Feb 06 2025 61 mins 51
Episode 109: In this episode of Critical Thinking - Bug Bounty Podcast we start off with a quick recap of some of the DeepSeek Drama that’s been going down, and discuss AI in CAPTCHA and 2FA as well. Then we switch to cover some other news before settling in to talk about Alternative Recon Techniques
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]
Shoutout to https://x.com/realytcracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
Today’s Sponsor - ThreatLocker. Check out their Managed Detection and Response!
====== Resources ======
Resources
Wiz Research Uncovers Exposed DeepSeek Database
Stealing HttpOnly cookies with the cookie sandwich technique
Report Pointers for Collaborative Chains
Clone2Leak: Your Git Credentials Belong To Us
GoogleChrome related-website-sets
====== Timestamps ======
(00:00:00) Introduction
(00:02:03) DeepSeek debacle and Bypass Bot Detection
(00:23:48) Stealing HttpOnly cookies with the cookie sandwich technique
(00:30:54) Report Pointers for Collaborative Chains
(00:34:43) Clone2Leak: Your Git Credentials Belong To Us
(00:40:04) Deanonymization for Signal and Discord
(00:41:53) Alternative Recon Techniques
