Episode 41: Mini Masterclass: Attack Vector Ideation

Episode 41: In this episode of Critical Thinking - Bug Bounty Podcast, Justin takes a break from his busy travel schedule to walk us through a few of his Attack Vector formulation strategies. We’re keeping this one short and sweet, so it can be better used as a reference when looking for new vectors.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.Nahamcon talk by Douglas Dayhttps://youtu.be/G1RHa7l1Ys4?t=295Timestamps:(00:00:00) Introduction(00:02:53) Use the application like a human, not like a hacker(00:05:02) Reading documentation looking for "Cannot" statements(00:08:16) Look at the grayed out areas(00:10:08) Look for information in the API response(00:12:38) Differences in the UI between different accounts(00:13:42) Pay the paywall.