-
Tweets2K
-
Followers1K
-
Following2K
-
Likes12K
after a long time, I decided to write a blog post about one of the old bugs I found in an Android app, which finally led me to achieve 0-Click Mass Account TakeOver it's now published, you can read it here : blog.voorivex.team/0-click-mass-a…
Finally, with @hw16, we managed to bypass the @Cloudflare mTLS protection after around 5 days of work. I'd like to share a few golden tips for bug bounty hunters who might face something similar in the future. But first, here's a quick summary: The target was a banking app with…
Finally, with @hw16, we managed to bypass the @Cloudflare mTLS protection after around 5 days of work. I'd like to share a few golden tips for bug bounty hunters who might face something similar in the future. But first, here's a quick summary: The target was a banking app with… https://t.co/9jSq8moAit
The whitepaper is live! Learn how to win the HTTP desync endgame... and why HTTP/1.1 needs to die: http1mustdie.com
🚨 CVE-2025-53770 - critical 🚨 Microsoft SharePoint Server - Remote Code Execution (ToolShell) > Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows a... 👾 cloud.projectdiscovery.io/library/CVE-20… @pdnuclei #NucleiTemplates #cve
Please don't report open redirects if you can't increase impact ! , I just found a xss to account take over, and it was a duplicate of p4 open redirect 😑😑 wtfff #bugbounty #bugbountytip
<meta http-equiv="refresh" content="0;url='//example.com'@X.com/'"> Chrome redirects to x.com, Safari and Firefox redirect to example.com.
Bugcrowd sent me another threatening message, accusing me of “disclosure” with zero evidence, just vague references to my educational posts. I redact everything. no program, no PoC, just ethical content. Stop punishing researchers . @Bugcrowd @BugcrowdSupport @Bcdisclosed
I hope to enjoy my senario: t.me/pentesterlande… I recorded video message, about how can i chained some boring vulnerabilities and made P1 report #BugBountytips #BugBounty #redteam #mindset #BugBountytip #xss #broken_access_control #writeup
I hope to enjoy my senario: t.me/pentesterlande… I recorded video message, about how can i chained some boring vulnerabilities and made P1 report #BugBountytips #BugBounty #redteam #mindset #BugBountytip #xss #broken_access_control #writeup
new discovery: cache poisoning on next.js - CVE-2025-49826 indefinite caching of a 204 response, rendering the affected pages inaccessible affected versions: >15.0.4 and <15.2.0 there will be no research paper for this one
new discovery: cache poisoning on next.js - CVE-2025-49826 indefinite caching of a 204 response, rendering the affected pages inaccessible affected versions: >15.0.4 and <15.2.0 there will be no research paper for this one https://t.co/mUx5Jh7YFt
IP whitelisting is fundamentally broken. At @assetnote, we've successfully bypassed network controls by routing traffic through a specific location (cloud provider, geo-location). Today, we're releasing Newtowner, to help test for this issue: github.com/assetnote/newt…
Nice Challenge! :] (learned something new 🫡) x.com/omidxrz/status…
Nice Challenge! :] (learned something new 🫡) x.com/omidxrz/status… https://t.co/pJ992KLr9k
Just found an interesting behavior in Firefox that can be used for XSS: If a response lacks the Content-Type header, Firefox renders it as text/plain. But if the URL ends with an extension like .html, Firefox treats it as that. #bugbounty #bugbountytips
just wrote a blog post based on this technique and described the methodology to take advantage of it, the post also includes an easy-to-set-up testbed to practice with, hope you find it useful blog.voorivex.team/leaking-oauth-…
just wrote a blog post based on this technique and described the methodology to take advantage of it, the post also includes an easy-to-set-up testbed to practice with, hope you find it useful blog.voorivex.team/leaking-oauth-… https://t.co/KF4jIqwifH
Today I used a technique that’s probably not widely known in the community. In what cases could code like this lead to a vulnerability? ->
I just built a custom action to let you test for race conditions with a single click! No tab groups required, and it uses the cutting edge single-packet attack under the hood.
Remember this ̶g̶u̶y̶ bug? This is him today. Feel old yet?
Remember this ̶g̶u̶y̶ bug? This is him today. Feel old yet? https://t.co/c4gEDPPub5
Write-Up is released :) medium.com/@eulex/how-i-m… x.com/eulex0x/status… #togatherwehitharder #BugBounty #CyberSecurity #EthicalHacking #PaymentsSecurity #HackerMindset #BugBountytips #BugBountytip
We recently looked deeper at the authentication bypass vulnerability in Next.js (CVE-2025-29927) and discovered some intelligent and comprehensive ways to check for the vulnerability. Read more in our blog post: slcyber.io/assetnote-secu…
the research paper is out: Next.js and the corrupt middleware: the authorizing artifact result of a collaboration with @inzo____ that led to CVE-2025-29927 (9.1-critical) zhero-web-sec.github.io/research-and-t… enjoy the read!
I have published a tool based on jadx that helps analyze Java applications. github.com/BlackFan/BFScan BFScan generates HTTP requests and OpenAPI specs based on config files and class/method annotations. It also searches strings that look like URIs, paths, or secrets.

mahdi @mR_000_JOJO
0 Followers 16 Following
Suqov @Suqov14241
0 Followers 49 Following
Josefcfc @yousefccfc
8 Followers 57 Following Interested in Bug Bounty & In love with Berserk, Main-Account: @yousefcfcc
q19_facl @q19_facl
3 Followers 177 Following
jocker @DavidSpid12189
1 Followers 949 Following
mei @0xT4D45H1
1 Followers 80 Following When your life is filled with darkness, remember that flowers always move towards the light. 4:20
Michael Bedwell @MichaelBed39099
0 Followers 76 Following
sarai @saraigeek
13 Followers 418 Following
Mahdi @faizimahdi11
0 Followers 14 Following
atxio @atxioz
0 Followers 43 Following
Thomas DeBenning @nullgraph0
6 Followers 430 Following
Cloner XZ @clonerxz8080
3 Followers 522 Following
Kiran Eliza @ElizaKiran26169
0 Followers 102 Following
𓆝 𓆟 𓆞 𓆝 �... @noodletrex
6 Followers 861 Following
Eliot butler @Eliotbutler_
24 Followers 879 Following
WaqarVicky @Waqar__Vicky
132 Followers 2K Following
bugbounty @bogbounty
152 Followers 497 Following Bug Bounty Hunter 🐞 | https://t.co/OIxOkuoC6B | | https://t.co/hQ2ERdN1pQ |
«نابغه ی دی�... @AliK2023396
4 Followers 138 Following دیوانه ی:« هک ، کد ، کامپیوتر ، برق ، شطرنج ، بوکس ، کتاب»:
Iemieowis @Iemieowis0202
22 Followers 953 Following
Gb @Dividerone
1 Followers 30 Following
amirmahdi @iammramirmahdi
0 Followers 303 Following
Mary @fratus_mary35
260 Followers 3K Following
Reza Sharifzade @safe_mode01
2K Followers 141 Following Security Researcher| bug hunter | redTeamer Instagram: PentesterLand
Kitsugi @xkitsugi
0 Followers 26 Following
amir hoseen @amir_amniiat
22 Followers 185 Following علاقه مند به امنیت💻،شطرنج♟️،ریاضی،تاریخ ،درحال تحصیل مهندسی برق مخابرات📡
Stoic MEhedi @stoic_mehedi
21 Followers 261 Following
Mohamed Yasser @LostSamorai
29 Followers 178 Following bug bounty hunter || New Account❤️ hunting for fun & profit for live🐦🔥 music 🦧 coffee ☕️ films 🎥 games 🎮
iman @Shciall
4 Followers 147 Following
Samin @Samin123856758
3 Followers 65 Following
milad@890 @Kamran_shokohi
462 Followers 6K Following
Adam Langley @BuildHackSecure
10K Followers 778 Following Fullstack dev & Hacker, training ethical hackers how to hack & web devs to secure their apps! CTO @hackinghub_io and Director @bsidesexeter
Aituglo @aituglo
1K Followers 345 Following Aituglo | Cassim Hacker Bug Hunter at HackerOne and YesWeHack • https://t.co/fQ0ssG5V2G
Vincent @vinhacks
460 Followers 238 Following 🇨🇦⚜️ 18 y/o bug bounty hunter & student. Sharing my bug bounty journey | https://t.co/PdrXkrMVCS | https://t.co/QnXe4wtL11
Claude @claudeai
108K Followers 1 Following Claude is an AI assistant built by @anthropicai to be safe, accurate, and secure. Talk to Claude on https://t.co/ZhTwG8dz3D or download the app.
Priyanshu @priyanshu_xo
2K Followers 663 Following full time bug bounty hunter https://t.co/Z1PExchTcf
Aditi Singh @aditi_singghh
13K Followers 731 Following Bug Bounty Hunter | Cyber security Researcher
solst/ICE @IceSolst
21K Followers 2K Following Pentester turned seceng turned meeting canceller - https://t.co/5hHG2R5lRS (-13$ ARR)
Eduardo Vela @sirdarckcat
12K Followers 602 Following not mad. mentally divergent. personal profile, opinions my own. everything I say is probably wrong. 🐘 @[email protected]
Sebastian Lekies @slekies
3K Followers 420 Following Automated Security Scanning & Vulnerability Management @Google
Niusha Saremi | نی�... @NewshaSaremi
134K Followers 981 Following Journalist and Host of The Lead with Niusha Saremi on @Iranintl | روزنامهنگار و مجری برنامه تیتراول
ایران اینتر... @IranIntlbrk
1.7M Followers 9 Following حساب خبر فوری و تازهترین اخبار تلویزیون #ایران_اینترنشنال. حساب اصلی ایران اینترنشنال: @IranIntl
yso @0a_yso
634 Followers 156 Following My crime is that of curiosity. Bug Bounty, Security Engineering, Dev and more Presented at Area41, DEF CON main stage, DEF CON Car Hacking Village
Rikesh Baniya @rikeshbaniya
5K Followers 437 Following i love graphql | 🇳🇵| blogs : https://t.co/B9UAv5l2cu
Tarek Bouali @iambouali
3K Followers 789 Following printf "%s & bug hunter. triager at @bugcrowd. %s are my own.\n" "hacker" "views"; echo a.k.a theartisan
skull @brutecat
3K Followers 226 Following hacker, security researcher. i run a blog @ https://t.co/cBW6gzTpV2
Akamai Security Intel... @akamai_research
26K Followers 109 Following All security research, all the time. Bringing you the latest insights from @Akamai’s research teams across the globe.
Disconnect3d @disconnect3d_pl
3K Followers 690 Following Security Engineer at @trailofbits. Pwndbg maintainer, justCatTheFish CTF team captain. Opinions are my own =)
justCatTheFish @justCatTheFish
3K Followers 54 Following Polish ctf team. Captain: @disconnect3d_pl Vice: @haqpl https://t.co/pJy694x44H
DarkShadow @darkshadow2bd
3K Followers 18 Following Ethical Hacker | Penetration Tester | Security Researcher | Bug Hunter | Exploit Developer. 🔥~For more Join my New telegram Channel👉🏼 https://t.co/9p1yvzluA4 ✨
huli @aszx87410
5K Followers 420 Following Taiwan / Front-end Engineer <=> Security Researcher. Interested in web. CTF player at @Water_Paddler
Emil Lerner @emil_lerner
3K Followers 346 Following Independent security researcher. CTO & co-founder of https://t.co/F296lUgKA8. Bushwhackers CTF team.
Lele @lel3x
2K Followers 275 Following https://t.co/ASdCj5rVba - Researcher from Germany, FIAN Use Code 'Lele' on Epic Games and Osirion #ad
Cubed @Cubed_h1
2K Followers 345 Following Career in hacking into stuff on https://t.co/9wUU4HbNMO | Security Researcher @hacker0x01. Half 🇷🇴 and half 🇪🇬
iSegar0 || سگارو @iSegar0
32K Followers 659 Following اینترنت یا برای همه ♻️ یا هیچکس ❌ وبسایت ترجمه زیرنویس https://t.co/FirlgVMAEn - کانال تلگرام https://t.co/ae5FK2XjRL
Jonathan Bouman @JonathanBouman
7K Followers 518 Following Medical Doctor (GP) & Security Researcher
g0ko @gokturkhatay
467 Followers 141 Following
Bad Sector Labs @badsectorlabs
8K Followers 503 Following Cybersecurity news, techniques, exploits, and tools every week at https://t.co/UgKmeEEjIV 🐘 @[email protected]
pilcrow @pilcrowonpaper
8K Followers 51 Following Open-source developer interested in auth and security. Working on @lucia_auth and @oslo_project
nc 🌐🕸️🐱 @thoughtfault
5K Followers 2K Following Supreme Leader @SpacialSec SpacialSec discord: https://t.co/12VEpIIgYL
Ciarán Cotter @monkehack
4K Followers 543 Following • Irish/Japanese web hacker living in Scotland. • Researcher for @ctbbpodcast Lab. I run https://t.co/Ja1P3vco1X | Newsletter weekly at https://t.co/KA5b2kY8ih
Ismail Senturk@Hacker... @ismailsntrk7
4K Followers 209 Following Antalya | Turkey | Sr. Security Researcher. | Sr. PHP Dev. | @Hacker0x01
Devansh (⚡, 🥷) @0xAsm0d3us
16K Followers 3K Following Pwn, Security Research & Math ⚡ Views are personal
Jon Bottarini @jon_bottarini
13K Followers 749 Following Product Manager @ Google. I post about bug bounties, infosec, and everything in between. This is a personal account. Formerly: @Hacker0x01