Episode 109: Creative Recon - Alternative Techniques

Episode 109: In this episode of Critical Thinking - Bug Bounty Podcast we start off with a quick recap of some of the DeepSeek Drama that’s been going down, and discuss AI in CAPTCHA and 2FA as well. Then we switch to cover some other news before settling in to talk about Alternative Recon TechniquesFollow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: [email protected] to https://x.com/realytcracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater and Rez0 on Twitter:https://x.com/Rhynoraterhttps://x.com/rez0__====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today’s Sponsor - ThreatLocker. Check out their Managed Detection and Response!====== Resources ======ResourcesWiz Research Uncovers Exposed DeepSeek DatabaseBypass Bot DetectionTweet from sw33tLiersc 2faStealing HttpOnly cookies with the cookie sandwich techniqueReport Pointers for Collaborative ChainsClone2Leak: Your Git Credentials Belong To UsDeanonymization via cacheGoogleChrome related-website-sets====== Timestamps ======(00:00:00) Introduction(00:02:03) DeepSeek debacle and Bypass Bot Detection(00:23:48) Stealing HttpOnly cookies with the cookie sandwich technique(00:30:54) Report Pointers for Collaborative Chains(00:34:43) Clone2Leak: Your Git Credentials Belong To Us(00:40:04) Deanonymization for Signal and Discord(00:41:53) Alternative Recon Techniques