
Episode 163: Best Technical Takeaways from Portswigger Top 10 2025
From Critical Thinking - Bug Bounty Podcast by Justin Gardner (Rhynorater), Joseph Thacker (Rez0), & Brandyn Murtagh (gr3pme)
February 26, 2026 · 1h 8m · Season 1 · Episode 163
About this episode
The episode discusses the top 10 web hacking techniques of 2025 as listed by Portswigger.
Episode 163: In this episode of Critical Thinking - Bug Bounty Podcast It’s that time of year again! We’re looking at the Portswigger Research list of top 10 web hacking techniques of 2025. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io Shoutout to YTCracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynorater https://x.com/rez0__ https://x.com/gr3pme Critical Research Lab: https://lab.ctbb.show/ ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord ! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch ! ====== Resources ====== Parser Differentials: When Interpretation Becomes a Vulnerability https://www.youtube.com/watch?v=Dq_KVLXzxH8 XSS-Leak: Leaking Cross-Origin Redirects https://blog.babelo.xyz/posts/cross-site-subdomain-leak/ Playing with HTTP/2 CONNECT…
People in this episode
Hosts: Justin Gardner, Joseph Thacker, Brandyn Murtagh
Topics covered
- web hacking
- security techniques
- Portswigger
- bug bounty
- technology
Keywords
- web hacking techniques
- Portswigger
- bug bounty
- security research
- technology
Mentioned in this episode
Organizations: Portswigger
More episodes of Critical Thinking - Bug Bounty Podcast
- Episode 178: 600k in ~3 months - BruteCat pt 2 · June 11, 2026 · 1h 24m
- Episode 177: 2x Google RCE with VRP Legend Brutecat · June 4, 2026 · 1h 25m
- Episode 176: 600+ CVEs on Adobe AEM with Jim Green (GreenJam) · May 28, 2026 · 1h 51m
- Episode 175: Rhyno’s Hackbot Setup, Sick Bugs, and ZDI Drama · May 21, 2026 · 50 min
- Episode 174: Saving Bug Bounty Programs + AMPScript, tessl & GPT-5.5 · May 14, 2026 · 1h 10m
- Episode 173: Bug Bounty is Dead and AI Killed it. · May 7, 2026 · 1h 2m
Explore listener stats, chart rankings, contacts and more on the Critical Thinking - Bug Bounty Podcast podcast page.