I think you could probably go back and track the stages of grief, probably that is what I went through. But I think if you do it right, you end up at acceptance. And that's where I ended up. And that's not to say that I've fully accepted the idea that the golden toad is extinct. Personally, I do still hold out hope that it could still be out there in those forests." - Trevor Ritland This conversation is with Trevor Ritland, who—along with his twin brother Kyle—authored The Golden Toad . The book chronicles their remarkable journey into Costa Rica’s cloud forest, once home to hundreds of brilliant golden toads that would emerge for just a few weeks each year—until, one day, they vanished without a trace. What began as a search for a lost species soon became something much more profound: a confrontation with ecological grief, a meditation on hope, and a powerful call to protect the natural world while we still can. Links: SpeciesUnite.com Kyle and Trevor: https://kyleandtrevor.com/ Instagram: https://www.instagram.com/adventureterm/ Goodreads - https://www.goodreads.com/book/show/222249677-the-golden-toad Amazon - https://www.amazon.com/Golden-Toad-Ecological-Mystery-Species/dp/163576996…
Player FM - Internet Radio Done Right
Checked 21d ago
اضافه شده در twenty-four هفته پیش
محتوای ارائه شده توسط Amin Malekpour. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط Amin Malekpour یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
Player FM - برنامه پادکست
با برنامه Player FM !
با برنامه Player FM !
))
Daily Deals
پادکست هایی که ارزش شنیدن دارند
حمایت شده
Hacked & Secured: Pentest Exploits & Mitigations
علامت گذاری همه پخش شده(نشده) ...
Manage series 3643227
محتوای ارائه شده توسط Amin Malekpour. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط Amin Malekpour یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer.
Hacked & Secured: Pentest Exploits & Mitigations breaks down real-world pentest findings, exposing how vulnerabilities were discovered, exploited, and mitigated.
Each episode dives into practical security lessons, covering attack chains and creative exploitation techniques used by ethical hackers. Whether you're a pentester, security engineer, developer, or blue teamer, you'll gain actionable insights to apply in your work.
🎧 New episodes every month.
🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram, Website Link
📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A
📧 Feedback? Email Us → podcast@quailu.com.au
11 قسمت
اشتراک گذاری
علامت گذاری همه پخش شده(نشده) ...
Manage series 3643227
محتوای ارائه شده توسط Amin Malekpour. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط Amin Malekpour یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer.
Hacked & Secured: Pentest Exploits & Mitigations breaks down real-world pentest findings, exposing how vulnerabilities were discovered, exploited, and mitigated.
Each episode dives into practical security lessons, covering attack chains and creative exploitation techniques used by ethical hackers. Whether you're a pentester, security engineer, developer, or blue teamer, you'll gain actionable insights to apply in your work.
🎧 New episodes every month.
🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram, Website Link
📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A
📧 Feedback? Email Us → podcast@quailu.com.au
11 قسمت
همه قسمت ها
×
H
Hacked & Secured: Pentest Exploits & Mitigations
One cookie set on a subdomain triggered XSS and stole session tokens. One fake image upload gave the attacker a reverse shell. This episode breaks down two powerful exploits—a cookie-based XSS that bypassed frontend protections, and an RCE through Ghostscript triggered by a disguised PostScript file. Learn how subtle misconfigurations turned everyday features into full account and server compromise. Chapters: 00:00 - INTRO 01:08 - FINDING #1 - Cookie-Controlled XSS 12:19 - FINDING #2 - Image Upload to RCE via Ghostscript 19:03 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description , and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn , YouTube , Twitter , Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link…
H
Hacked & Secured: Pentest Exploits & Mitigations
One markdown link copied server files. One poisoned log triggered remote code execution. One LFI crashed the entire server. In this episode, we unpack three real-world exploits—directory traversal and local file inclusion flaws that went far beyond file reads. From silent data leaks to full server compromise, these attacks all started with a single trusted path. Chapters: 00:00 - INTRO 01:07 - FINDING #1 - Server File Theft with Directory Traversal 09:23 - FINDING #2 - From File Inclusion to RCE via Log Poisoning 16:20 - FINDING #3 - LFI to Server Crash 24:09 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description , and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn , YouTube , Twitter , Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link…
H
Hacked & Secured: Pentest Exploits & Mitigations
A broken logout flow let attackers hijack accounts using just a user ID. A self-XSS and an IDOR exposed stored data. And a forgotten internal tool—running outdated software—ended in full Remote Code Execution. This episode is all about how small bugs, missed checks, and overlooked services can lead to serious consequences. Chapters: 00:00 - INTRO 01:22 - FINDING #1 - The Logout That Logged You In 07:12 - FINDING #2 - From Signature Field to Shell Access 14:40 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description , and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn , YouTube , Twitter , Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link…
H
Hacked & Secured: Pentest Exploits & Mitigations
A predictable ID exposed private documents. A crafted name leaked backend files. In this episode, we break down two high-impact flaws—an IDOR that let attackers clone confidential attachments, and an SSTI hidden in an email template that revealed server-side files. Simple inputs, big consequences. Learn how they worked, why they were missed, and how to stop them. Chapters: 00:00 - INTRO 01:28 - FINDING #1 – IDOR to Steal Confidential Files with Just an Attachment ID 09:05 - FINDING #2 – Server-Side Template Injection That Leaked Local Files 18:41 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description , and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn , YouTube , Twitter , Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link…
H
Hacked & Secured: Pentest Exploits & Mitigations
A single uppercase letter unlocked an admin panel. One malformed request hijacked user sessions. In this episode, we break down two real-world exploits—a 403 bypass and a request smuggling attack—that turned small oversights into full system compromise. Learn how they worked, why they were missed, and what should have been done differently. Chapters: 00:00 - INTRO 01:18 - FINDING #1 – The 403 Bypass That Led to Full Admin Control 08:17 - FINDING #2 – Smuggling Requests, Hijacking Responses 16:35 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description , and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn , YouTube , Twitter , Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link…
H
Hacked & Secured: Pentest Exploits & Mitigations
A simple filename triggered stored XSS, hijacking accounts and stealing API keys. A SQL injection bypassed a web firewall, dumping an entire database in one request. Both attacks exploited basic security flaws—flaws that should have been caught. Learn how these exploits worked, why they were missed, and what should have been done differently. Chapters: 0:00 - INTRO 01:39 - FINDING #1 – Stored XSS That Took Over User Accounts 07:14 - FINDING #2 – The SQL Injection That Bypassed a Firewall and Dumped the Entire Database 15:22 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description , and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn , YouTube , Twitter , Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link…
H
Hacked & Secured: Pentest Exploits & Mitigations
1 Ep. 4 – Exposed Secrets & Silent Takeovers: How Misconfigurations Open the Door to Attackers 21:15
Exposed secrets, overlooked permissions, and credentials hiding in plain sight—each one leading to a critical breach. In this episode, we break down three real-world pentest findings where a forgotten file, a misconfigured setting, and a leaked credential gave attackers full control. How did they happen? How can you find similar issues? And what can be done to stop them? Listen now to learn how attackers exploit these mistakes—and how you can prevent them. Chapters: 00:00 - INTRO 01:00 - FINDING #1 - How a Forgotten File Exposed Private Repositories 06:37 - FINDING #2 - How Misconfigured Permissions Led to Full System Takeover 14:35 - FINDING #3 - The Credentials That Gave Access to a Network Switch 20:31 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description , and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn , YouTube , Twitter , Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link…
H
Hacked & Secured: Pentest Exploits & Mitigations
1 Ep. 3 – One Request, One URL, One Bluetooth Hack: Three Takeovers That Shouldn’t Have Happened 21:30
How can attackers take over accounts, networks, and devices—without credentials? In this episode, we break down three real-world security flaws that prove authentication alone isn’t enough: Account Takeover – A single request bypassed email verification, locking out store owners. Internal Network Compromise – A hidden admin URL and hardcoded access key gave attackers full control. Smart Device Hijack – A community-submitted finding reveals how Bluetooth vulnerabilities allowed remote command execution— without WiFi, passwords, or internet access. These findings expose critical weaknesses in application security, network defense, and IoT device protection—problems that pentesters, developers, and security teams must identify before attackers do. Chapters: 00:00 - INTRO 01:30 - FINDING #1 - How a Security Researcher Took Over an Entire Shopping Platform with Just One Request 07:25 - FINDING #2 - How a Security Researcher Hacked an Entire Internal Network with Just One URL 13:46 - FINDING #3 - How a Security Researcher Took Over a Smart Switch Using Just Bluetooth 20:47 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description , and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn , YouTube , Twitter , Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link…
H
Hacked & Secured: Pentest Exploits & Mitigations
1 Ep. 2 – Chaining IDORs, CSRF Account Takeovers & Token Manipulation for Privilege Escalation 19:16
What if you could take over an account—not by cracking a password, but by chaining two overlooked vulnerabilities? What if a single CSRF exploit let attackers reset security questions and hijack accounts? And what if manipulating an authorization token could escalate privileges? In this episode of Hacked & Secured: Pentest Exploits & Mitigations , we break down three real-world pentest findings that prove creative exploitation turns small flaws into critical security risks: Chaining IDORs for account takeover – Exploiting weak access controls. CSRF bypass to reset security questions – Turning one click into total compromise. Privilege escalation via token manipulation – How a simple change led to admin access. Learn how these vulnerabilities were discovered, exploited, and mitigated. Chapters: 00:00 - INTRO 01:02 - FINDING #1 - Account Takeover by Chaining Two IDORs 07:19 - FINDING #2 - Account Takeover Through CSRF Vulnerability in Security Questions 12:18 - FINDING #3 - Privilege Escalation Through Authorization Token Manipulation 17:05 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description , and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn , YouTube , Twitter , Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link…
H
Hacked & Secured: Pentest Exploits & Mitigations
1 Ep. 1 – Breaking OTP Security, Exploiting Static Domains & Privilege Escalation via Role Misconfigurations 19:12
What if your OTP security wasn’t secure at all? What if a static domain—something most people ignore—could lead to full account takeover? And what if flawed role management allowed admins to escalate privileges? In this episode of Hacked & Secured: Pentest Exploits & Mitigations , we break down three real-world security failures that turned minor oversights into critical exploits: Leaking OTPs in API responses – Breaking authentication at the source. Static domain to account takeover – When persistence turns into a full exploit. Privilege escalation via role mismanagement – How attackers bypass access controls. Learn how these vulnerabilities were discovered, exploited, and mitigated. Chapters: 00:00 - INTRO 01:00 - FINDING #1 - The Vulnerability That Defeats OTP Security: Leaking OTP Codes in API Responses 05:20 - FINDING #2 - From Static Domain to Account Takeover: The Power of Persistence 12:05 - FINDING #3 - Privilege Escalation via User Invitations and Role Assignment 16:49 - OUTRO Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description , and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn , YouTube , Twitter , Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link…
H
Hacked & Secured: Pentest Exploits & Mitigations
If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer. Welcome to Hacked & Secured: Pentest Exploits & Mitigations —the podcast that breaks down real-world pentest findings and exposes critical security flaws before attackers do. Red team tactics – How vulnerabilities are found and exploited. Blue team defenses – How to detect, mitigate, and prevent attacks. Real pentest insights – Lessons from bug bounty reports, security blogs, and private pentests. New episodes every two weeks. Follow to stay ahead of evolving threats. Let’s make security knowledge accessible to all! Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description , and we might showcase your finding in an upcoming episode! 🌍 Follow & Connect → LinkedIn , YouTube , Twitter , Instagram 📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A 📧 Feedback? Email Us → podcast@quailu.com.au 🔗 Podcast Website → Website Link…
به Player FM خوش آمدید!
Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.
Daily Deals
Player FM - برنامه پادکست
با برنامه Player FM !
با برنامه Player FM !
))
