Episode 180: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Steve Hernandez, founder of the Bug Bounty Maturity Framework (BBMF), to walk us through the inaugural State of Bug Bounty Maturity Posture Report. We go through the scores and cover Asset Hygiene, Operational Signal, how to re-engage the relationship between trust and researcher participation.

Follow us on twitter at: https://x.com/ctbbpodcast

Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

====== Links ======

Follow your hosts Rhynorater, rez0 and gr3pme on X:

https://x.com/Rhynorater

https://x.com/rez0__

https://x.com/gr3pme

Critical Research Lab:

https://lab.ctbb.show/

Need a Pentest? We just launched CTBB Pentests!

https://pentest.ctbb.show/

Hack full time? Check out the Full-Time Hunter’s Guild!

https://ctbb.show/fthg

====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

You can also find some hacker swag at https://ctbb.show/merch!

Today’s Guest: https://x.com/SteveHernandezM

Email Steve at info@bugbountymaturity.com

Fill out this form to enter a Critical Thinkers raffle

https://forms.ctbb.show/mdaz

====== Resources ======

State of Bug Bounty Maturity Posture

https://bugbountymaturity.com/research/state-of-bug-bounty-maturity-posture-2026

Take the Bug Bounty Maturity Assessment

https://bugbountymaturity.com/assessment

AI Is Compressing the Bug Bounty Maturity Curve

https://bugbountymaturity.com/research/ai-is-compressing-the-bug-bounty-maturity-curve

====== Timestamps ======

(00:00:00) Introduction

(00:04:09) State of Bug Bounty Maturity Posture

(00:22:33) Researcher Interface & Program Trust

(00:44:38) Maturity Bands and Scoring

(01:08:19) AI Is Compressing the Bug Bounty Maturity Curve

Episode 179: In this episode of Critical Thinking - Bug Bounty Podcast we talk about how to stay motivated and keep the vibes strong during this trying time for Bug Bounty.

Follow us on twitter at: https://x.com/ctbbpodcast

Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

====== Links ======

Follow your hosts Rhynorater, rez0 and gr3pme on X:

https://x.com/Rhynorater

https://x.com/rez0__

https://x.com/gr3pme

Critical Research Lab:

https://lab.ctbb.show/

Need a Pentest? We just launched CTBB Pentests!

https://pentest.ctbb.show/

Hack full time? Check out the Full-Time Hunter’s Guild!

https://ctbb.show/fthg

====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

You can also find some hacker swag at https://ctbb.show/merch!

Today's Sponsor: Check out Zero Trust Cloud Access:

https://www.threatlocker.com/capabilities/zero-trust-cloud-access

====== Timestamps ======

(00:00:00) Introduction

(00:04:57) Managing Hacker Motivation

(00:10:45) Community, Competition, & Curosity

(00:16:54) Using AI with Passion

(00:23:10) The LHE Method & Sharing Wins

(00:28:01) Video POCs, Scripts, & Talking about Bugs

(00:40:49) Watching your health & stopping mid-hack

Episode 178: In this episode of Critical Thinking - Bug Bounty Podcast we’re back with BruteCat to finish up our discussion on hacking Google. This week we hit AI.

Follow us on twitter at: https://x.com/ctbbpodcast

Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

====== Links ======

Follow your hosts Rhynorater, rez0 and gr3pme on X:

https://x.com/Rhynorater

https://x.com/rez0__

https://x.com/gr3pme

Critical Research Lab:

https://lab.ctbb.show/

Need a Pentest? We just launched CTBB Pentests!

https://pentest.ctbb.show/

Hack full time? Check out the Full-Time Hunter’s Guild!

https://ctbb.show/fthg

====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

You can also find some hacker swag at https://ctbb.show/merch!

Today’s Guest: https://x.com/brutecat

====== Resources ======

Hacking Google with AI

https://brutecat.com/articles/hacking-google-with-ai/

====== Timestamps ======

(00:00:00) Introduction

(00:03:07) Discovery Docs Refresher & AI at BugSWAT Mexico

(00:30:49) Auth & Enumeration of Referer and Origin

(00:45:59) Pwning Google Stories

(01:09:32) Batch Execute & GraphQL