-
Tweets23
-
Followers1K
-
Following252
-
Likes221
An Trinh retweeted
Wormable Substack XSS: blog.calif.io/p/wormable-sub… It must have been years since the last time a wormable XSS was found in a major social media website. This beautiful type confusion XSS attack vector is a gift that keeps on giving. But most of all, @samykamkar is our hero!
Wormable Substack XSS: blog.calif.io/p/wormable-sub… It must have been years since the last time a wormable XSS was found in a major social media website. This beautiful type confusion XSS attack vector is a gift that keeps on giving. But most of all, @samykamkar is our hero!
0
10
30
14K
10
An Trinh retweeted
Type confusion attacks in ProseMirror editors blog.calif.io/p/type-confusi…
An Trinh retweeted
New blog post: in a recent engagement, we turned a simple XSRF in Argo CD to a shell with cluster admin privileges. No fix is available. We recommend hosting Argo CD on an isolated domain. Details: blog.calif.io/p/argo-cd-csrf
An Trinh retweeted
In a recent engagement, we encountered a target running CraftCMS, and discovered a Remote Code Execution vulnerability that allowed us to compromise the target. blog.calif.io/p/craftcms-rce CC @yeuchimse
An Trinh retweeted
Calif: Redash SAML Authentication Bypass blog.calif.io/p/redash-saml-…
An Trinh retweeted
Calif Inc: Privilege escalation in AWS Elastic Kubernetes Service blog.calif.io/p/privilege-es…
Great work Khoa! Neat trick exploiting the content handler feature. Always love the feeling a research being appreciated and more research made.
Great work Khoa! Neat trick exploiting the content handler feature. Always love the feeling a research being appreciated and more research made.
Great usage of the xpath attack vector in xmlsec. A powerful deserialization bug and an ssrf in the public interface to break yet another SSO product. Beautiful stuff!
Great usage of the xpath attack vector in xmlsec. A powerful deserialization bug and an ssrf in the public interface to break yet another SSO product. Beautiful stuff!
An attack vector in xmlsec and exploiting it on PingFederate. blog.tint0.com/2021/09/pingin…
I made some research on Java remote protocols i.blackhat.com/eu-19/Wednesda…
At least one potential RCE in every instance of Zimbra. blog.tint0.com/2019/03/a-saga…
An extension on the recent Richfaces 4.x 0-day CVE-2018-12532. Thanks a ton @mwulftange for the research :) tint0.com/when-el-inject…
Tuan Anh Nguyen⚡️... @haxor31337
15K Followers 2K Following 29 y/o Bug Bounty Hunter and Red Teamer at Viettel Cyber Security. Brand Ambassador @Hacker0x01 - Researcher Spotlight @Bugcrowd
pyn3rd @pyn3rd
14K Followers 608 Following Security Researcher&Red Team&Cloud Security. BlackHat&HITB&CanSecWest Speaker.
Pham Khanh @rskvp93
2K Followers 339 Following Security Engineer at @calif_io. Winner of Pwn2own Vancouver 2021, Torento 2022, Vancouver 2023. MSRC top 100 2019, 2020, 2021.
frycos @frycos
4K Followers 518 Following Private account! Red teamer @codewhitesec. @[email protected] @frycos.bsky.social
Nathaniel @nnwakelam
41K Followers 919 Following
LamScun @LamScun
2K Followers 805 Following Researcher of mobile and web security issues. It's safer in the forest than on the internet.
Youssef Sammouda (sam... @samm0uda
37K Followers 530 Following Hacker, bug bounty hunter, guy behind https://t.co/TBAtP71Cop. 1st in Meta bug bounty program for the last 6 years. YES Team Member
Alvaro Muñoz @pwntester
13K Followers 514 Following Security Researcher with @XBOW. CTF #int3pids. Opinions here are mine! bluesky: https://t.co/9HRRzpBECt
Nguyen Xuan Hoang @hoangnx99
690 Followers 129 Following Security Researcher at @vcslab Chief Finance Officer of @u0Kplusplus
Nguyễn Trường S�... @Imagicognito
0 Followers 109 Following
Thinh Dang @Thinh1777
0 Followers 68 Following
Hang Nguyen @hangnm107
21 Followers 586 Following
0x0Asif🇧🇩 @0x0asif
5K Followers 875 Following Security Researcher aka Bug Bounty Hunter | HackerOne|BugCrowd|Yogosha #bugbounty #whitehathacker || Follow me on social media @0x0asif
q @q0439083356750
0 Followers 52 Following
Lee @leecybersec
13 Followers 37 Following
Fleta Stokes @FletaStoke96194
26 Followers 2K Following
Ivan Fratric 💙💛 @ifsecure
18K Followers 207 Following Security researcher at Google Project Zero. Author: Jackalope, TinyInst, WinAFL, Domato. PhD. Tweets are my own. Backup @[email protected]
joker community @itachi_hayi
1 Followers 11 Following
HL @HL11734762
23 Followers 165 Following
MinhLan @MinhLan68
49 Followers 304 Following
Derermi @Derermi6659
14 Followers 482 Following
duyvuong @gumgum_03
9 Followers 237 Following
Bao Ngo @b4orvn259
0 Followers 161 Following
Rose Ng @RoseNgzxje
0 Followers 3 Following
Hawk @nullcoder_xd
278 Followers 5K Following 21| Here to explore; no business deals. Shit(re)poster Reply guy Terminally online
Bene @m0lto_bene
18 Followers 125 Following Red Team Operator at @nsideattack. Focus mostly on Malware Dev, Windows, AD, Entra ID and Azure
🐸 𝕕𝕠 𝕞�... @DoMinhDuy7
130 Followers 646 Following it's essential to enjoy the journey and have fun along the way. That's why my motto is to "work hard, play hard" 😎.
Tewthea @TewtheaogO4iWy
39 Followers 849 Following
Ngoc Hau @ngochauvl
24 Followers 255 Following
Jay Nguyen @jaynguyen48
4 Followers 87 Following Creator of Gen Snippets – turn shortcuts into full content fast. Boost productivity on macOS: https://t.co/oSH4nEOVsK. Built in public. Feedback welcome!
HH1 @E0_0E101
2 Followers 152 Following
Nguyễn Thanh D @nguyendam5555
4 Followers 241 Following
Đinh Lăng Nguyễn @dinhlang174
1 Followers 9 Following
Shinobyx @crypticrebel337
24 Followers 1K Following Bug bounty hunter who is a bit inactive on social media, so don't expect too much from me here...
Daniel ☀ @danielmunoz
884 Followers 8K Following Persona humana, desarrollador de software, promotor de accesibilidad, miembro de @KipuLlaxta. Nacido en España, residente en Perú. Bético de por vida 💚🤍💚
Rearvee @Rearvee409
41 Followers 1K Following
Brian Cao @V1_C40
0 Followers 177 Following
Lê Quốc Cường @static_void_lqc
1 Followers 73 Following
Sardesheau @SardesheauxJUo
32 Followers 786 Following
Beomsoo Kim @gimbeomsu271393
6 Followers 207 Following
shubs @infosec_au
56K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnote
Sam Curry @samwcyo
98K Followers 1K Following
pyn3rd @pyn3rd
14K Followers 608 Following Security Researcher&Red Team&Cloud Security. BlackHat&HITB&CanSecWest Speaker.
Gareth Heyes \u2028 @garethheyes
37K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5
Pham Khanh @rskvp93
2K Followers 339 Following Security Engineer at @calif_io. Winner of Pwn2own Vancouver 2021, Torento 2022, Vancouver 2023. MSRC top 100 2019, 2020, 2021.
[email protected]... @0xdea
14K Followers 20 Following When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
PortSwigger Research @PortSwiggerRes
112K Followers 7 Following Web security research from the team at @PortSwigger
Nicolas Grégoire @Agarri_FR
27K Followers 631 Following Web hacker and Burp Suite Pro trainer Refer to https://t.co/D5tRH7U2hg for trainings Follow @MasteringBurp for free tips and tricks
Ptrace Security GmbH @ptracesecurity
58K Followers 867 Following Empowering IT Security Professionals through Hands-On Online Courses.
VCSLab @vcslab
3K Followers 26 Following This is the Twitter channel of VCSLab - the research team of Viettel Cyber Security
Nathaniel @nnwakelam
41K Followers 919 Following
James Kettle @albinowax
79K Followers 94 Following Director of Research at @PortSwigger aka @Burp_Suite. Find my research, tools & contact details at https://t.co/vP6UbGmvl3
Synacktiv @Synacktiv
20K Followers 271 Following Offensive security company. Dojo of many ninjas. Red teaming, reverse engineering, vuln research, dev of security tools and incident response.
Soroush Dalili @irsdl
20K Followers 912 Following Hacker (ethical), web appsec specialist, trainer, tools builder & apps breaker, @SecProjectLtd founder 🕸️https://t.co/YipuTcYnWc🥷 🍏A dad-joke maker🍐
Alvaro Muñoz @pwntester
13K Followers 514 Following Security Researcher with @XBOW. CTF #int3pids. Opinions here are mine! bluesky: https://t.co/9HRRzpBECt
Horizon3 Attack Team @Horizon3Attack
12K Followers 56 Following @Horizon3ai Attack Team | Security Research | Exploit Dev | TTPs
Team Atlanta @TeamAtlanta24
703 Followers 26 Following 🔥AIxCC Winner Team | Georgia Tech, Samsung Research, KAIST, POSTECH | 🚀Building next-gen AI-driven bug finding & fixing systems | CRS Atlantis 🌊
Tim Becker @tjbecker_
2K Followers 349 Following Security Researcher at @theori_io. Flag capturer at @PlaidCTF. Cryptography enjoyer.
Simon Willison @simonw
117K Followers 6K Following Creator @datasetteproj, co-creator Django. PSF board. Hangs out with @natbat. He/Him. Mastodon: https://t.co/t0MrmnJW0K Bsky: https://t.co/OnWIyhX4CH
Jann Horn - jann@info... @tehjh
16K Followers 229 Following occasional human borrow checker; works at Google Project Zero; personal account; mastodon: [email protected]
Alexandr Wang @alexandr_wang
333K Followers 838 Following chief ai officer @meta, founder @scale_ai. rational in the fullness of time
Dang (midas) Le @_lkmidas
1K Followers 188 Following PhD Student in Computer Science at @NorthwesternU | Member of @42_b3yond_6ug | System & Software Security
Brendan Dolan-Gavitt @moyix
30K Followers 6K Following Building offsec agents: https://t.co/G9EtnC2Gl3 PGP https://t.co/3WXr0RfRkv
Nico Waisman @nicowaisman
13K Followers 951 Following Head of Security at @XBOW. Former CISO @Lyft. Binary entomologist
XBOW @Xbow
10K Followers 6 Following Bringing AI to offensive security by autonomously finding and exploiting web vulnerabilities. Watch XBOW hack things: https://t.co/D5Mco1u8zM
skull @brutecat
3K Followers 225 Following hacker, security researcher. i run a blog @ https://t.co/cBW6gzTpV2
HTTP Toolkit @HttpToolkit
3K Followers 354 Following Beautiful open-source tools to debug, test & develop with HTTP. 👨🔧 Built by @pimterry 🦣 https://t.co/8DW87wpAYw 🦋 https://t.co/E4x3L3UoNM
tlk @tlk___
798 Followers 1K Following
LaurieWired @lauriewired
106K Followers 285 Following researcher @google; serial complexity unpacker; https://t.co/Vl1seeNgYK ex @ msft & aerospace
Phan Thanh Duy 🇻�... @PTDuy
1K Followers 688 Following https://t.co/3ErsOXnHtJ | https://t.co/YffDAg1BZe
R. Hill @gorhill
10K Followers 112 Following
SEKTOR7 Institute @SEKTOR7net
15K Followers 346 Following Homo Aptus. Vincit qui se vincit - Publilius Syrus. Consulting, Training, Technology, Cyber domain, and more... @x33fcon founder.
HackerQuan @quanyang
894 Followers 605 Following I play CTFs with https://t.co/fBH6L5ww04. Views are my own and do not reflect those of my past or present employers.
Aliz (they/them pls) @AlizTheHax0r
1K Followers 1K Following Also https://t.co/Aq1HjG2fFq +same at bluesky. Curiosity/divergence/general hackery. Quite trans. they/them. Nonbinary, happily married.
Mav Levin @MavLevin
3K Followers 865 Following Ethical hacker building the future of software & AI security. My path: Unit 8200 → Stanford → Trail of Bits → Anthropic → @depthfirstlabs
Bishop Fox @bishopfox
26K Followers 4K Following A leading provider of #offensivesecurity solutions & contributor to the #infosec community. #pentesting #hacking VC @forgepointcap @carrickcapital @WestCap8
Compass Security @compasssecurity
3K Followers 111 Following Penetration Testing, Red Teaming, Incident Response, Bug Bounty, Security Training, Cyber Range
LLM Security @llm_sec
10K Followers 294 Following Research, papers, jobs, and news on large language model security. Got something relevant? DM / tag @llm_sec
Internal Tech Emails @TechEmails
583K Followers 881 Following Internal tech industry emails that surface in public records. 🔍
Chuong Dong @cPeterr
5K Followers 705 Following MSTIC RE @Microsoft | Ex FLARE RE @Mandiant | @CuratedIntel
Michael Gillespie @demonslay335
37K Followers 66 Following Loves cats, bunnies, and coding. #Ransomware Hunter. Creator of the service ID Ransomware. Views expressed are my own.
Ivan Fratric 💙💛 @ifsecure
18K Followers 207 Following Security researcher at Google Project Zero. Author: Jackalope, TinyInst, WinAFL, Domato. PhD. Tweets are my own. Backup @[email protected]
DARPA @DARPA
270K Followers 394 Following Official account of the Defense Advanced Research Projects Agency. Follows/retweets/links do not = endorsement. Breakthrough technologies for national security.
NetSPI @NetSPI
4K Followers 540 Following The Proactive Security Solution | Securing the most trusted brands on Earth #PenetrationTesting #proactivesecurity
Chris Thompson @retBandit
7K Followers 871 Following CEO, RemoteThreat, Head of Red team @ IBM X-Force, Black Hat Review Board. Founder and co-organizer of Offensive AI Con. inveni et usurpa
jswzl @WeaselJs
1K Followers 1 Following jswzl helps make web application testing easier with static analysis, making it easier to audit JS code and do your recon/mapping
asymmetric research @asymmetric_re
4K Followers 0 Following Enabling secure innovation. Join us: https://t.co/q0zD93M8Aa
Mullvad.net @mullvadnet
48K Followers 1 Following A fast, trustworthy, and easy-to-use VPN is a good first step toward reclaiming your privacy. Just €5/month. // Need help? Email [email protected]
Boris Larin @oct0xor
18K Followers 657 Following Former console hacker (PS3/PS4). Hunting in the wild 0-days at Kaspersky GReAT. All tweets are my own.
Trail of Bits @trailofbits
35K Followers 256 Following We help secure the world’s most targeted organizations and products. We combine security research with an attacker mentality to reduce risk and fortify code.
mdowd @mdowd
32K Followers 746 Following Internet Hacker. Founder of @vigilant_labs. Previously, co-founder of Azimuth Security (now L3Harris Trenchant)
Youstin @iustinBB
4K Followers 347 Following Bug Bounty https://t.co/zHVPVuGKCf https://t.co/yOdrIW1G71
Charlie Eriksen @CharlieEriksen
2K Followers 344 Following Security Researcher @AikidoSecurity. Founder @weaseljs. Previously @SecCodeWarrior, co-founder at Adversaryio & Principal Security Engineer/Partner @thesyndis
Caido @CaidoIO
10K Followers 33 Following
CISA Cyber @CISACyber
286K Followers 72 Following Part of @CISAgov, we respond to major incidents, analyze threats, and exchange critical cybersecurity information with partners around the world.Trends for United States
10,6 B posts
7.305 posts
32,3 B posts
8.925 posts
65,4 B posts
20,4 B posts
5.476 posts
10,9 B posts
14,9 B posts
8.154 posts
8.419 posts
7.924 posts
12,7 B posts
1.182 posts
63,2 B posts
14 B posts
22,2 B posts
57,7 B posts
You might like
starlabs
@starlabs_sg
9K Followers
Janggggg
@testanull
9K Followers
Calif
@calif_io
1K Followers
Lan Vu
@lanleft_
1K Followers
Bien 🇻🇳
@bienpnn
4K Followers
Đào Trọng Nghĩa
@nghiadt1098
2K Followers
Pham Khanh
@rskvp93
2K Followers
Thach Nguyen Hoang �...
@hi_im_d4rkn3ss
3K Followers
frycos
@frycos
4K Followers
peterjson
@peterjson
3K Followers
Lê Hữu Quang Linh ...
@linhlhq
3K Followers
pyn3rd
@pyn3rd
14K Followers
Thanh Do @nyaacate@in...
@nyanctl
724 Followers
Source Incite
@sourceincite
3K Followers
Michael Stepankin
@artsploit
7K Followers