Google VRP (Google Bug Hunters) @GoogleVRP
We ❤️ 🐜🐞🦗🦟🦋. {echo,{{{Google,Chrome,Android,Abuse}Vulnerability,Patch,Play{Security,DeveloperDataProtection}}Reward,VulnerabilityResearchGrants}Program} bughunters.google.com Joined March 2018-
Tweets224
-
Followers33K
-
Following0
-
Likes191
Minor rules update 📜 We added footnotes to better define "Normal Google applications" and "Non-integrated acquisitions" in our Google VRP rewards table! bughunters.google.com/about/rules/66…
In 2 hours I'm going to drop the video on how @rez0__, @Rhynorater and I managed to hack @GoogleVRP AI scope for $50,000 🤑 I'm so excited !!! 🔥
bugSWAT live hacking 📣: We are planning two events this year, one in the US and one in Europe. Invites based on recent submissions and past bugSWAT performance. More details soon - keep those bug reports coming! Here's a peek into our last bugSWAT: youtube.com/watch?v=y2mcyi…
The V8 Sandbox is now in scope for Chrome VRP for bypass submissions, meeting specific criteria, with rewards up to $5,000! Please see the Chrome VRP rules [g.co/chrome/vrp/#v8…] for full submission criteria and eligibility details.
Want to learn more about infinite loops between servers and understand how we dealt with cross-service UDP loops in QUIC resulting from attacks on our systems? Check out our latest blog post! bughunters.google.com/blog/596015064…
Are you passionate about expanding the capabilities of the Tsunami network scanner, and would like to help keep AI infrastructure secure? See our blog post for details on getting involved and how your efforts will be rewarded 💸! bughunters.google.com/blog/569189023… bughunters.google.com/blog/569189023…
If you don't encrypt your data with a quantum-secure algorithm, an attacker who steals your data now will be able to decrypt it in as soon as a decade. See our threat model for this and other post-quantum cryptography risks. bughunters.google.com/blog/510874798…
Looking to make your Go applications safer than ever? Learn more about three new open source libraries that will help you avoid entire classes of vulnerabilities: SafeText, SafeOpen, and SafeArchive. bughunters.google.com/blog/492506820…
Want to know more about what security engineers at Google do on a daily basis? As an example, we're sharing details of a recent internal security review of Nomulus, and will look at the issues we identified and how we approach such reviews. bughunters.google.com/blog/529423484…
Ever struggle with C++ buffer issues? Spatial Safety is one of the main root causes for in-the-wild exploits! Read more about how we piloted the LLVM proposal for C++ Buffer Hardening here: bughunters.google.com/blog/636855965…
TensorFlow, one of the most popular and widely used AI tools, gets a threat model overhaul! Read on for security recommendations, clear examples, and a baseline for defining scope in the Google VRP. bughunters.google.com/blog/516030153…
Our Patch Rewards Program just added a new in-scope project: github.com/civiform Patch security vulnerabilities and get rewarded today! 🔒🛠️💰 goo.gle/patchz
Ever wondered how to increase your bug bounties 💸 ? Our latest blog post introduces our domain tiers security concept and how it is applied at Google, and includes a list of Google's highest sensitivity domains. bughunters.google.com/blog/456217538…
The first #v8CTF submission is now public: bughunters.google.com/reports/vrp/38… Note that the current flag is still up for grabs, maybe M118 is unhackable? ;P You should also check out @madStacks3's excellent writeup at madstacks.dev/posts/Start-Yo…
Ben Sadeghipour @NahamSec
197K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷hakluke @hakluke
88K Followers 2K Following Hacker, bounties, entrepreneur. I help cybersecurity companies produce amazing content for their blogs and socials. Founder of: @haksecio and @hacker_contentInfoSec Community @InfoSecComm
38K Followers 636 Following Largest InfoSec publication with 30k+ followers and 1M+ monthly views. 3rd edition of @IWcon_ happening in December 2023!Farah Hawa @Farah_Hawaa
44K Followers 842 Following security analyst @fbsecurity | part-time bug hunter | content creator | she/her | views = mineshubs @infosec_au
50K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnoteJulien | MrTuxracer �.. @MrTuxracer
30K Followers 417 Following Freelancer | Full-time #BugBounty | @Hacker0x01 H1-Elite & $1,500,000 Hacker | ❤️ IDA ProMike Takahashi @TakSec
21K Followers 531 Following Pentester | Bug Bounty Hunter | AI Whisperer '><embed src=javascript%26%63%6f%6c%6f%6e%3balert('TakSec')>Gareth Heyes \u2028 @garethheyes
32K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5PwnFunction @PwnFunction
38K Followers 981 Following I make animated computer science videos • product & ai @pdiscoveryio • blog at https://t.co/RLiSNOVQ0WBug Bounty Reports Ex.. @gregxsunday
39K Followers 555 Following Grzegorz Niedziela - a hacker who documents his hacking journey by creating and curating the best content about bug bounty and offensive security.James Kettle @albinowax
70K Followers 83 Following Director of Research at PortSwigger Burp Suite Check out my website for published research, other social platforms & contact detailsRenganathan @IamRenganathan
12K Followers 680 Following 19 | Ethical Hacker | Building R Protocols | Speaker | 25+ talks | Secured Google, Apple, LinkedIn, UN, Medium & more | Tweets are personal :)Kanhaiya Sharma @krishnsec
15K Followers 432 Following Cyber security | Top 20 P1 warrior @Bugcrowd | Top 50 globally ( https://t.co/8Fo8sBpaLl )Tuan Anh Nguyen 🇻�.. @haxor31337
13K Followers 2K Following 28 y/o Bug Bounty Hunter and Red Teamer at Viettel Cyber Security. Brand Ambassador @Hacker0x01 - Researcher Spotlight @BugcrowdYoussef Sammouda (sam.. @samm0uda
32K Followers 429 Following Hacker, bug bounty hunter, guy behind https://t.co/TBAtP71Cop. 1st in Meta bug bounty program for the last 5 years. YES Team MemberAkita 🇦🇷 who Am.. @akita_zen
25K Followers 1K Following Hacker / Zen Monk / Energy Master / Bugbounty Hunter Founder of Nothing - Being Nothing - Silence - NoTime - only SpaceJoseph Romero @romero_jos14343
8 Followers 84 FollowingRyan Bremer @RyanBremer13
10 Followers 384 Following Hello. My name's Ryan, likes to tinker with computers and is the one behind @fluid_client :)Ahmed Mabark Raiaed M.. @raiaed22150
43 Followers 1K Followingninobomba @ninobombamx
45 Followers 5K Followingcodinglightsoff @codinglightson
2 Followers 124 Following THIS IS A PERSONAL JOURNAL 📓 PENTESTING/CODING6@br13l @_6ab_
17 Followers 506 FollowingRuben Velez Vasquez @rubenvelez12
11 Followers 191 FollowingSo what!? @salavatzyan
44 Followers 684 Following hola, ¿cómo estás? я (DSc) лекционер) https://t.co/BYYRmjC6Mr 2202 2067 1318 2736 Sber Bank +7(986) 911 - 78 - 18 Максимально, чистый КОД на века...yagyuu @topyagyuu
4 Followers 71 FollowingRedwan Ahmed @redu2005
0 Followers 18 Following Learner📚 Cyber Security 🛡️ Programmer💻 A bug of computer🖥Ritesh Choudhary @erriteshkr
1 Followers 91 FollowingMarko Belovukovic @MarkoBelovukov1
137 Followers 922 Following Around 25 yrs of experience in DJing, shared stage from greatest like Carola, UMEK to youngest beginners.0x0007L# @0x0007L
38 Followers 440 Following A solitary wild spirit, gradually vanishing into the shadows. # Into reverse engineering, malware, cybercrime, web, security, cloud, blockchain.e @asleepened
4 Followers 1K Following i like cute things and distributed systems and my code is really badCarl Dunn @DunnCarl61875
5 Followers 107 Following #Social_Media All service providers are handpicked based on quality, reliability, delivery speed, and price. Our Only Demand to gain Customer Satisfaction.Eric Farris @Eric__Farris
1 Followers 55 FollowingRaj Kumar @eagle_rock_h8
0 Followers 29 FollowingT-Rex @0xt_r3x
10 Followers 267 FollowingAlireza Abolhasani @alir32aa
5 Followers 360 FollowingTony Chiu @tonychiu041100
4 Followers 83 FollowingNghi Vi @NghiVi1
19 Followers 103 FollowingDigiAlchemists @NayakAayan
4 Followers 58 Following Caffeine & code fueled. Building the future, one bug fix at a time.sexuirty @sexuirty
13 Followers 116 FollowingIsaac Emmanuel @1cbyc
4K Followers 231 Following Dad, Husband • I automate vulnerability assessment for government agencies and businesses. | Applied Mathematics (PhD). Computer Science (Bsc). Prev @ESETTop Dawg || عبدا�.. @Al_Falah88
3K Followers 4K Following Muslim | Yoruba | learning CYBERSECURITY | Aspiring CyberMaLLaM | Entrepreneur | Engr Student | OAU | SDG Advocate | ⚽️@LFC 🏀⛹️♂️| Building{Kaliphz Couture}.Sanjyot Panure @SanjyotPanure
16 Followers 134 FollowingMohammad Zeeshan @iZishanAnsari
30K Followers 778 Following IT professional | Cyber Security | Networking | Blockchain Technology | Follow me for insights into the world of AI.Peter Kacmarik @pkacmarik
32 Followers 108 FollowingAshish Rohra @AshishRohr238
1 Followers 64 Following. @diego_villalop
125 Followers 1K FollowingHdoehbdodb @hdoehbdodb31901
1 Followers 12 Followingcompressionsavant @CompressLuis
1 Followers 37 FollowingDD2F@ @dreadytofat
15 Followers 80 Following IT guy- highly skill in "the thing is broke, fix the thing"Fardin @cryptocrine_ut
2 Followers 53 FollowingMarcelo Araújo @marceloxandin
35 Followers 136 Followingcones up @cones_up
116 Followers 2K FollowingThe first #v8CTF submission is now public: bughunters.google.com/reports/vrp/38… Note that the current flag is still up for grabs, maybe M118 is unhackable? ;P You should also check out @madStacks3's excellent writeup at madstacks.dev/posts/Start-Yo…
🕵️Did you know that @GoogleVRP has a section with public reports? For example, my XSS to RCE in google cloud is publicly available bughunters.google.com/reports/vrp/Fa… you can see all featured and public reports here bughunters.google.com/report/reports
Aaand it's over! Congratulations to @mmm_ctf_team. See here for challenge sources and writeups github.com/google/google-…
Less than 12 hours to go, but v8box is still unsolved. Show us who is the best v8 pwner! g.co/ctf
To be honest, this was probably a misclick. But for now let's just pretend that we are the only @GoogleVRP endorsed training site 🥰 thank you!
In 2022, we awarded a record $12M in bug bounties to 700+ researchers, including the largest award in our bug bounty program history. Thanks for helping to keep our products safe! security.googleblog.com/2023/02/vulner…
#BugBounty @GoogleVRP rap song 🤣 @sirdarckcat
High schoolers, lawyers, IT professionals, hobbyists — meet our bug hunters. Their backgrounds vary, but their job is the same: find undiscovered vulnerabilities by trying to hack Google. Watch EP004 of the HACKING GOOGLE series ↓ youtube.com/watch?v=IoXiXl…
Honestly, this has been one of the most fun CTF(-like) events I've ever played. The game is so well-made, the flags were both creative and challenging, and the format itself was nerve-wracking yet amazing. Happy we won this year, and I'm definitely looking forward to next year!
This past weekend we had an amazing event. The Google CTF Finals 2022 which were ran as a game hacking competition we named #Hackceler8. We tried to bring under one roof some of the folks with the best hacking skills in the world and have them do/hack a videogame speedrun. 🧵1/N
We are live! We had some slight quality issues in the beginning but it seems fine now. Enjoy the game hacking #CTF show!
You are welcome ;)
Here is the writeup for the io_uring Use-After-Free which @pqlqpql and me exploited in the kCTF VRP! We hope you enjoy :) ruia-ruia.github.io/2022/08/05/CVE…
This is happening now!
Today I learned that the Google Bug Hunters’ team has their own toilet paper. I’m not sure what to do with this information.😂
Just received the "Google Bug Hunters Card and the Real-World Bug Hunting Book". Thank you @GoogleVRP #penetrationtesting #BugBounty #Googlevrp #ThankYou
Thank you @GoogleVRP for the book and card. Loving the swags! #Google #bugbounty
Thanks @GoogleVRP for the gift! Hope that my next bug will no be a duplicate 😄
Finally arrived! Thank you @GoogleVRP for the book and a very cool card :)