Medusa @_medusa_1_
Joined May 2013-
Tweets38
-
Followers437
-
Following393
-
Likes342
Super glad to have collaborated on @albinowax’s research this year with @bsysop and @_medusa_1_. Funny enough, it all started with a random Slack DM that revealed a potential research collision with James, and things took off from there.
Super glad to have collaborated on @albinowax’s research this year with @bsysop and @_medusa_1_. Funny enough, it all started with a random Slack DM that revealed a potential research collision with James, and things took off from there.
I'm thrilled to announce "HTTP/1 Must Die! The Desync Endgame" is coming to #DEFCON33! This talk will feature multiple new classes of desync attack, mass exploitation spanning multiple CDNs, and over $200k in bug bounties. See you there!
I've recently put more work into my ffuf fork, uff, and I think every ffuf user should at least give it a try - and maybe even switch to it. Here's why, in a #bugbounty 🧵
I’m excited to introduce Namespace Confusion, a novel attack discovered during Gareth's and mySAML Roulette: The Hacker Always Wins research. We uncovered a brutal attack on XML signature validation that destroys authentication in Ruby-SAML!
I’m excited to introduce Namespace Confusion, a novel attack discovered during Gareth's and mySAML Roulette: The Hacker Always Wins research. We uncovered a brutal attack on XML signature validation that destroys authentication in Ruby-SAML! https://t.co/AJyEfzGGF8
Super happy to see our research ranking #3 in @PortSwigger Top Web Hacking Techniques of 2024! 🚀 This one was a wild ride! Huge thanks to @_medusa_1_ & @sw33tLie for the amazing teamwork and to @Bugcrowd, who supported us! ❤️ What next? Keep tuned 👀🥷🏻 #BugBounty #Hacking
Super happy to see our research ranking #3 in @PortSwigger Top Web Hacking Techniques of 2024! 🚀 This one was a wild ride! Huge thanks to @_medusa_1_ & @sw33tLie for the amazing teamwork and to @Bugcrowd, who supported us! ❤️ What next? Keep tuned 👀🥷🏻 #BugBounty #Hacking
Huge news! Our research just ranked #3 in @PortSwigger’s Top Web Hacking Techniques of the Year! 🎉 Biggest lesson: ever assume something isn’t exploitable—test it. Smuggling attacks are far from dead! Massive thanks to my research partners @bsysop & @_medusa_1_ 🙌 #bugbounty
Huge news! Our research just ranked #3 in @PortSwigger’s Top Web Hacking Techniques of the Year! 🎉 Biggest lesson: ever assume something isn’t exploitable—test it. Smuggling attacks are far from dead! Massive thanks to my research partners @bsysop & @_medusa_1_ 🙌 #bugbounty https://t.co/gpe3f1B8Po
🏆 Top 10 Web Hacking Techniques of 2024 nominations are live, and this time, we’re participating! Our technique is "TE.0 HTTP Request Smuggling" affecting thousands of servers. Vote in portswigger.net/polls/top-10-w… Questions? CC: @_medusa_1_ @sw33tLie #BugBounty #InfoSec
How novel HTTP request smuggling techniques led to an in-depth investigation and a substantial payout... 🤯 After extensive research and failed attempts, @sw33tLie, @bsysop, and @medusa_1 uncovered a new HTTP Request Smuggling vulnerability 🧩: bgcd.co/3zNVPlB
🐝 Hive Five 181 - What the Dying Teach the Living --- 🔍 Innovative recon tool alert: Lemma, a Python-based AWS Lambda package for executing command-line tools in a scalable, remote environment. @defparam 🕵️ Unveiling TE.0 HTTP Request Smuggling: A critical vulnerability…
It’s been a while since last publication on the hop-by-hop vulnerability affecting Akamai. Special thanks to @bsysop, @sw33tLie, the Google team, and @Bugcrowd for their invaluable support. bugcrowd.com/blog/unveiling…
Servers with top-notch security measures like authentication, authorization, and ZeroTrust can still fall prey to HTTP Smuggling 🏴☠️. Proud to work with @_medusa_1_ and @sw33tLie on this discovery. Genius guys! 🚀🧠 bugcrowd.com/blog/unveiling… #BugBounty @Bugcrowd
BIG round of applause for this BIG find! 👏🐛📈
BIG round of applause for this BIG find! 👏🐛📈
This is one of the most widespread and impactful bugs I've ever found in my career. Great collab with @bsysop and @_medusa_1_ Smugglings are still out there—stay vigilant! #bugbounty @Bugcrowd bugcrowd.com/blog/unveiling…
portswigger.net/daily-swig/res… Hey @_medusa_1_ , the situation is getting out of hand! 😅 @PortSwigger
I just published a post on Medium about the most relevant vulnerability I have found in my life so far. "Worldwide Server-side Cache Poisoning on All Akamai Edge Nodes ($50K+ Bounty Earned)": medium.com/@jacopotediosi…
blog.hacktivesecurity.com/index.php/2022… TL;DR: Overall bounty of USD 46,000! 😱🥳 First post by @_medusa_1_ showing the outcomes of his most recent #bugbounty activity which led to the detection of an HTTP Request #Smuggling #vulnerability on several big Corp. #cybersecurity #bugbountytips
really it's not fun for me, some @Hacker0x01 trigger team don't care about reports without understand the report quickly close it as N/A or dups, i had 4 reports it was closed as dups and i talked with them to closer look at these reports and they was mistake it was not dups.
serdar @serdar715631
4 Followers 473 Following
Girhou @Girhou94150
27 Followers 628 Following
Grandfather Saha @grandfathersaha
579 Followers 369 Following Professionally a Teacher | Passionately a Physicist | Psychologically acts as a HACKER.
ujjwal @MehtaInfosec
0 Followers 8 Following
Harun Poyraz @harunpoyr
7 Followers 436 Following
Augusto Zanellato @auguzanellato
1K Followers 381 Following BSc in CS, currently MSc in Cybersecurity student @UniPadova n00b CTF player with @pwnlentoni
xAKMx @xakmx_
0 Followers 34 Following
Christopher Morales @D4sh010101
70 Followers 2K Following
Ashbi @ashbi_sec
84 Followers 706 Following
Ujjwal Kumar @mehtasec
1 Followers 125 Following
Anibal @anibalvera
215 Followers 1K Following Evangelista de la seguridad informática, promotor de conocimiento y software libre, Conferencista , Computer Science UCV, Padre y esposo de una Reina.
Brumens @Brumens2
2K Followers 500 Following @yeswehack employee 🪖 | Bug Bounty hunter🐝 & coffee lover ☕ I'm a big fan of breaking into all sorts of things 🌐
Hamzah Abdlmotalb Abd... @HAbdullah55817
10 Followers 500 Following
Pablo Picurelli Ortiz @superpegaso2703
9 Followers 133 Following Security researcher. HTB CPTS, CBBH. CVE-2025-53621. Cyber security student at Universidad Rey Juan Carlos (URJC)
VRIIZ @_VRIIZ_
4 Followers 183 Following N00b in Cyber Security, but Excited to Learn 😁✌️ Eat, Sleep, Hack, Repeat 😉
boffman @b0ffm4n
4 Followers 165 Following
Thomas Stacey @t0xodile
636 Followers 209 Following Penetration tester trying to perform novel research. You can find all of my write-ups and research at https://t.co/2chUIHJDeP.
DreyAnd @dreyand_
2K Followers 840 Following 19yo, Bug Bounty, Security Research & CTF w/@ProjectSEKAIctf
Aman Subedi @amsubedi2
82 Followers 671 Following
raff0x1 @Raoufmaklouf
29 Followers 190 Following
Kévin GERVOT (Mizu) @kevin_mizu
6K Followers 757 Following Researcher for @ctbbpodcast lab 🐛 | DOMLogger++ developer 👨🏻💻 | CTF with @FlatNetworkOrg, @rhackgondins 🦦 | @ECSC_TeamFrance 2023 🇫🇷
Abdullah Asif @AbdullahAsifVir
372 Followers 1K Following #Cybersecurity #WebApplications #CloudArchitect. Retweet not endorsement.
Shadow @AhmdMhmd30376
17 Followers 296 Following Penetration tester | Bug Hunter | CTF Player 🚩 lifeless
Dk Mn @m8elos
2 Followers 175 Following
heaven @haloiceyx14152
0 Followers 148 Following
eye 👁️ @minometidji
1K Followers 381 Following We have a new day, new opportunities, and new possibilities, so go ahead and learn something .
sadpiranha @LeadNead
0 Followers 456 Following Cybersecurity lover | sharing what I found interesting.
Gamal @_abdelnasser_
411 Followers 2K Following
::: @pelamx
168 Followers 5K Following
303sec @303sec
289 Followers 1K Following Security Research & DevSecOps. 303sec on all platforms. Ex-baby (now fully grown).
XBOW @Xbow
10K Followers 6 Following Bringing AI to offensive security by autonomously finding and exploiting web vulnerabilities. Watch XBOW hack things: https://t.co/D5Mco1u8zM
chux @chux13786509
8K Followers 327 Following Web Warrior 👻 | Bug Hunter | CVE-2024-46990 | CVE-2024-54128 | CVE-2025-29930 | https://t.co/LbpguTTSEk | https://t.co/e9bO0RZKlB
^.Übermensch @_foobarr
30 Followers 2K Following
pablo palma @pablopalmappr
3 Followers 447 Following
Adrian.09 @Adriannx09
40 Followers 145 Following
Hackwhy @Hackwhyy
2 Followers 13 Following
Ashek-Alahi @mdashekalahi35
29 Followers 806 Following
Vaisov Bek @vaisovbek
854 Followers 6K Following Security Researcher aka Bug Bounty Hunter | CTF Player
Hoa Lê Ngọc @Le_Ngoc_Hoa
6 Followers 202 Following
Isaiah @Hacker_Ise
5 Followers 670 Following Web & Mobile Security Reseacher | Exploring Blockchain and Cloud Security | ARM | Chasing My Curiousity
Erez @ErezYalon
1K Followers 459 Following VP of Security Research @Checkmarx; Founder of @AppSec_Village; API Security Project Leader @OWASP
NeM0x00 @Yousef39960629
476 Followers 424 Following Security Researcher 👾 write a code that breaks Programmers code
badmash jatt @badmash1337
569 Followers 800 Following 📍سرزمینیں پاکستان | منزلیں بہادروں کا استقبال کرتی ہیں بزدلوں کو تو راستے کا خوف ہی مار دیتا ہے
syyc_ @bm00__
39 Followers 366 Following
Abdelkrim @ASn4k3y3
33 Followers 1K Following
fnord0 @0xfnord
212 Followers 2K Following computer, network/telecommunications and security enthusiast - budding programmer, @political
zodiac_ @_zodiacHacker
58 Followers 234 Following Bug hunter @Hacker0x01 github : https://t.co/SS5SOY3xqO
Ameya Kannurkar @AmeyaKannurkar
20 Followers 142 Following
Patrick @Patrick0x41
690 Followers 4K Following Offensive Security Engineer | Interested in Red Teaming & Vulnerability Research
turb0 @7urb01
334 Followers 123 Following CTBB Full-Time Hunters' Guild Member | JavaScript Survivor | Shell Tourist | /((de)?bu(g+)?(ing)?)?/i Bits, bytes, and bad ideas https://t.co/0iE5bU44up
naive_tester @naive_tester
35 Followers 1K Following
sudi @sudhanshur705
5K Followers 706 Following Remember, whatever happens... There's always a vulnerability https://t.co/FFVfnf39jY
Ghalahad @j_Kingsmand
47 Followers 606 Following
roughwire @roughwire
1K Followers 470 Following Security Engineer I love guitar more than info security ❤️
Niv Levy 🇮🇱 @restr1ct3d
6K Followers 3K Following Penetration Testing Engineer / Bug Bounty Hunter / OSCP, OSWE, GCPN
Mr. @al1k0k
60 Followers 1K Following
xssdoctor @xssdoctor
4K Followers 373 Following hacker and cardiologist… not necessarily in that order
Ananda Dhakal @dhakal_ananda
11K Followers 663 Following Vulnerability Researcher @patchstackapp | Brand Ambassador @Hacker0x01 | Blogs: https://t.co/a0aOojdwyl 🇳🇵
Tuan Anh Nguyen⚡️... @haxor31337
15K Followers 2K Following 29 y/o Bug Bounty Hunter and Red Teamer at Viettel Cyber Security. Brand Ambassador @Hacker0x01 - Researcher Spotlight @Bugcrowd
WhiteHatMage @WhiteHatMage
3K Followers 316 Following Bug bounty wizard - All Stars @immunefi. I cast Exorcise on vulnerabilities and Heal on protocols. Prevented on-chain exploits worth over $200M.
eternalkyu @eternalky_u
68 Followers 35 Following Bug bounty hunter, security researcher and CEO @ https://t.co/v4XQBkbrfj
Gareth Heyes \u2028 @garethheyes
37K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5
Kévin GERVOT (Mizu) @kevin_mizu
6K Followers 757 Following Researcher for @ctbbpodcast lab 🐛 | DOMLogger++ developer 👨🏻💻 | CTF with @FlatNetworkOrg, @rhackgondins 🦦 | @ECSC_TeamFrance 2023 🇫🇷
Fat @fattselimi
16K Followers 9K Following Chasing Positive vibes only & Ethical Hacking for fun and profit🧑🍳
Brumens @Brumens2
2K Followers 500 Following @yeswehack employee 🪖 | Bug Bounty hunter🐝 & coffee lover ☕ I'm a big fan of breaking into all sorts of things 🌐
Thái Vũ @thaivd98
3K Followers 932 Following
Carmine Gragnano @CGragnano
40 Followers 120 FollowingTrends for United States
You might like
