Day[0]

A weekly podcast for bounty hunters, exploit developers or anyone interesting in the details of the

Episodes

Total: 267

[bounty] Hacking Google AI and SAML
2024/3/5

A shorter episode this week, featuring some vulnerabilities impacting Google's AI and a SAML aut

[binary] Rust Memory Corruption???
2024/2/28

VirtualBox has a very buggy driver, PostgreSQL has an Out of Bounds Access, and lifetime issues are

[bounty] A PHP and Joomla Bug and some DOM Clobbering
2024/2/27

This week's episode features a cache deception issue, Joomla inherits a PHP bug, and a DOM clobb

[binary] Linux Burns Down CVEs
2024/2/21

Linux becomes a CNA and takes a stance on managing CVEs for themselves, and underutilized fuzzing st

[bounty] GhostCMS, ClamAV, and the Top Web Hacking Techniques of 2023
2024/2/20

In this bounty episode, some straightforward bugs were disclosed in GhostCMS and ClamAV, and Portswi

[binary] kCTF Changes, LogMeIn, and wlan VFS Bugs
2024/2/14

Google makes some changes to their kCTF competition, and a few kernel bugs shake out of the LogMeIn

[bounty] The End of a DEFCON Era and Flipper Zero Woes
2024/2/13

DEF CON moves venues, the Canadian government moves to ban Flipper Zero, and some XSS issues affect

[binary] The Syslog Special
2024/2/7

Libfuzzer goes into maintenance-only mode and syslog vulnerabilities plague some vendors in this wee

[bounty] Public Private Android Keys and Docker Escapes
2024/2/6

This week we have a crazy crypto fail where some Android devices had updates signed by publicly avai

[binary] Busted ASLR, PixieFail, and Bypassing HVCI
2024/1/31

This week's binary episode features a range of topics from discussion on Pwn2Own's first aut

[bounty] Reborn Homograph Attacks and Ransacking Passwords
2024/1/30

A packed episode this week as we cover recent vulnerabilities from the last two weeks, including som

[binary] Bypassing Chromecast Secure-Boot and Exploiting Factorio
2024/1/17

A bit of a game special this week, with a Counter-Strike: Global Offensive vulnerability and an expl

[bounty] A GitLab Account Takeover and a Coldfusion RCE
2024/1/16

A short bounty episode featuring some logical bugs in Apache OFBiz, a GitLab Account Takeover, and a

[binary] Allocator MTE, libwebp, and Operation Triangulation
2024/1/10

This week's highly technical episode has discussion around the exploitation of a libwebp vulnera

[bounty] Spoofing Emails, PandoraFMS, and Keycloak

2024/1/9

Kicking off 2024 with a longer episode as we talk about some auditing desktop applications (in the c

[binary] RetSpill, A Safari Vuln, and Steam RCE
2023/12/22

A bit of a rambling episode to finish off 2023, we talk about some Linux kernel exploitation researc

[bounty] IOT Issues and DNS Rebinding
2023/12/19

A mix of issues this week, not traditionally bounty topics, but there are some lessons that can be a

[binary] Samsung Baseband and GPU Vulns
2023/12/6

A Samsung special this week, starting off with two Samsung specific vulnerabilities, one in the bas

[bounty] Buggy Cookies and a macOS TCC Bypass
2023/12/5

This week brings up a pretty solid variety of issues. Starting off with some cookie smuggling (and o

[binary] Hypervisor Bugs and a FAR-out iOS bug
2023/11/29

This week kicks off with a a V8 misoptimization leading to out-of-bounds access, an unprotected MSR