NEED YOUR HELP!
My Friend/Teacher Soroush (@irsdl) Is looking for a new company to join, you know him as the .NET-God, the guy who has popped exchange, sharepoint, has maintained ysoserial_.net for years, contributed to the exploitation scene numerous times, taught all of you…
As someone who has to to muck in with IR, thrunting and the like... it amazes me how many times it starts with with the most clearly dodgy looking phishing email. 😭
Couple of weeks without finding a bug and I feel like I've forgotten everything I once knew. I need some #bugbountytips and some bug bounty courses ASAP.
"Execute After Redirect" vulnerabilities occurs when a server fails to halt execution after issuing a redirect to the client. This can lead to serious security flaws if developers rely on redirects without implementing proper access control on the content served post-redirect. I…
Absolutely dominated by @carbonmanx this Synack Red Team recognition period. Congrats on hitting TITAN, and absolutely steam rolling the UK leaderboard! #LegendInTheMaking
🎉I’m excited to announce that I’ll be presenting my talk “𝐔𝐩 𝐚𝐧𝐝 𝐃𝐨𝐰𝐧 𝐓𝐞𝐜𝐡𝐧𝐢𝐪𝐮𝐞: 𝐄𝐱𝐩𝐨𝐬𝐢𝐧𝐠 𝐇𝐢𝐝𝐝𝐞𝐧 𝐃𝐚𝐭𝐚 𝐟𝐫𝐨𝐦 𝐑𝐀𝐆 𝐒𝐲𝐬𝐭𝐞𝐦𝐬” at @_leHACK_ in Paris, France at the end of June.
In this talk, I’ll demonstrate a technique I discovered…
🎉I’m excited to announce that I’ll be presenting my talk “𝐔𝐩 𝐚𝐧𝐝 𝐃𝐨𝐰𝐧 𝐓𝐞𝐜𝐡𝐧𝐢𝐪𝐮𝐞: 𝐄𝐱𝐩𝐨𝐬𝐢𝐧𝐠 𝐇𝐢𝐝𝐝𝐞𝐧 𝐃𝐚𝐭𝐚 𝐟𝐫𝐨𝐦 𝐑𝐀𝐆 𝐒𝐲𝐬𝐭𝐞𝐦𝐬” at @_leHACK_ in Paris, France at the end of June.
In this talk, I’ll demonstrate a technique I discovered…
It's the first time I've seen triager react poorly to a researcher complaining on X with a DM. I can imagine it does get a bit upsetting after a while. An interesting situation for @Bugcrowd to deal with. If the other way round, I am sure a researcher would be penalised.
After a lot of sweat and efforts, the Barracks Corp WarZone is live.
I’ve always found the worst kind of vulns in an internal portal. Just like the Social WarZone, this one also contains realistic vulns from my own reports.
Hope you all love this <3
After a lot of sweat and efforts, the Barracks Corp WarZone is live.
I’ve always found the worst kind of vulns in an internal portal. Just like the Social WarZone, this one also contains realistic vulns from my own reports.
Hope you all love this <3
💭 It all started during an assessment of a web application. In the latest Exploits Explained, Synack Red Team member "nerrorsec" recounts the discovery of a DOM-based XSS vulnerability that was patched…and then found in another product from the same company a year later.…
👀 Synack Red Team member Busra (@turakbusra) walks us through her discovery of an access control violation vulnerability that led to account takeover. Follow along → hubs.ly/Q03fZ7fR0
It's always nice to find SQLi with @SynackRedTeam as the triage and pay out is fast. It's even better when the bounties are paid at treble what they normally are. Check out the 300% targets!
🚨CVE ALERT!
While working with Nuclei @wiz_io, I discovered CVE-2024-43405, a vulnerability that bypasses template signature verification, potentially allowing malicious code execution on machines running Nuclei 🛡️
Here’s what you need to know: 🧵
📢 Call for Papers!
Got a great idea? We want to hear it! Check out our tips to help your talk shine—whether you're a pro or a first-timer.
Submit your talk by 30th Jan 2025 and join us for the first-ever BSides Birmingham on 3/5/25
#BSidesBirmingham#CallForPapers#CyberSecurity
4 Followers 173 FollowingRecruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/Ak39WRcPM8
10K Followers 786 FollowingFullstack dev & Hacker, training ethical hackers how to hack & web devs to secure their apps! CTO @hackinghub_io and Director @bsidesexeter
144K Followers 456 FollowingWe are the National Cyber Security Centre – part of the UK’s intelligence & cyber agency @GCHQ. We help to make the UK the safest place to live and work online.
248K Followers 3K FollowingPentester, Forensic investigator, and former college professor. Trained hackers at every branch of US military and intelligence.
Visit me at https://t.co/G478wufszw
38K Followers 132 FollowingDetect real, exploitable vulnerabilities. Harness the power of Nuclei for fast and accurate findings without false positives.
2K Followers 10 FollowingSmall team building powerful AI offensive security tools that help pentesters score more vulnerabilities!
Try live demo ➡️ https://t.co/hAYMMC8dxT
20K Followers 271 FollowingOffensive security company. Dojo of many ninjas. Red teaming, reverse engineering, vuln research, dev of security tools and incident response.
1K Followers 230 FollowingNothing, just a noob and trying to learn new things🙂
Bug Bounty Hunter🪲|Synack Red Team Member| Rank #2 on https://t.co/zE76rcPoOi
9K Followers 968 FollowingOffensive Security Researcher, Pentester, Red Teamer and Bug Bounty Hunter | SRT Hero at @Synack Red Team | Hackerone - sayaanalam