Episode 114: Single Page Application Hacking Playbook
Episode 114: In this episode of Critical Thinking - Bug Bounty Podcast we’re diving into SPA and how to attack them.We also cover a host of news items, including some bug write-ups, AI updates, and a new tool called Hackadvisor.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater and Rez0 on Twitter: https://x.com/Rhynoraterhttps://x.com/rez0__====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today’s Sponsor: ThreatLocker Cloud Control====== Resources ======Hacking High-Profile Bug Bounty Targets: Deep Dive into a Client-Side ChainResearch finds 12,000 ‘Live’ API Keys and Passwords in DeepSeek's Training DataHackadvisorWP ExtensionsNotebook LMPressing Buttons with PopupsResponse to @RenwaX23Prompt Injection Attacks for DummiesShadow Repeaterparallel-prettier====== Timestamps ======(00:00:00) Introduction(00:02:15) Bug Write-up from @busf4ctor(00:09:44) Scanning Common Crawl(00:16:30) Hackadvisor and WP/Chrome Extension News(00:24:15) Notebook LM, and Recent AI Updates(00:31:58) Write-up from @J0R1AN and Related POC from @RenwaX23(00:38:10) Prompt Injection Attacks for Dummies(00:42:29) ShadowRepeater(00:47:04) Single-page applications