Episode 163: Best Technical Takeaways from Portswigger Top 10 2025

Failed to add items

Sorry, we are unable to add the item because your shopping basket is already at capacity.

Add to cart failed.

Please try again later

Add to wishlist failed.

Please try again later

Remove from wishlist failed.

Please try again later

Follow podcast failed

Unfollow podcast failed

Episode 163: Best Technical Takeaways from Portswigger Top 10 2025

Listen for free

View show details

About this listen

Episode 163: In this episode of Critical Thinking - Bug Bounty Podcast It’s that time of year again! We’re looking at the Portswigger Research list of top 10 web hacking techniques of 2025.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pmeCritical Research Lab:https://lab.ctbb.show/ ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!====== Resources ======Parser Differentials: When Interpretation Becomes a Vulnerabilityhttps://www.youtube.com/watch?v=Dq_KVLXzxH8XSS-Leak: Leaking Cross-Origin Redirectshttps://blog.babelo.xyz/posts/cross-site-subdomain-leak/Playing with HTTP/2 CONNECThttps://blog.flomb.net/posts/http2connect/Next.js, cache, and chains: the stale elixirhttps://zhero-web-sec.github.io/research-and-things/nextjs-cache-and-chains-the-stale-elixirSOAPwn: Pwning .NET Framework Apps Through HTTP Client Proxies And WSDLhttps://watchtowr.com/wp-content/uploads/SOAPwnwatchtowr_soappwn-research-whitepaper_10-12-2025.pdfCross-Site ETag Length Leakhttps://blog.arkark.dev/2025/12/26/etag-length-leakLost in Translation: Exploiting Unicode Normalizationhttps://www.youtube.com/watch?v=ETB2w-f3pM4ORM Leaking More Than You Joined Forhttps://www.elttam.com/blog/leaking-more-than-you-joined-for/Novel SSRF Technique Involving HTTP Redirect Loopshttps://slcyber.io/research-center/novel-ssrf-technique-involving-http-redirect-loops/Successful Errors: New Code Injection and SSTI Techniqueshttps://github.com/vladko312/Research_Successful_Errors====== Timestamps ======(00:00:00) Introduction(00:02:33) Parser Differentials: When Interpretation Becomes a Vulnerability(00:11:02) XSS-Leak: Leaking Cross-Origin Redirects(00:18:25) Playing with HTTP/2 CONNECT(00:22:10) Next.js, cache, and chains: the stale elixir(00:29:15) SOAPwn: Pwning .NET Framework Apps Through HTTP Client Proxies And WSDL(00:34:27) Cross-Site ETag Length Leak(00:41:47) Lost in Translation: Exploiting Unicode Normalization(00:47:27) ORM Leaking More Than You Joined For(00:54:07) Novel SSRF Technique Involving HTTP Redirect Loops(00:58:40) Successful Errors: New Code Injection and SSTI Techniques

No reviews yet