-
Tweets239
-
Followers3K
-
Following215
-
Likes2K
New Google VRP writeup "XSS in Google IDX Workstation" for a bounty of $22,500 by @sudhanshur705: sudistark.github.io/2025/07/02/idx…
@GoogleVRP disclosed my most impactful client-side report to date: bughunters.google.com/reports/vrp/wG… TL;DR An attacker could've gained access to Gemini Code Assist Tools (GitLab, GitHub etc.) configured by the victim
"AI Agents for Offsec with Zero False Positives" by @moyix, a journey on how we managed to get 0 FPs with XBOW. You can find the slides for his BH talk here: cdn.prod.website-files.com/686c11d5bee015…
An Introduction to using Artificial Intelligence (AI) for Vulnerability Research x.com/i/broadcasts/1…
🚨HTTP Request Smuggling in lua-nginx-module!🚨 This affects major proxies like Kong GW, OpenResty, Apache APISIX and many more👀 Check it out: benasin.space/2025/03/18/Ope… Big thanks to @albinowax for his awesome research and for answering all my questions! #bugbounty #bugbountytips
❌ Eliminating almost all exploitable web vulnerabilities? This blog post covers how the Google security team implemented a high-assurance web framework to achieve this goal for its services, and what this framework's most important characteristics are. bughunters.google.com/blog/664431627…
Write-up of my v8 bug: Critical type confusion in V8's Turboshaft compiler allowed stale pointers to bypass GC, leading to exploitable memory corruption. Full details + PoC: bushido-sec.com/index.php/2025…
It's an honor that my research, Exploiting Number Parsers in JS, has been nominated for the Top Ten Web Hacking Techniques of 2024. I discussed how discrepancies in JS number parsers could be used to carry out DoS attacks. If you find it interesting, please vote for it!
It's an honor that my research, Exploiting Number Parsers in JS, has been nominated for the Top Ten Web Hacking Techniques of 2024. I discussed how discrepancies in JS number parsers could be used to carry out DoS attacks. If you find it interesting, please vote for it!
Just discovered 10 memory corruption vulnerabilities in the popular Mongoose Web Server (11k stars on GitHub) by fuzzing its embedded TLS stack protocol with @aflplusplus. More technical details here: nozominetworks.com/blog/hunting-t…
There is no prize to perfection, only an end to pursuit
Released a new extension :) - console.info for postMessages from all_frames. - detects the scope of sent messages. - origins that are insecure, will be prefixed with UNSAFE. - detects if a website does not check .origin - MessageChannel API chrome.google.com/webstore/detai…
Awesome research!🔥
I created a small tool to automatically set breakpoints in Chrome using the CDP (Chrome DevTools Protocol). It’s still in beta, but I’m actively working on a complete version.. github.com/m4ll0k/autobre…
Here's a code snippet that as far as I can tell pretty much solves prototype pollution. It's based on github.com/tc39/proposal-…, and after running it you can access an object's prototype with object[Symbol.instanceProto], and object["__proto__"] will be undefined.
Project Zero blog: LLMs find 0days now! 👀 And: our fuzzer setup did *not* reproduce it! googleprojectzero.blogspot.com/2024/10/from-n…
I have updated the list of custom filters for Logger++. The new additions include: . New API Style (gRPC-Web) . Improved previous filters . Exposed API keys custom filters . New filters for API vulnerabilities github.com/bnematzadeh/Lo…
Thrilled to release my latest research on Apache HTTP Server, revealing several architectural issues! blog.orange.tw/2024/08/confus… Highlights include: ⚡ Escaping from DocumentRoot to System Root ⚡ Bypassing built-in ACL/Auth with just a '?' ⚡ Turning XSS into RCE with legacy code…
#TypeScript Remote Procedure Call (tRPC) Security Research: Hunting for Vulnerabilities in Modern APIs, a nice read from @LogicalHunter: medium.com/@LogicalHunter… Vulnerable tRPC playground: github.com/bnematzadeh/tr…
Md Ismail Šojal �... @0x0SojalSec
31K Followers 5K Following Cyber_Security_Re-searcher || 0SINT || Malware Analysis II Pwn || Ai Re-searcher || Project @AIStrikeSec || 0ld Accounts Suspended @0xSojalSec ||
Reza Sharifzade @safe_mode01
2K Followers 141 Following Security Researcher| bug hunter | redTeamer Instagram: PentesterLand
Nicolas Krassas @Dinosn
146K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
amirpayamani @amirpayamani
2K Followers 2K Following Cyber security engineer🕸️Penetration tester🕷️Bug hunter
Esmaeil Rahimian @H_Mosafer
3K Followers 562 Following hack into my DNA :) Who am I? DevSecOps Engineer,PenTester,Security researcher,BugHunter(Sometimes) 🇦🇪🇮🇷
محمدامین کر... @kariman_ma
816 Followers 596 Following هر چیز که در جستن آنی آنی ... https://t.co/yth3uFNcwO
Sina @_SecurityAttack
4K Followers 551 Following BugHuntingPentest!! Jump 0x90 - Graduated in software engineering & Loves computer security Research
Fat @fattselimi
16K Followers 9K Following Chasing Positive vibes only & Ethical Hacking for fun and profit🧑🍳
seyyid @__seyyid__
952 Followers 554 Following #تبریز Kazanan hiç olmadı hayat oyununda مثلا اکانت شخصیمه https://t.co/H11NBhIs5r https://t.co/jd0zgnyo2r
UPVEX @UPVEX_
1 Followers 114 Following «Exploiting silence, weaponizing knowledge ☠️ Encrypted in darkness, decrypted in chaos 💀»
Selina @Patrici13367677
875 Followers 5K Following Not to please the world, not to judge right and wrong. Just be yourself.
Amir @Am1r_M8
0 Followers 23 Following
محمد صالح ت�... @twad_y10985
1 Followers 59 Following
cryptominer2000 @cryptomine35634
0 Followers 164 Following
Rohan Kumar Mandal @mandalrohan798
13 Followers 1K Following
Amir @AmirX1919
19 Followers 64 Following
outis @outisalive
0 Followers 36 Following
Parham @23X0R
1 Followers 68 Following
negin @negin1372n
61 Followers 224 Following
dariush @dariush_2026e
21 Followers 1K Following 🖤یاور از ره رسیده با من از ایران بگو🖤 درود بی کران بر شما مهربانو و مهربان آریایی خوش آمدید سپاس برای همراهی ما به پاس آمدن شما از جای خود بر می خیزیم
Mhdy @mhdy3p
23 Followers 90 Following
Gb @Dividerone
1 Followers 30 Following
Glum @_M03ta4a
324 Followers 353 Following
Alone @Night_saw01
0 Followers 28 Following
Saeed @Saeed1572194
0 Followers 5 Following
Erfan @Erfix_Hunter
207 Followers 91 Following
meddy @MahdiMo63275310
45 Followers 21 Following
Amin Taghibeyglou | �... @Radikal_orea
182 Followers 202 Following windows Installer *Believer in Free Software =_=
unknown @3pac2000
1 Followers 135 Following
Klaus @MrKlaus1337
2 Followers 82 Following web security hunter & pentester | programmer| and sometimes a researcher
0x5B1 @saremi_hos16480
3 Followers 130 Following Interested in discovering 0day through white-box analysis & browser EXP & protocol EXP
MlD ElF @MlDEllF
16 Followers 306 Following
rms.pentester @rmspentest4301
0 Followers 21 Following
RootedInCode @DevSecFlow
53 Followers 626 Following Computer specialist,Ethical Hacker,Cyber security, Software developer (Dart with flutter) World political analyst Chelsea fan💙💙
Adam @Adammmm12310
108 Followers 6K Following
sasan @sasan7615941521
3 Followers 199 Following
Iman @_Iman_hb
7 Followers 69 Following
rootface @root_face
7 Followers 139 Following
Mr Soroush @MrSoroushX
0 Followers 17 Following
0x_a²y @0x_aay
40 Followers 687 Following Aspiring web2/web3 bug bounty hunter 🥷🥷 Inspired by @deadrosesxyz for web3 Hunting and @gr3pme, @NahamSec for web2 hunting.
pokomoko @PokoMokoB
1 Followers 259 Following
گاد ممد @MohammaddHastam
2K Followers 4K Following آرزو ها نشد برآورده ، قاصدک ها دروغ میگفتند | بلاگر حوزه غم | یکم برنامه نویس | از فالویینگ بالام قضاوت نکن منم شاخم
Nyxron @Nyxron9
4 Followers 94 Following
RamTin @r4m71n
3 Followers 57 Following
Ben Sadeghipour @NahamSec
233K Followers 1K Following Cofounder @hackinghub_io | Advisor @CaidoIO. I hack companies and make content about it. #NahamCon organizer. ex @hacker0x01🇮🇷
Intigriti @intigriti
193K Followers 658 Following Bug bounty & VDP platform trusted by the world’s largest organisations! 🌍
Reza Sharifzade @safe_mode01
2K Followers 141 Following Security Researcher| bug hunter | redTeamer Instagram: PentesterLand
InfoSec Community @InfoSecComm
52K Followers 636 Following Largest InfoSec publication with 62,000+ followers and 1M+ monthly views.
Nicolas Krassas @Dinosn
146K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
payloadartist @payloadartist
42K Followers 284 Following Yapping about AI, AppSec, Hacking, & Cybersecurity • Helped secure organizations like Google • Opinions are my cat's • Part-time shitposter
JS0N Haddix @Jhaddix
167K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. Cybersecurity + Hacking + AI + Sec Leadership @arcanuminfosec
ReconOne @ReconOne_bk
20K Followers 53 Following Tweet about Bug Bounty, Recon, Recon Tips and Attack Surface Management.
The Bug Bounty Hunter @tbbhunter
46K Followers 0 Following Promotions or business ✉️[email protected]
Bug Bounty Reports Ex... @gregxsunday
52K Followers 616 Following Grzegorz Niedziela - a hacker who documents his hacking journey by creating and curating the best content about bug bounty and offensive security.
Esmaeil Rahimian @H_Mosafer
3K Followers 562 Following hack into my DNA :) Who am I? DevSecOps Engineer,PenTester,Security researcher,BugHunter(Sometimes) 🇦🇪🇮🇷
محمدامین کر... @kariman_ma
816 Followers 596 Following هر چیز که در جستن آنی آنی ... https://t.co/yth3uFNcwO
Sina @_SecurityAttack
4K Followers 551 Following BugHuntingPentest!! Jump 0x90 - Graduated in software engineering & Loves computer security Research
PortSwigger Research @PortSwiggerRes
111K Followers 7 Following Web security research from the team at @PortSwigger
Gareth Heyes \u2028 @garethheyes
37K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5
STÖK ✌️ @stokfredrik
135K Followers 1K Following Hi.. im that hacker / creative that your friends told you about., 💫🔮
James Kettle @albinowax
79K Followers 92 Following Director of Research at PortSwigger aka Burp Suite. Find my research, tools & contact details at https://t.co/vP6UbGmvl3
seyyid @__seyyid__
952 Followers 554 Following #تبریز Kazanan hiç olmadı hayat oyununda مثلا اکانت شخصیمه https://t.co/H11NBhIs5r https://t.co/jd0zgnyo2r
sep @itssepiiideh
3K Followers 322 Following
parniyan @Parniynjf
2K Followers 179 Following
Pedro Ribeiro @pedrib1337
9K Followers 342 Following Reverse Engineer | Director @ https://t.co/KuU3tiG1Om | Exploit Chef @FlashbackPwn
Stephen Sims @Steph3nSims
24K Followers 832 Following Perpetual Student | SANS Fellow | Musician | Braggart Hater | Gray Hat Hacking | VR | 🏂 | deadcode | https://t.co/CadJehomsU
Project Zero Bugs @ProjectZeroBugs
35K Followers 0 Following A bot that posts the latest blog posts and disclosures from Google's Project Zero
zh1x1an1221 @zh1x1an1221
925 Followers 300 Following Bug bounty hunter | 2024 Top 20 Chrome VRP Researcher|Web3 smart contract auditor | prev Ant Security Tianqiong Light-Year Lab
Brad Schlintz @nmdhkr
320 Followers 374 Following Traveler, security researcher, software engineer. Microsoft MVR 2025 (5th) and 2024 (19th).
jtriley2p @jtriley2p
11K Followers 323 Following liberate the source code, liberate the people https://t.co/8nnw8HeRWT https://t.co/uH7rN6S9Bw https://t.co/IGfqS6Ug6h https://t.co/vTWtq8OYDt
Sathish @SathishOFC
59 Followers 146 Following 🏆Top Security Researcher in Microsoft Q1 2022,Q4 2023,Q1 2024 🔍 | CEH V12 | Bug Hunter🐛 | Security Engineer 👨💻 | Safeguarded Microsoft, Apple, Lenovo ,Etc
Alisa Esage Шевч�... @alisaesage
38K Followers 101 Following Independent Hacker & Researcher, Owner of Zero Day Engineering @zerodaytraining • Pronounced ‘is edge’
Slavcheww @Slavcheww
2K Followers 291 Following @SBSecurity_ 🥷 Help Web3 protocols with Expert Auditing 🤝
phoen1xxx @phoen16xxx
246 Followers 75 Following VR at https://t.co/wxJnbWKni1 Captain of ctf team LCD.
Kévin GERVOT (Mizu) @kevin_mizu
6K Followers 755 Following Researcher for @ctbbpodcast lab 🐛 | DOMLogger++ developer 👨🏻💻 | CTF with @FlatNetworkOrg, @rhackgondins 🦦 | @ECSC_TeamFrance 2023 🇫🇷
Zero Day Engineering @zerodaytraining
8K Followers 1 Following State-of-the-Art Exploit R&D • @alisaesage
Liran Tal | Securing ... @liran_tal
13K Followers 1K Following 🧠 MCP 🍩 Socially Engineering LLM 🤖 Hacking AI Agents 🦄 Node.js Secure Coding 🌟 @GitHub Star 🏅 @OpenJS Pathfinder award for Security 🥑 DevRel @snyksec
Matan Berson @MtnBer
4K Followers 267 Following Hacker and bug bounty hunter mostly focusing on client-side security. h1-702 Vigilante, h1-65 Eliminator, AWC23 Best New Hacker
dmnk.bsky.social @domenuk
5K Followers 512 Following 【DΞCOMPILΞ NΣVΞR】 Android Red Team @google Fuzzing @aflplusplus CTF @enoflag (opinions my own)
tonghuaroot @tonghuaroot
450 Followers 3K Following Staff Security Engineer. Cyber Security enthusiast, not Hacker. Focus on Application Security, Penetration testing. #OSCP #OSEP #RedTeam #AppSec #WebSec
Thomas Rinsma @thomasrinsma
1K Followers 314 Following Looking for strange loops and weird machines. Lead security analyst @CodeanIO.
Clint Gibler @clintgibler
22K Followers 563 Following 🗡️ Head of Security Research @semgrep 📚 Creator of https://t.co/xwtIAI0CuJ newsletter
Mohammad Abedini @MMD_Abedinii
23 Followers 85 Following
mahdiRostami @0xmahdirostami
864 Followers 377 Following Master's degree in machine learning. Focused on web3 Security. Rank #1 @hatsfinance . Security auditor @accretion_xyz
XBOW @Xbow
10K Followers 6 Following Bringing AI to offensive security by autonomously finding and exploiting web vulnerabilities. Watch XBOW hack things: https://t.co/D5Mco1u8zM
Ali Yousefi @Mr_AliYousefi
60 Followers 57 Following 🇺🇸🇮🇷🇹🇷🇫🇷🇩🇪🇦🇪 Everyone has weaknesses, but I'm not everyone ………………………..Run 🏃♂️🤣
Trend Zero Day Initia... @thezdi
83K Followers 16 Following Trend Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
SSD Secure Disclosure @SecuriTeam_SSD
24K Followers 2 Following SSD provides the support you need to turn your experience uncovering security vulnerabilities into a highly paid career. [email protected]
Kian Shahi @MostPow3rful
732 Followers 977 Following || Web3 @Alectrona_eth || CTF Player @FlagMotori || Solidity-Foundry || Go, Py, JS, Bash
⌁𝚃ɪภค⌁ @thebigbugx
1K Followers 493 Following JS backend developer also i'm not morning person :) Gnosticism 👾👽Join my music channel as: https://t.co/1QKGynNRhf
Trends for United States
You might like
