-
Tweets217
-
Followers151
-
Following372
-
Likes4K
ポッドキャスト「Bug Bounty JP Podcast」の企画として、日本人バグハンター11人のインタビュー記事を公開しました! 日本人バグハンター11人に聞いた!バグバウンティの魅力や面白さについて #BBJP_Podcast - blog of morioka12 scgajge12.hatenablog.com/entry/bughunte…
solved! learned a lot from this one. Huge thanks!
In addition to this amazing discovery, there was another middleware bypass with the `__nextLocale` URL query that was fixed in 2024. I wrote a short article about this vuln CVE-2024-51479. gmo-cybersecurity.com/blog/another-n…
In addition to this amazing discovery, there was another middleware bypass with the `__nextLocale` URL query that was fixed in 2024. I wrote a short article about this vuln CVE-2024-51479. gmo-cybersecurity.com/blog/another-n…
この前IeraeNightで話したWindowsの権限昇格の内容です〜 docswell.com/s/ierae/KQRMJE…
7月19日対戦よろしくお願いしますm(_ _)m #PentestSecJP ◯PentestSecJP_ver1 pentestsecjp.connpass.com/event/317082/
Also, note that semi-open redirects (redirects that can point you to other subdomains of the same tld) are also super helpful here, as there is often some place where you can host files within a target's domain ecosystem. Gotta love that "auto-follow redirect" functionality.
中段にある「委任について(分類と悪用方法)」がめちゃくちゃ勉強になる内容なので、HTB Business CTF 2024自体に参加してない方もぜひ!
中段にある「委任について(分類と悪用方法)」がめちゃくちゃ勉強になる内容なので、HTB Business CTF 2024自体に参加してない方もぜひ!
Last time we showed you how to use encodings in <a>. Now we've made a scheme what symbols in which points you can inject to bypass WAF, filters, sanitizers. gist.github.com/hackerscrolls/… #BugBounty #CyberSecurity #BugBountyTip
Known Knowns: Fun with the DOM, the parser, illogical trees and "unknowns"... bkardell.com/blog/known-kno…
Don’t Force Yourself to Become a Bug Bounty Hunter by @samwcyo samcurry.net/dont-force-you… #BBRENewsletter74
これも必見だ👀 MySQL の SQL クエリチューニングの要所を掴む勉強会 speakerdeck.com/andpad/mysql-s…
Recently found a bypass in DOMPurify in certain cases. Today, versions 3.0.10 and 2.4.8 were released, fixing the issue. Documented the problem here: blog.slonser.info/posts/dompurif… Thanks to mario of @cure53berlin for excellent communication! #DOMPurify #security
It's been a long winter... I also realized I had broken the challenge... well here is the long-awaited solution. "in%0balert%60%60in" or in plain English "in(mysterious space)alert``in"
It's been a long winter... I also realized I had broken the challenge... well here is the long-awaited solution. "in%0balert%60%60in" or in plain English "in(mysterious space)alert``in"
🎄SQLi was first reported 25 years ago, by a researcher once known as Rain Forest Puppy, in Phrack Magazine on this day in 1998. 🎁 Happy birthday SQLi! 🎁 🐛Despite being around for 25 years, it's still essential knowledge for pentesters.
I think it's time for a solution ⏰ To solve this challenge, you had to abuse the DOMPurify namespace misconfiguration to trigger an XSS this way 👇 Solution link: challenges.mizu.re/xss_02.html?ht… 1/6
I think it's time for a solution ⏰ To solve this challenge, you had to abuse the DOMPurify namespace misconfiguration to trigger an XSS this way 👇 Solution link: challenges.mizu.re/xss_02.html?ht… 1/6 https://t.co/crztnomjq6
I just published a write-up about an account takeover where I abused reverse proxy to hijack the OAuth Code. blog.voorivex.team/hijacking-oaut…
関連: Content-Disposition の filename という地雷。 (1個の観点で17個の脆弱性を見つけた話) - ぶるーたるごぶりん brutalgoblin.hatenablog.jp/entry/2023/01/…
Two Seven One Three @TwoSevenOneT
3K Followers 2K Following Chief Security Officer (CSO) || Security Researcher at https://t.co/YsorB5YEAu || Penetration Tester || Red Teamer || Social Engineering Awareness Trainer
ほよたか @takahoyo
8K Followers 2K Following Security Engineer, DFIR, Pentest, Red Teaming, GCIH, GCFA, GNFA, GREM, OSCP, OSEP, OSED Work for @NFLaboratories. 発言は個人の意見であり組織を代表するものではありません。
IKE Tohru @rokujyouhitoma
1K Followers 781 Following 情報処理安全確保支援士(登録セキスペ) 登録番号 第027202号。最近はもっぱらセキュリティ。 ( ゚∀゚)o彡゜Security!Security! Love security, Python and Internal audit. Software Engineer, Ex-internal auditor.
nilfigo@脆弱性�... @nilfigo
2K Followers 2K Following セキュリティが大好きです! | 脆弱性診断研究会 | 情報処理安全確保支援士 | セキュリティ講師 | 技術同人誌頒布 | ドラム | https://t.co/CbLUJnkUEK
プロたまごまた @protamago
7 Followers 41 Following しがない情報系が好きなド初心者エンジニア(?)|セキュリティやバグバウンティなどに興味があります|Git Hub→https://t.co/SM83avYJPS
Ahmed Tharwat @Ahmed80706050
2 Followers 134 Following Front-End Freelancer & Pentester: 3+ سنوات في بناء واجهات React وتأمين التطبيقات عبر TryHackMe/HackTheBox. تواصل: +201127799760
Ayman Mo @MoMo1a9
2 Followers 333 Following
Aerlyn Vorynx @myu_2y
141 Followers 3K Following
소연 @LGerhold68797
78 Followers 4K Following
wolf of wall Street @wal_streetwolf
3 Followers 91 Following professional crypto trader and investor📈 marketing team leader🧑🏫 portfolio manager
Dque @dquefrn
0 Followers 273 Following
elr1boss @elr1boss
8 Followers 103 Following Penetration Tester, 🪲 Bug Bounty Hunter 💰, Security Researcher, Top #2 in Mexico in the @Hacker0x01 2025
r0dhacker @r0dhacker
413 Followers 2K Following
daisuke_d @daisuke_d13
83 Followers 471 Following
Alphe @Alphe_
542 Followers 623 Following セキュリティに興味のある学生です 顔と名前覚えるの苦手なので、出会ったら声かけてもらえると嬉しいです! SecHack365'24/Seccamp'24 サブ垢: @Alphe_sub
りゅうせい @ryusei_ishika
2K Followers 2K Following xryuseix / GMO Flatt Security Inc. / CTF org.(ctf4b,diver,tsuku) / security, osint, web / ねこ
hideo @hideo_is
410 Followers 4K Following
つぼっく @ytsuboi0322
2K Followers 2K Following Phishing-Hunter|資格受験駆動学習|簿記2級/RSM/CSPO/CISSP/CompTIA CSIE/AWS CLF/SAA/DVA|2025年もセキュリティ頑張る|JSAC2024 Speaker|セキュリティエンジニアの知識地図発売中|ツイート内容は所属に関係なく意見や見解は個人的なものです
yuma @3_yuma_3_yuma_3
89 Followers 1K Following
nchika @ARC_AED
947 Followers 903 Following バックエンドエンジニア(元組み込み)/Go/AWS お仕事:カード決済と不正対策 最近の勉強対象:TypeScript、React Native GitHub:https://t.co/5MpLXMYWlW 技術ブログ:https://t.co/zlQNEeJk5K
新月 @fubukiyokiyoki
2K Followers 4K Following a.k.a singetu0096 Network | OffensiveSecurity | CTF | BugBounty 白上フブキと蒼宮よづりが好き CTF team:@sknb_ctf icon:@hasikureteruna Thanks!
0x999 🇮🇱 @_0x999
1K Followers 275 Following "ɪ ᴛᴏᴏᴋ ᴛʜᴇ ʜᴇʟʟ ɪ ᴡᴀꜱ ɢᴏɪɴɢ ᴛʜʀᴏᴜɢʜ (666) ᴀɴᴅ ꜰʟɪᴘᴘᴇᴅ ɪᴛ ᴏᴠᴇʀ ɪɴᴛᴏ ꜱᴏᴍᴇᴛʜɪɴɢ ᴘᴏꜱɪᴛɪᴠᴇ (999)"💔
相良胜美 @KeionnaNic68941
6 Followers 198 Following AI株価診断が期間限定で無料! ! 1 週間で、あなたの投資選択があなたの資産増加を 100% 決定します。株式市場の複雑さに圧倒されていますか? 25%以上の株式収益をお望みですか? 「「スペースが限られています - リンクをクリックして LINE を追加してください👇
Shinobyx @crypticrebel337
24 Followers 1K Following Bug bounty hunter who is a bit inactive on social media, so don't expect too much from me here...
MHG 🇵🇸 @NeverGiveUP8333
59 Followers 561 Following Nothing Interesting here, it's just me grinding to find bugs
Yuki Osaki @osaki72109
8 Followers 117 Following
محمد كم @Q12Elkpir
2 Followers 94 Following
hamhamhamster @sec_ham
102 Followers 170 Following
Two Seven One Three @TwoSevenOneT
3K Followers 2K Following Chief Security Officer (CSO) || Security Researcher at https://t.co/YsorB5YEAu || Penetration Tester || Red Teamer || Social Engineering Awareness Trainer
Alesandro Ortiz 🇵�... @AlesandroOrtizR
3K Followers 3K Following Software Engineer. Security Researcher. Puerto Rican 🇵🇷. New Yorker. Bilingual. LG(B)TQ 🏳️🌈. He/him. (Header: @econrivera) @[email protected]
Salvatore Abello @salvatoreabello
278 Followers 37 Following CTF Player at @theromanxpl0it sometimes i do web
Jenish Sojitra @_jensec
22K Followers 539 Following $2M in Bug Bounties, Web2 and AI Offensive Security research. Creator of https://t.co/Sbnrie1LXH Security @Exodus
Keanu Nys @RedByte1337
913 Followers 76 Following Offensive Security Lead @ Spotit. Creator of GraphSpy
GitHub Security Lab @GHSecurityLab
26K Followers 15 Following GitHub Security Lab’s mission is to inspire and enable the community to secure the open source software we all depend on.
ブロンズア... @BAD_pizza
8K Followers 517 Following 庭の鳥の巣を覗き込むと毛の生えた刺身が他の雛鳥に混じって親鳥から口移しで甲殻類を受け取っていた。唾液にまみれた甲殻類は迫り来る自分の死を高速で偲びながらも尿意を催しその一方で三軒隣りの吉浜さんは胸部に違和感を訴え病院に駆け込むと即座に膀胱炎の診断を受け胸部からインゲン豆を摘出する。こだまでしょうか、いいえ誰でも。
Figure @Figure_robot
145K Followers 1 Following Figure is an AI Robotics company building the world's first commercially viable autonomous humanoid robot.
Shay Boloor @StockSavvyShay
246K Followers 295 Following All in on the 4th industrial revolution | Chief Market Strategist @FuturumEquities | Host @Stocktwits & @TheBoysInvest | Not investment advice
ゆきママ @yukimamax
49K Followers 89 Following 👸主婦系投資インフルエンサー/AI全力投資家 ✍️FX・証券会社とタイアップして初心者・中級者向け相場解説中 🙌みんなの質問にビシバシ回答/記事拡散する人優先🙇♀️ 📺YouTube→https://t.co/vlknRN6ZF9 🛍️Amazon→https://t.co/gVlpYwJDGM
hayapi🧶 @yo_hayasaka
1K Followers 823 Following コーポレートITとセキュリティ領域なんでもやる人 / I love technologies, security, Spider-Man, Marvel & DC and lovely things. / 脅威モデリング愛好家 / Threat Modeling Explorer / JMUG cheers
ほよたか @takahoyo
8K Followers 2K Following Security Engineer, DFIR, Pentest, Red Teaming, GCIH, GCFA, GNFA, GREM, OSCP, OSEP, OSED Work for @NFLaboratories. 発言は個人の意見であり組織を代表するものではありません。
IKE Tohru @rokujyouhitoma
1K Followers 781 Following 情報処理安全確保支援士(登録セキスペ) 登録番号 第027202号。最近はもっぱらセキュリティ。 ( ゚∀゚)o彡゜Security!Security! Love security, Python and Internal audit. Software Engineer, Ex-internal auditor.
nilfigo@脆弱性�... @nilfigo
2K Followers 2K Following セキュリティが大好きです! | 脆弱性診断研究会 | 情報処理安全確保支援士 | セキュリティ講師 | 技術同人誌頒布 | ドラム | https://t.co/CbLUJnkUEK
ちゃこ@主婦の�... @chaco_syufu
1K Followers 333 Following 30代専業主婦/子2人/東京🏠/投資は米国株🇺🇸✨/FANG+・2244・NVDA・PLTR・SOFI・ZETA・企業型DC(夫)/世帯資産3500万/旦那をFIREさせてあげるのが夢👌/鬱から少しずつ回復中☁️/2025年に4000万目標❗️
Typhon(テポ)/Shu... @Typhon666_death
6K Followers 6K Following AWSSecurityHero / SecurityConsultant / Locksmith / Organizer @security_jaws #retrogstudy / Headbanger\m/ / Multi-Cloud / CNAPP
【SS】大谷速... @30R9gmaMUy3guDJ
581K Followers 156 Following 大谷速報やスポーツ速報をしています。フォロー宜しくお願いします🤲無言フォロー大歓迎!名前は【SS】です!
Aziz @aziz0x48
452 Followers 107 Following Building SaaS | Hacking companies @Hacker0x01 🏴☠️ Sharing my journey in public 🏄♂️
Bug Bounty JP Podcast @bbjppodcast
202 Followers 4 Following バグバウンティなどを対象にバグハントすることが趣味なメンバーによる「セキュリティ雑談のポッドキャスト」 #BBJP_Podcast | 🎙️ Speakers: @scgajge12, @Mokusou4, @ryotkak (一時休止中)
マセキ芸人アカ... @Maseki_Academy
247 Followers 3 Following マセキ芸能社の養成所【マセキ芸人アカデミー】の様子をお伝えします‼︎ /毎月『マセキ芸人アカデミーライブ』も開催!Instagram🔗 https://t.co/6wxyzIOGuM
TenguSec - tengucon.o... @tengu_sec
316 Followers 1K Following A Tokyo-based experimental and educational hacking collective dedicated to the democratization of knowledge 東京を拠点として教育的・実験的なハッキング集団 https://t.co/83oiRFCaYO
Include Security @IncludeSecurity
2K Followers 1 Following Simply stated: Give us any kind of app and we'll hack it better than the rest. Our clients include awesome tech companies in Silicon Valley, NYC, and beyond.
one English|TOEIC�... @one_English_
53K Followers 12K Following 【TOEIC 大学受験 英文法 語法/online英会話(10年)/比🇵🇭留学(8回)/勉強法について発信】 偏差値38→2浪→大学→濠🇦🇺留学(1年)→大学→大手有名塾で早慶大クラス担当→英語指導者🧑🏫 英検1級 英単語検定1級
GMO Flatt Security株... @flatt_security
4K Followers 531 Following "エンジニアの背中を預かる"をミッションに、開発組織向けにトップクラスの専門家が脆弱性診断・ペネトレーションテスト( https://t.co/pyVK32I5CJ )を提供します。AIエージェントTakumi( https://t.co/KBRmbEqHui )はWebから今すぐ利用できます!
Valentino Massaro @valent1nee
334 Followers 128 Following
Alphe @Alphe_
542 Followers 623 Following セキュリティに興味のある学生です 顔と名前覚えるの苦手なので、出会ったら声かけてもらえると嬉しいです! SecHack365'24/Seccamp'24 サブ垢: @Alphe_sub
IPinfo – IP Data Pr... @ipinfo
8K Followers 16 Following IP data built for scale. Get geolocation, privacy flags, carrier data & more. IPinfo powers smarter decisions with the world’s most trusted IP data. 500K+ users
sn🥶vvcr💥sh @snovvcrash
12K Followers 490 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
りゅうせい @ryusei_ishika
2K Followers 2K Following xryuseix / GMO Flatt Security Inc. / CTF org.(ctf4b,diver,tsuku) / security, osint, web / ねこ
Electrovolt Security @ElectrovoltSec
1K Followers 20 Following Powering Web Security, Research and Audits ⚡️ partners with @cure53berlin | Hacktron AI Lab https://t.co/DEb1WbyO0r
nchika @ARC_AED
947 Followers 903 Following バックエンドエンジニア(元組み込み)/Go/AWS お仕事:カード決済と不正対策 最近の勉強対象:TypeScript、React Native GitHub:https://t.co/5MpLXMYWlW 技術ブログ:https://t.co/zlQNEeJk5K
安坂星海 Azaka ||... @AzakaSekai_
12K Followers 7K Following ‧₊˚ ⋅ Indie Comfy VTuber ⊹˚. Employed Threat Intel Researcher ♡‧₊˚ SV Cover Artist ✧・゚https://t.co/h3frxp4AWO *:・˚ @jamama_666 / @MomoiroKohi / @justNovaj / #artsyazTrends for United States
You might like
