Elweth @Elweth_
oui Lille, France Joined March 2018-
Tweets244
-
Followers214
-
Following466
-
Likes1K
🧵[1/9] Time to publish the solution to this challenge! x.com/pilvar222/stat… The goal of this challenge was to find an XSS while avoiding it being blocked by the CSP sent by the PHP header() function. Let's dive into it!
Other web challenges (made by @BitK_) writeups can be found in the #writeup channel of the CTF Discord server: discord.gg/rwZY6hh8z8 Btw, all the #FCSC2024 challenges are available on hackropole.fr! 👀 Thanks @ECSC_TeamFrance again for the opportunity 💙 2/2
🤩 Experience our #LiveHackingEvent with @LouisVuitton! Held at their Paris HQ, #HMIF2 was an outstanding 30-hour journey for everyone involved. Thanks to the #LV_NEO team, participating hunters & all partners for making it a success! Here’s how it went 👇 #LHE #BugBounty
Today we've hacked @LouisVuitton Thank you @yeswehack for this great moment together and for the awesome swags ! 🔥
Want to tackle challenges that can be applied in the real world? 🌍 3 new REALIST challenges are now available and waiting for you! root-me.org/en/breve/New-c… Many thanks to the authors: @ycam_asafety , @Elweth_ and #nikost👏! Along with this release, we have a new contest! 🥇 Win 1…
Day 2 at #HMIF2 with @LouisVuitton: our Live #BugBounty leaderboard is still led by @_godiego__, @djurado9 & @hipotermia. There’s a long way to go – the chasing pack has until 4pm tonight to overtake the pacesetters! ✨ Follow the live leaderboard: event.yeswehack.com/events/hack-me…
🌟 Hack Me I’m Famous #2: HERE WE GO! For #HMIF2, we're honoured to partner with legendary luxury house @LouisVuitton. Around 40 of Europe's top hackers have been invited to take part in a tailor-made, two-day Live #BugBounty event and stand to earn rewards of up to €6,000!
Huge congratulations to @mxrchreborn (our co-founder), the maker of GHunt, for his tooling being used by @bellingcat and @st_ireland in an investigation into wanted narco boss, Christopher Kinahan Sr. OSINT.Industries, the online version of GHunt (and much much more), is…
Gunshots pierce the night as a Tesla speeds away... lead the hunt for a covert criminal group in this year's @sstic challenge! We worked hard to design unique and thrilling puzzles. Join the chase starting today 16:00 GMT+1 at sstic.org/2024/challenge/ !
🎁 Source Code Disclosure in IIS 10.0! Almost. There is a method to reveal the source code of some .NET apps. Here's how it works. 👉 swarm.ptsecurity.com/source-code-di…
Small writeup of a cool chall made by @bWlrYQ for the GCC CTF, with cool tricks on LFI with locatedb and on SSRF bypass - github.com/elweth-sec/Wri…
I had the opportunity to use the Shambles by LianSecurity (@h4kb4n) to help reverse engineering IoT objects in ARM. I can tell you it rocks, the tool works very well and it paid off 😋 Big up @olivier_boschko ❤️
Recently, I discovered a DOMPurify bypass in the case of CUSTOM_ELEMENT_HANDLING and FORBID_CONTENT options usage ⏭️ This issue isn't a big deal as it doesn't involve a default configuration bypass. However, I thought it was interesting to document it 👇 mizu.re/post/playing-w…
At last - the official release of my small tool for quickly and easily finding hostnames belonging to any CIDR(s) or ASN(s). Enhance your reconnaissance and build your custom /etc/hosts file in seconds. Thanks to BGP.HE x Robtex. github.com/cosad3s/hfinder (pip install hfinder)
My web server challenge "Java - custom gadget deserialisation" is available on @rootme_org, let's go!⬇️
My web server challenge "Java - custom gadget deserialisation" is available on @rootme_org, let's go!⬇️
Need more points on Root-Me? To make up for it : 5 new Miscellaneous challenges are now available on the Root-Me and Root-Me Pro environments. root-me.org/?page=news&lan… Many thanks to the authors: @Njord_____, @0xTRIKKSS, @Elweth_, #Mister7F and #S1m 👏 !
For Christmas 2023, Root-Me has decided to thank its favorite hackers! 🥳 Two prize packages including XXL mouse pads, mugs, stickers, flags, and pins are up for grabs ! 🎁 To participate, it's as simple as : - Follow @ rootme_org - RT 🔃 this post - Being verified on the…
Salesforce Lightning exploitation through direct APEX execution - How direct APEX execution can lead to SSRF, data enumeration, XSS, phishing and more. cosades.com/posts/sf_apex_…
ValekoZ @valekoz_
184 Followers 382 Following CTF player at @phreaks2600, student at @ecole2600 and ninja at @Synacktiverrør404 @hugopicanzo
3K Followers 3K Following Offensive Security - "Practice harder, work harder. Don’t ever make excuses for yourself."Eldar @PikuHaku
960 Followers 162 Following Ex-developer| Cybersecurity analyst currently based in Sweden| Bug bounty hunter @Yeswehack, @Intigriti, @Bugcrowd.| CTF player @KalmarunionenDMLyne @0xLyne
581 Followers 536 Following Voltexeur Expérimenté丨SDVX インペ 20.05丨CHUNI 虹 16.00丨WACCA 金 2400丨IIDX 三段 | Pentester | jamais loin de l'@Alpha_NefLaurent Clévy @lorenzo2472
850 Followers 2K Following also @[email protected]. Reverse engineering: file formats, ARM and x86 a bit. DFIRRémi @shoxxdj
601 Followers 1K Following Pentester. 👨💻🏴☠️ CTF Player & Blogger 🌐 Organiser & President @Sth4ck 🍷 Organiser @hackvens ⛵ Triager @hack_4_values #FPV pilot ✈️ #Fr RubiksCubeLover 🤯Dede Trifiletti @TrifileDed
28 Followers 5K FollowingJean-Michel D. @jmdossantos
782 Followers 3K Following Passionné de #CyberSécurité. Entreprend avec @Allistic_fr - Secrétaire du @ClusirNdfNoam Hamnich @Noam_Hamnich
87 Followers 377 Followinga solitary soul thriv.. @0xsuperdemon
140 Followers 2K Following Unreadiness to following, reluctant to followers. A visionary path treader, rethinker, and on a second thought life overwhelms me, I do not know anything, AMA!TXB @MrTXB14
13 Followers 118 FollowingMohd Kashif @inventashif
26 Followers 288 Following Bug hunter | Android & web Penetration tester | VAPT |Cyber security consultantmkarte @my3ker
55 Followers 281 Followinginconsistency @ucgJhe
221 Followers 4K Following My tweets belong to a cranky guinea pig that lives in my imagination.Dan @DanFromUranus
70 Followers 188 Following Cyber superhero who fearlessly fortifies embedded systemsThéo Cusnir @4bg0P
67 Followers 588 Following AppSec Engineer at @PayFit - Top 300 HackerOne Global LeaderboardKylm @0xKylm
127 Followers 655 Following Beginner in CTF and wanna be pentester one day / 18yo / 2600 studentnirdesjung @nirdesjung
25 Followers 248 FollowingBasant Karki🇳🇵 @basant0x01
1K Followers 349 Following Security/Triaging at @bugvsecurity | Bug hunter - @Hacker0x01 & @YesWeHack | @TheSecOpsGroup Certified: CAP, CNSP, CAPen, CBP, CCSP-AWS | Web3 Enthusiast🇳🇵Smilehacker @_smile_hacker_
2K Followers 266 Following Learn things and be humble. Product Security Analyst @Hacker0x01 [email protected]Benjamin @jahugan
72 Followers 485 Following Développeur passionné des nouvelles technologies, développeurs full stack innovation @BioSerenityHeather Byrd @HeatherByr13374
53 Followers 3K FollowingEbony Alexander @ebony_alex99165
59 Followers 3K FollowingJnZh__ @jnzh__
19 Followers 155 FollowingStacey @rowestacey14
285 Followers 3K FollowingOregano Pepper @ParadisSmyrne
53 Followers 711 Followingvoid @kmraj1992
13 Followers 486 Followingtfly @oracleoverflow
1K Followers 3K Following passionate about cyber security and ethical hacking ctf player @fr334aksghizmo @Ghizmofficiel
213 Followers 206 FollowingRoot-Me @rootme_org
20K Followers 484 Following Root Me allows everyone to test and improve their knowledge in computer security and hacking. Legal. Free. Realistic. Discord: https://t.co/G6y1wDrdOnPhilippe Flap @so_flap
0 Followers 2K FollowingShobit Sharma @shobit1
52 Followers 303 Following One day I will find the right words, and they will be simple.errør404 @hugopicanzo
3K Followers 3K Following Offensive Security - "Practice harder, work harder. Don’t ever make excuses for yourself."Ambionics Security @ambionics
2K Followers 84 Following A @LexfoSecurite service. Ambionics is combining the best of human intelligence and technology to continuously assess the security of your applications.Eldar @PikuHaku
960 Followers 162 Following Ex-developer| Cybersecurity analyst currently based in Sweden| Bug bounty hunter @Yeswehack, @Intigriti, @Bugcrowd.| CTF player @KalmarunionenDMLyne @0xLyne
581 Followers 536 Following Voltexeur Expérimenté丨SDVX インペ 20.05丨CHUNI 虹 16.00丨WACCA 金 2400丨IIDX 三段 | Pentester | jamais loin de l'@Alpha_Nefyso @0a_yso
288 Followers 144 Following My crime is that of curiosity. Bug Bounty, Security Engineering, Development and moreRémi @shoxxdj
601 Followers 1K Following Pentester. 👨💻🏴☠️ CTF Player & Blogger 🌐 Organiser & President @Sth4ck 🍷 Organiser @hackvens ⛵ Triager @hack_4_values #FPV pilot ✈️ #Fr RubiksCubeLover 🤯Bellingcat @bellingcat
781K Followers 67 Following Want to support our charity? https://t.co/scuUINEvTN Buy our book "We Are Bellingcat" here: https://t.co/2JiuWFfTpO Our award-winning podcast series: https://t.co/S1rflrkXueNoam Hamnich @Noam_Hamnich
87 Followers 377 FollowingManfred Paul @_manfp
5K Followers 279 Following Maths and cyber and stuff. Playing CTFs with @redrocket_ctf (and @Sauercl0ud). Pwn2Own Vancouver 2020..=2022, 2024. @[email protected]Arseniy Sharoglazov @_mohemiv
4K Followers 232 Following Penetration Tester at Positive Technologies, likes to share what I learn with others | @ptswarmh4k @h4kb4n
521 Followers 40 Following LianSecurity Founder "Discord with US https://t.co/nQei46beNH"Operation Zero @opzero_en
4K Followers 1 Following A zero-day vulnerability platform. Reach us via email: [email protected]Basant Karki🇳🇵 @basant0x01
1K Followers 349 Following Security/Triaging at @bugvsecurity | Bug hunter - @Hacker0x01 & @YesWeHack | @TheSecOpsGroup Certified: CAP, CNSP, CAPen, CBP, CCSP-AWS | Web3 Enthusiast🇳🇵Nobody Isnobody @_Nobodyisnobody
257 Followers 36 Following hacker, researcher, ctf player with Water Paddler & Blue Water, traveller...Dark Web Intelligence @DailyDarkWeb
92K Followers 0 Following https://t.co/3gj0T4Udv3 | Your daily dose from the dark side ☠️ For any questions about a post, you can send an email to [email protected]Deus Ex Silicium @dexsilicium
38K Followers 39 Following Micro-électronique / Semi-conducteurs / Microscopie électronique / Imagerie par rayons X / Ingénierie inverse hardware / Ondes électromagnétiques / ScienceWoody @Gaburall
430 Followers 414 Following infosec enthusiast | Security Researcher | CTF Player #TeamFR 2022 & @FlatNetworkOrg | 🥷Nagli @galnagli
33K Followers 556 Following Hacker, Bug Bounty Hunter - Top 5 All Time @Hacker0x01, Top 20 @BugCrowd. Live Hacking Events Winner & Founder of @shockwave_sec - Attack Surface Managementycam @ycam_asafety
353 Followers 243 Following Independent CyberSecurity Consultant / Auto-hunterpreneur #BugBountyPerce @PerceSecu
361 Followers 312 Following CTF player | Bug Hunter | Infosec student at @EsnaBretagneghizmo @Ghizmofficiel
213 Followers 206 FollowingIbrahime @Braxoia
44 Followers 111 FollowingThomas Seigneuret @_zblurx
2K Followers 393 Following Security researcher, pentester at @LoginSecurite, maintainer of NetExec, DonPAPI, and all the stuff on my github repoBaptiste M. @Creased_
1K Followers 284 Following #RE #Pwn #FPV ~ Learning is endless ~ 🇫🇷 ~ @Synacktiv @AperiKubeZero Day Initiative @thezdi
77K Followers 17 Following Trend Micro’s Zero Day Initiative (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.OffenSkill @OffenSkillCorp
37 Followers 9 Following OffenSkill (stands for Offensive Skills), A human sized company where we Teach, Break, and Chill!doomerhunter @DoomerOutrun
2K Followers 936 Following Victor Poucheret | Hacker Co-founded @BZHunt and bootstrapped the company to 7 figures. Multiple LHE #1/Best-team (H1-407, FIC2021,FIC2022,FIC2023, leHack...)0xdf @0xdf_
22K Followers 438 Following Training Architect @ HackTheBox "Potentially a legit security researcher" he/him https://t.co/GCcLVlmdQK https://t.co/uQWVpw4nft 0xdf on discordAndré Moulu @andremoulu
3K Followers 2K Following Android security researcher and team leader at @Cellebrite, member of @ge0n0sis Obviously tweets are my own.James Kettle @albinowax
70K Followers 83 Following Director of Research at PortSwigger Burp Suite Check out my website for published research, other social platforms & contact detailspwnii @pwnwithlove
939 Followers 233 Following bug bounty lover, breaking stuff on yeswehack || https://t.co/GDTUdCAIbMHackTricks @hacktricks_live
12K Followers 198 Following HackTricks is a project which aims to offer free quality hacking resources to all the world, so people can learn for free the latest techniques in cybersecurityOrange Cyberdefense S.. @orangecyberch
686 Followers 16 Following We are now Orange Cyberdefense Switzerland! Our brand identity evolves, but our cybersecurity mission remains unchanged.Gareth Heyes \u2028 @garethheyes
32K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5Franso @Fransosiche
719 Followers 282 Following Pentester & Content Creator @rootme_org | Vulga Cyber | CTF enjoyer | Powerlifter https://t.co/3pgcxclBjh https://t.co/INGswbIHrvZaX @ReeverZax
4K Followers 649 Following Bounty Hunter Yogosha, YesWeHack and Hackerone Security Researcher. Brice Augras - CEO @BZHunt1 #Brest #HackerEthiquePastaga @pathtaga
82 Followers 367 Following Ethical Hacker | OSCP certified | Wannabe BugHunter | $RUNE holder. Patience is the key 🔑Jun Kokatsu @shhnjk
5K Followers 121 Following Hacking the Web and Browsers. Opinions are my own. https://t.co/CECADAJJVzWill @BushidoToken
29K Followers 3K Following Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REvilXiety @_Xiety
285 Followers 237 Following Securing the internet one bug at a time :) | Top 15 @YesWeHackThanks for the swag pack !! @yeswehack 🔥❤️
👀
As expected, two variations of the so far known mXSS attacks have been spotted and new DOMPurify releases are ready to fix those. github.com/cure53/DOMPuri… github.com/cure53/DOMPuri… Many thanks to @kevin_mizu and @hash_kitten for spotting and reporting those 🙇
Other web challenges (made by @BitK_) writeups can be found in the #writeup channel of the CTF Discord server: discord.gg/rwZY6hh8z8 Btw, all the #FCSC2024 challenges are available on hackropole.fr! 👀 Thanks @ECSC_TeamFrance again for the opportunity 💙 2/2
From April 5 to 14, the FCSC 2024 took place (organized by @ANSSI_FR ) and I am glad to have finished 1st of the Junior/Pwn category and 7th of Junior scoreboard!🔥 You can find my writeups on my (new 👀) website: - ruulian.me/post/FCSC2024-… (v8 exploit) - ruulian.me/post/FCSC2024-…
GreHack's call for papers is open !!! Apply to present a talk or workshop 😎
Hey folks! It's time for the #GreHack24 CFP! Do you have an interesting topic you'd like to present? Or an idea for a workshop? Or... both? To your keyboards, you've until July 7 to let us know. Full details on easychair.org/cfp/GreHack2024
🤯
This Friday, I'm presenting a novel technique as part of my talk "Secret web hacking knowledge - CTF authors hate these simple tricks". I've made a challenge about it, will you be able to pop an alert on pilv.ar ? The whole source code is in the screens below :)
🤩 Experience our #LiveHackingEvent with @LouisVuitton! Held at their Paris HQ, #HMIF2 was an outstanding 30-hour journey for everyone involved. Thanks to the #LV_NEO team, participating hunters & all partners for making it a success! Here’s how it went 👇 #LHE #BugBounty
Merci @yeswehack ! Swag bien reçu ! Vous êtes les meilleurs. 🤩 #bugbounty #ywh #blackhole #reinedesneiges
onscrollend but for Stored XSS: hks.ec/XSSPlayground.… cc @PortSwigger It may interest you for XSS Cheat Sheet :) #bugbountytips #XSS
This Friday, I'm presenting a novel technique as part of my talk "Secret web hacking knowledge - CTF authors hate these simple tricks". I've made a challenge about it, will you be able to pop an alert on pilv.ar ? The whole source code is in the screens below :)
Had an incredible time at my first Live Hacking Event in Singapore! Huge thanks to @Hacker0x01 and @salesforce for their excellent organization and for their efficient handling of bug reports. Can't wait for the next one! #H165
🔓 New achievement unlocked – shout out to @Nishacid for creating a super challenge for our #DOJO platform! Make sure to try it out by May 17: dojo-yeswehack.com/challenge-of-t… There are only 2 boxes left to tick on our bucket list… who’ll be next to get a swag pack? 👀 #YesWeRHackers
Thrilled to have had the chance to present at the @OSINTerdam meetup alongside @nattyfried ! The [REDACTED] topic was a true deep dive into the world of OSINT. Can’t wait for the next opportunity to connect and share. See you all next time! 😊
Yay, I was awarded a $10,000 bounty on @Hacker0x01! hackerone.com/blaklis #TogetherWeHitHarder Another 0day on a lib for a local file read through php filters!
Back on track ! A new article about my first LHE with @yeswehack ;) aituglo.com/my-first-offic…
I'm very proud to be the first community member to create a dojo challenge ⛩️ Go flag it and earn points, I hope you'll have fun ^^ Many thanks to @Brumens2 and the @yeswehack team 😇
A new CTF is out on the Dojo platform - Security Panel The 3 best reports will win exclusive swag! 🎁 Submit your solution before 17th May - 2024 📅 Author : @Nishacid Challenge : dojo-yeswehack.com/challenge-of-t…
Last week at @INTERPOL_HQ DevOps 12 in Lyon, we joined forces with police and child protection agencies to make the world safer for kids. Meeting incredible and inspiring individuals there was a profound experience. A heartfelt THANK YOU to everyone for their hard work in…
Thankful to @INTERPOL_HQ and the @CyberGEND for the opportunity to participate again in the SGCAC - Specialists Group on Crimes Against Children. Meeting incredible and inspiring individuals there was a profound experience. A heartfelt THANK YOU for all the hard work in…
Thanks a lot to @kevin_mizu and @BitK_ for the challenge during the FCSC :) I've made two write ups for "Twisty Python" and "monopoly", you can found them here : github.com/W0rty/WU-FCSC2… Moreover, thanks again to @ANSSI_FR the CTF was amazing as every year 🩵
☁️ Whether it's on premises or in the cloud, a domain is a domain. 💪 Flex your intrusion muscles with @tiyeuse and @hugow_vincent's training! ➡️ hexacon.fr/trainer/vincen… 📆 30/09-03/10 2024 📍Espace Vinci, Rue des Jeuneurs, Paris