug Bounty Podcast ๐๏ธ
Big thanks to @rhynorater and Joel Margolis (teknogeek) for the shout out, highlighting the awesome target and swag. We'd love you to join our next #LHE - the ball is in your court ๐
youtu.be/PNaXwJlpcuI?siโฆ
New episode with Jason Haddix just came out! As always, he drops some fire recon tips and shared some awesome stories from his vast experiences.
CTBB.show/63
In case you missed last week's Critical Thinking - Bug Bounty Podcast episode, HackerNotes covers Cool HTML Sh*t, Dealing with JS, CSS Injection and more ๐blog.criticalthinkingpodcast.io/p/frontend-lanโฆ
I earned $133,700 + $15,855 for my submission on @bugcrowd bugcrowd.com/ebrietas
#ItTakesACrowd
Largest bounty Ive ever received and it's truly incredible that bug bounty has reached a point where these types of bounties are possible. Permission has been requested to disclose.
My interview with Joel Margolis (teknogeek) is now live on YouTube!
We discuss a variety of mobile security testing topics.
Subscribe to my newsletter, Executive Offense, to see these interviews before anyone else! โค๏ธ
executiveoffense.beehiiv.com
Enjoy!
youtube.com/watch?v=p1qYZEโฆ
In this article Joseph Thacker , Justin Gardner and I managed to hack Google VRP (Google Bug Hunters) AI for 50,000$
Link ๐
landh.tech/blog/20240304-โฆ
Enjoy ๐ค๐ฅ
I found 2 stored XSS vulnerabilities in ChatGPT.
The XSS bug was the easy part, but sharing it required bypassing CSP, leveraging a mass assignment issue for client-side path traversal (thanks Critical Thinking - Bug Bounty Podcast) to force a request to a BFLA endpoint.
๐งต [1/5]
Check out the latest episode of Critical Thinking - Bug Bounty Podcast HackerNotes! ๐ป Youssef Sammouda shares some invaluable insights on client-side gadgets and tips for ATO. Don't miss out on this one!
blog.criticalthinkingpodcast.io/p/client-side-โฆ
We just dropped episode 58 with Youssef Sammouda (sam0)!
This episode is packed with client-side war stories and all the technical goodies we like to hear about.
Youssef is a true master of his craft - it was awesome to interview him.
ctbb.show/58
The daily dose of Critical Thinking - Bug Bounty Podcast ๐ค๐
Yesterday episode 13, today episode 16. Great tips, guys! ๐