mrroot @_mohd_saqlain
I teach systems to misbehave — creatively \r\n Application Security Engineer | https://t.co/qtnfutkZkK mrrootsec.vercel.app INDIA 🇮🇳 Joined November 2013-
Tweets3K
-
Followers873
-
Following416
-
Likes12K
Interested in Spring Boot Actuators in the context of bug bounty hunting? I wrote something - nothing new - just some insights ;) Article: dsecured.com/en/articles/sp… Retweet appreciated! Dont expect 0days or some fancy magic.
Wow. this was a great article: pwner.gg/blog/2024-05-2…
We've just published a novel technique to bypass the __Host and __Secure cookie flags, to achieve maximum impact for your cookie injection findings: portswigger.net/research/cooki…
ViewState Deserialization Zero-Day Vulnerability cloud.google.com/blog/topics/th…
How to find bugs on a hardened target using gadgets - @aituglo bugcrowd.com/blog/how-to-fi…
Facebook Messenger for Windows RCE worth $112K via Slack/Viber DLL files override using path traversal in attachments by @vulnano vulnano.com/2025/09/remote…
As an engineer, I ❤️ clever engineering. Ruby on Rails relies on signed sessions (AES GCM). They are secure, but there is a catch: you cannot invalidate them early. You have to wait for expiry. Workarounds exist, like caching sessions you want to kill, but nothing universal.
Interesting post about Client-side RCE and CSS Injection! balintmagyar.com/articles/googl…
New tool drop: JsonViewer 🚀 Stop scrolling through JSON like a raccoon in a dumpster. 👉 Clean, searchable tables 👉 Bookmarks, filters, exports 👉 Runs in your terminal (SSH/VPS/local) GitHub: github.com/freakyclown/js… YouTube demo: youtube.com/watch?v=j8yrV7… make JSON suck less.
For YOU interested in JS exploitation: 2nd episode dissecting the current state of the art. Ready for fakeobj() ? We are looking for you at fuzzsociety.org to learn vulnerability research together, from scratch. youtu.be/hZU_KsShXGk +slides +docker
Just published a new write-up - Hacking 700 Million Electronic Arts Accounts battleda.sh/blog/ea-accoun…
Sleepless Strings - Template Injection in Insomnia - @TantoSecurity tantosec.com/blog/2025/06/i…
The whitepaper is live! Learn how to win the HTTP desync endgame... and why HTTP/1.1 needs to die: http1mustdie.com
What happens when a WAF blocks every XSS payload you throw at it? You get creative. 🔗 Read the full blog post: blog.ethiack.com/blog/bypassing…
This post is SO GOOD! I knew nothing about easy auth, It's so interesting! And the abuse ideas are so creative! It's not the first time i see how env variables on app lead to such things (See MI research by NetSpy). Go read it! dazesecurity.io/blog/abusingEa…
I'm happy to release a script gadgets wiki inspired by the work of @slekies, @kkotowicz, and @sirdarckcat in their Black Hat USA 2017 talk! 🔥 The goal is to provide quick access to gadgets that help bypass HTML sanitizers and CSPs 👇 gmsgadget.com 1/4
1/4 dbugs LIVE dbugs.ptsecurity.com — vulnerabilities’ home See trends, discover more, read AI summaries, have all references at hand, and your profile with all your CVEs and CVSS score on a leaderboard. ⬇️ See thread: what’s live + what’s next ⬇️
New blog out! Think XSS is a thing of the past with today's Web frameworks? Think again! Our new article by @i_am_canalun breaks down why this vulnerability persists and offers insights on how to stay secure. Read it here! flatt.tech/research/posts…
When applying for a job at McDonald's, over 90% of franchises use "Olivia," an AI-powered chatbot. We (@iangcarroll and I) discovered a vulnerability that could allow an attacker to access the over 64 million chat records using the password "123456". ian.sh/mcdonalds
Just dropped a new CSP bypass for salesforce.com on cspbypass.com : <script src="omtr2.partners.salesforce.com/id?callback=al…"></script>
Intigriti @intigriti
195K Followers 657 Following Bug bounty & VDP platform trusted by the world’s largest organisations! 🌍
HackerRats - Uncle Ra... @theXSSrat
156K Followers 956 Following Alone we survive, together we prosper. Are you with me? https://t.co/AfnDsVhqqA
zseano @zseano
79K Followers 703 Following
Fat @fattselimi
16K Followers 9K Following Chasing Positive vibes only & Ethical Hacking for fun and profit🧑🍳
Louis Nyffenegger @snyff
20K Followers 592 Following Founder/CEO/Trainer/Researcher/CVE archeologist @PentesterLab. Security engineer. Bugs are my own, not of my employer...
Harvey Goldner @HGoldner23438
59 Followers 3K Following
Arshad @Mohd_Arshad09
45 Followers 488 Following
rudy.19 (Jifat) @MDTonmoyHossai7
22 Followers 430 Following trying to make my space in tech world hacking enthusiasts | Django-React dev #hacking #bug-bounty #pentesting
M.PAVAN KUMAR @PavanM73255
0 Followers 2 Following
Yadhavi @PrincessYadhavi
85 Followers 629 Following
Road2Crits @Symibot
4 Followers 475 Following null byte or whatever cool hackers put in their bio idk
Fuisu @Fuisu453
73 Followers 3K Following
Shubham Khanna @Shubhamkhanna06
161 Followers 2K Following Explores and learns! Pentester by Passion. AI explorer. book lover! shares bug bounty tips
Dark@Joker:~$ @ExploitNest
95 Followers 2K Following CRTA | CAP | OSCP (Aspirant) - Pentration Tester & Bug Hunter - Red Teamer 🤡
kamran khan @kamrank94955075
24 Followers 322 Following
Araf Rubayed @ArafRubayed
59 Followers 1K Following
Ryan Barnett (B0N3) @ryancbarnett
5K Followers 404 Following Web App Defender | Bug Hunter/Triager | Purple Team | Detection Engineering | Author | Senior Threat Research Manager @Akamai_research | OWASP Project Leader ✝️
Sergey Zybnev @szybnev
4 Followers 67 Following Hello! My name is Sergey Zybnev. I am a specialist in cybersecurity. I have a wide profile experience in security audit of websites, servers, web applications.
Sergio Muniesa @smuniesa
8 Followers 134 Following
Ruben DM @rcetto
480 Followers 5K Following #Informatica, #BassGuitar, #HeavyMetal... y ahora me ha dado fuerte por los #acuarios, a ver si me relajo un poco
Katie Harvey @KatieHarve8890
1 Followers 171 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/LL5DllmfwY
Moshe Farrid @WooorstOne
144 Followers 2K Following
NomadicLad @nomadic_lad28
22 Followers 227 Following
MamieJonah @23Z70BW3TuGrvC5
111 Followers 3K Following
Matt @Matt32207552792
38 Followers 90 Following
CH SATHWIK @chsxthwik
288 Followers 448 Following Im Teen ~15 I build stuff 🧑💻🦄👨🎓 - Top 1% Teen 🦇 - Top G
Francisco Neves @fneves97
395 Followers 516 Following Software engineer, interested in bug bounty. Building https://t.co/dyLc78uDiB
Kartik Pachbudhe 🇮... @Kartikpachbudhe
248 Followers 4K Following Cybersecurity Researcher | BugBounty Hunter | Cyberspace n00b | Ethical Hacker | Psychology Enthusiast
Shuvo Kumar Saha 🇧... @syper_shuvo
570 Followers 867 Following Bug Bounty Hunter | Penetration Tester
MOGTABA @MOGTABA_X
9 Followers 533 Following
Rohit Soni @rohitsonix
3K Followers 5K Following Sarcastic || Inventory Auditor || Hustler 🔍 उम्मीद कभी हमें छोड़ कर नहीं जाती, बल्कि जल्दबाजी में हम ही उसे छोड़ देते हैं
Luke (datalocaltmp) @datalocaltmp
1K Followers 562 Following mobile reverse engineering, vulnerability research, using lldb
pentestgod @pentestgod
21 Followers 110 Following Bug Bounty Hunter | Pentester | OSEP | OSCP | CRTP | CRTO | eWPTXv2
Kishnoil Attitude @KishnoilA
3 Followers 47 Following
Sameer Dhage @samdhage16
13 Followers 601 Following
Intigriti @intigriti
195K Followers 657 Following Bug bounty & VDP platform trusted by the world’s largest organisations! 🌍
Ben Sadeghipour @NahamSec
235K Followers 1K Following Cofounder @hackinghub_io | Advisor @CaidoIO. I hack companies and make content about it. #NahamCon organizer. ex @hacker0x01🇮🇷
PentesterLab @PentesterLab
192K Followers 0 Following We make learning web hacking and security easier. Online systems, code review, videos & courses that can be used to understand, test and exploit bugs!
bugcrowd @Bugcrowd
188K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™
InfoSec Community @InfoSecComm
52K Followers 635 Following Largest InfoSec publication with 62,000+ followers and 1M+ monthly views.
HackerRats - Uncle Ra... @theXSSrat
156K Followers 956 Following Alone we survive, together we prosper. Are you with me? https://t.co/AfnDsVhqqA
Harsh Bothra @harshbothra_
43K Followers 740 Following Freelance Pentester & Consultant • Cobalt Core Lead & Pentester • Author • Speaker • Blogger • SecurityExplained • Project Bheem • Learn365 • Views are personal
zseano @zseano
79K Followers 703 Following
Sam Curry @samwcyo
98K Followers 1K Following
Luke Stephens (hakluk... @hakluke
96K Followers 2K Following Hacker, marketer. I manage socials and produce amazing technical blogs for cybersecurity orgs. Founder of @hacker_content and @haksecio
Hussein Daher @HusseiN98D
49K Followers 199 Following Entrepreneur, Hacker 🇱🇧🇨🇮 @WebImmunify 21th/270000 BugCrowd Hacking Platform
JS0N Haddix @Jhaddix
167K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. Cybersecurity + Hacking + AI + Sec Leadership @arcanuminfosec
John Hammond @_JohnHammond
300K Followers 3K Following Cybersecurity Researcher @HuntressLabs || Just Hacking Training @JustHackingHQ w/ @ethicalhacker || https://t.co/UtsNJiyQtS || https://t.co/narO3sz7y6
TCM Security @TCMSecurity
208K Followers 358 Following Come learn to hack at TCM Security Academy! Veteran owned. Quality results.
shubs @infosec_au
56K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnote
TryHackMe @RealTryHackMe
284K Followers 103 Following An online platform that makes it easy to break into and upskill in cyber security, all through your browser.
Bug Bounty Reports Ex... @gregxsunday
53K Followers 616 Following Grzegorz Niedziela - a hacker who documents his hacking journey by creating and curating the best content about bug bounty and offensive security.
Nathaniel @nnwakelam
41K Followers 919 Following
BugBountyHunter.com �... @BugBountyHunt3r
36K Followers 1 Following Our membership program has come to an end and we’re no longer onboarding new members.
Damian Strobel @damian_89_
7K Followers 744 Following Penetration tester/Ethical Hacker; Sold my eASM to a NASDAQ company; Founder of an IT security company; Building a Legal Tech AI startup in my spare time :P
Dung Le @LTiDiii
824 Followers 780 Following FlySec Co-Founder: https://t.co/3ipcsYPW2y; Grind now. Greatness later.
pt200 @_pt200
258 Followers 130 Following Cyber Security Engineer - Bug Bounty Hunter - Flysec Co-Founder (https://t.co/UwFfLMDys7)
Thái Vũ @thaivd98
3K Followers 932 Following
Anirudh Anand @a0xnirudh
4K Followers 702 Following Head of Product Security Engineering at @CRED_club | Application Security ♥ | CTF lover - @teambi0s | Security Trainer - @7asecurity | Tweets are my own.
Just a Fool @thefool4599
129 Followers 149 Following World of Fools. Paster. Flysec Team Member: https://t.co/Zi6FfuA61J
Jeppe Weikop @__w4ke
131 Followers 102 Following
Thomas Stacey @t0xodile
637 Followers 236 Following Penetration tester trying to perform novel research. You can find all of my write-ups and research at https://t.co/2chUIHJDeP.
Seba Peyrott @speyrott
411 Followers 25 Following Auth0er, Linux enthusiast, code monkey. I enjoy learning things.
Issam Rabhi @Issam_Rabhi
4K Followers 1K Following Phd in Computer Science. Acknowledged by Google more than 100 times!
0x6c75696a616974 @luijait_
19K Followers 962 Following Instagram: luijait | Apasionado de la tecnología desde corta edad | Software/AI/ML Engineer & Researcher | Hacker | PERSONAL ACCOUNT AND OPINION RL
Ryan Barnett (B0N3) @ryancbarnett
5K Followers 404 Following Web App Defender | Bug Hunter/Triager | Purple Team | Detection Engineering | Author | Senior Threat Research Manager @Akamai_research | OWASP Project Leader ✝️
Chaithu @ant4g0nist
2K Followers 256 Following Building building || Vulnerability Research || fuzzing artist || 🦀 + security
Bug Bounty Village @BugBountyDEFCON
8K Followers 580 Following Official X account for the Bug Bounty Village @DEFCON. Founded by @infinitelogins and @arl_rose.
Tom Gallagher @secbughunter
2K Followers 201 Following Vice President of Engineering, Microsoft Security Response Center (MSRC)
Luke (datalocaltmp) @datalocaltmp
1K Followers 562 Following mobile reverse engineering, vulnerability research, using lldb
Stealthy @stealthybugs
7K Followers 90 Following God is our refuge and strength, an ever-present help in trouble. - Psalm 46
尺Ξn4tø 尺ødɿig... @simps0n
3K Followers 244 Following ╪ͥ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋ ◯ ⃝ ⃝ ⃝ ⌨ ⁰☠ ☂ ☺ ♬
Jonathan Bouman @JonathanBouman
7K Followers 524 Following Medical Doctor (GP) & Security Researcher
Martin Voelk @martinvoelk
10K Followers 1K Following Cyber Security Engineer II at Uber Inc. CISSP, BSCP, OSCP, CCIE. Penetration Testing, Bug Bounty and AI Security Enthusiast. Husband and dog lover.
Critical Thinking - B... @ctbbpodcast
22K Followers 69 Following A 'by Hackers for Hackers' podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest exploitation techniques.
Mohammed Aldoub م.م... @Voulnet
91K Followers 778 Following م.محمد قتيبة الدوب،مستشار ومهندس ومدرب عالمي بأمن المعلومات. Trainer & Cyber Security Consultant, DEFCON, SANS & RSA Speaker,CISSP GWAPT
Matan Berson @MtnBer
4K Followers 270 Following Hacker and bug bounty hunter mostly focusing on client-side security. h1-702 Vigilante, h1-65 Eliminator, AWC23 Best New Hacker
Mukul Goyal @itz_mg_
3K Followers 506 Following 17 | Bug Bounty Hunter | Aspiring Security Researcher
@ddǝɐuɐp @DanaEpp
4K Followers 225 Following I help builders and breakers of code learn to find security vulnerabilities in their apps and APIs.
డానియేల... @zeroxdtd
157 Followers 1K Following Product Security | Automation | Offensive Security 0x45 | Null @Vijayawada Lead
Arbaz Hussain @ArbazKiraak
7K Followers 2K Following Hacker / Technical Triage Lead @immunefi | Views are my own.
Matt Zorich @reprise_99
14K Followers 2K Following @Microsoft Security | https://t.co/HWozKuixTi | Tweets are my own
m s nishanth @msnishanth9001
28 Followers 557 Following ML Researcher at @f5 • @IITHyderabad • @auvcochennai •
Miroslav Stampar @stamparm
8K Followers 351 Following PhD, author of @sqlmap & @maltrail, CTF w/ @SuperGuesser, chess lover, problem solver
Noah Franklin @iamnoahfranklin
312 Followers 338 Following 🌐 Regional AppSec Delivery Lead | Cyber Security & Risk Management | Handling American Region | CPENT | CEH | Pen Tester | AI Enthusiast | Security Researcher
pwn.ai @pwn_ai
8K Followers 1 Following Built to breach. Agentic hacking ecosystem in the works. coming soon. Built by the amazing team @OctagonNetworks
Lenin Alevski @Alevsk
3K Followers 2K Following #security Eng @Google. ♥️ To Build and Break Stuff. Wannabe #Hacker. Personal opinions only, review my PR please. PGP/MIT: 0x67BA54C7DE3DD14A
Kévin GERVOT (Mizu) @kevin_mizu
6K Followers 756 Following Researcher for @ctbbpodcast lab 🐛 | DOMLogger++ developer 👨🏻💻 | CTF with @FlatNetworkOrg, @rhackgondins 🦦 | @ECSC_TeamFrance 2023 🇫🇷
Manmath Paste @ManmathPaste
9 Followers 145 Following
Sulabh Jain @Profile4Sulabh
293 Followers 15 Following https://t.co/8pQreaipF0 https://t.co/BiRddOdawt
Clint Gibler @clintgibler
22K Followers 563 Following 🗡️ Head of Security Research @semgrep 📚 Creator of https://t.co/xwtIAI0CuJ newsletter
Luke Jahnke @lukejahnke
3K Followers 6K Following
Gitesh Sharma @glitchedgitz
721 Followers 303 Following Design Develop Hack, Creating Grroxy! @grr0xy
Six2dez @Six2dez1
10K Followers 560 Following Bash lover | https://t.co/UoQ57OTS7f | reconFTW | RT @vismaTrends for United States
You might like
