Dmitriy Shagov @dmi3sh
Joined October 2011-
Tweets581
-
Followers2K
-
Following582
-
Likes2K
In November, I submitted a critical bug to Cronos (@cronos_chain) which they downplayed and have since been kicked off Immunefi. Here's some info about the bug and an example of how projects can simply not pay a fair amount. Report: gist.github.com/fatherGoose1/6… tl;dr: - It's a…
•Attack Complexity: High •User Interaction: Required What?!
•Attack Complexity: High •User Interaction: Required What?!
Greetings, everyone! Happy to share that Degoverned.com is transitioning from an invite-only platform to a public alpha.
I am pleased to start offering private audits under the Trust Security label! DMs are open. Would appreciate a RT to reach the large developer ecosystem🙏
Fellow whitehats are being scammed out of their bounties by @O3_Labs. Imo, this requires better attention from both community and @immunefi @MitchellAmador can mediation do something more than just removing O3 from the platform? Are there ways to enforce the mediation decision?
Fellow whitehats are being scammed out of their bounties by @O3_Labs. Imo, this requires better attention from both community and @immunefi @MitchellAmador can mediation do something more than just removing O3 from the platform? Are there ways to enforce the mediation decision?
PayPal has blocked our business account and is holding $1.3M for more than 2 months without explaining what exactly they are not happy with. Even @PayPal support doesn't know what's going on. ⚠️This endangers the production of Flipper Zero in general. More details in thread 1/5
When you see a mobile app in scope for the bounty, do you consider that 1st party server-side APIs are in-scope or not? I'm talking about usual situations where Org owns the app, and the app clearly uses backend APIs developed by this Org (not some 3rd party stuff).
How I stopped hunting on @Hacker0x01 after years because they stole my $50k. #HackerOne #BugBounty medium.com/@skavans_/how-…
Ben Sadeghipour @NahamSec
198K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷
Sam Curry @samwcyo
77K Followers 951 Following Hacker, bug bounty hunter. Run a blog to better explain web application security.
Julien | MrTuxracer �.. @MrTuxracer
30K Followers 417 Following Freelancer | Full-time #BugBounty | @Hacker0x01 H1-Elite & $1,500,000 Hacker | ❤️ IDA Pro
Jason Haddix @Jhaddix
147K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. @arcanuminfosec 18 years hacking + sec leadership. ex:BuddoBot-Ubisoft-Bugcrowd-Fortify-HP-Redspin-Citrix.
Luke Stephens (hakluk.. @hakluke
88K Followers 2K Following Hacker, marketer. I manage socials and produce amazing technical blogs for cybersecurity orgs. Founder of @hacker_content.
Akita 🇦🇷 who Am.. @akita_zen
25K Followers 1K Following Hacker / Zen Monk / Energy Master / Bugbounty Hunter Founder of Nothing - Being Nothing - Silence - NoTime - only Space
LiveOverflow 🔴 @LiveOverflow
142K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio
Tuan Anh Nguyen 🇻�.. @haxor31337
13K Followers 2K Following 28 y/o Bug Bounty Hunter and Red Teamer at Viettel Cyber Security. Brand Ambassador @Hacker0x01 - Researcher Spotlight @Bugcrowd
HackerOne @Hacker0x01
289K Followers 3K Following The only official HackerOne Twitter account. Peace of mind from security's greatest minds. #HackForGood #togetherwehitharder
payloadartist @payloadartist
34K Followers 288 Following Tweeting about Application Security, Hacking, & Cybersecurity • Helped secure organizations like Google • Opinions are my own
Youssef Sammouda (sam.. @samm0uda
32K Followers 430 Following Hacker, bug bounty hunter, guy behind https://t.co/TBAtP71Cop. 1st in Meta bug bounty program for the last 5 years. YES Team Member
Mustafa Can İPEKÇİ @mcipekci
7K Followers 357 Following I'm an engineer from Turkey, who is interested with biotechnology, computer science and digital gaming. Proud father of three little devils. A.K.A nukedx
sw33tLie @sw33tLie
7K Followers 819 Following Hacker and CS student, 23yo. Top 50 @ https://t.co/u2ia5UqJZA https://t.co/ukQXXGMJxT https://t.co/LGYK7tMOGo
Beverlee Sache @bever_sach
67 Followers 5K Following
Juliana Marcou @JulianaMar21188
42 Followers 5K Following
Yun Balfany @balfa_y
65 Followers 5K Following
Кит Синий @Mor_Kit
3 Followers 115 Following
cscfufo @cscfufo
30 Followers 2K Following
Maryanna Keas @KeasMaryan38326
66 Followers 5K Following
K1nz @viet_kien16450
103 Followers 2K Following
Naman Devnani @naman_devnani
338 Followers 6K Following Security Researcher | Purple Team | Bug Hunter | CTF Player | Science & Tech Enthusiast | R&D | All-Source Intelligence | CAP | DCSP | TTIA | BCDE
Dayana Pisicchio @DPisicchio61853
100 Followers 5K Following
Aifos Si Prahs @AifosSi
61 Followers 685 Following
Ocean Quintana @QuintanaOc13075
87 Followers 5K Following
Ashley Ziminski @AshleyZimi25019
32 Followers 5K Following
Tessa Maccord @TessMaccor
71 Followers 5K Following
Rafiqul Islam @RafiqulIsl86480
47 Followers 1K Following I am programmer. Design website & development 🇧🇩🇧🇩
Security Talent @Securi3yTalent
334 Followers 2K Following javascript Developer And Cyber Security Experts
Hubert @HubertMok
1 Followers 20 Following
Parveen Suthar @Parveen84371475
1 Followers 58 Following
13_Aubrey @13Aubrey189518
1 Followers 432 Following
Brandi Johnson @BrandiJohn67761
67 Followers 3K Following
Emerson Serrano @EmersonSer20186
74 Followers 3K Following
Jynno @Jynno1337
79 Followers 440 Following
Asif Saifi @Asifget1
31 Followers 922 Following
Arthur_HMSouza @AHmsouza
296 Followers 5K Following
Ashley Brown @AshleyBrow90456
112 Followers 3K Following
nadakuditi gopikrishn.. @ngkvsngk
10 Followers 128 Following
Aman @Aman__Dhurve
0 Followers 70 Following
luiz carlos @luixc78
65 Followers 1K Following
MoStackito @dynohackula
225 Followers 3K Following 🐻/ 🐼 “A man yelling at computers.” "... my trust in Technology is limited." founder of 🍑.js 😜 #100DaysOfCode
Kumar Anshuman @Anshuman9187
3 Followers 452 Following
Cyber Mutt @MalwareMutt
153 Followers 719 Following Im new to this cyber thing. Ex-leo, Ex-Mil dad adopted me and drags me to work with him everyday. #DFIRs my jam.
Jagan @bankai_X_zoro
45 Followers 658 Following
fathergr @annabelle_1886
37 Followers 3K Following
Ben Sadeghipour @NahamSec
198K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷
Sam Curry @samwcyo
77K Followers 951 Following Hacker, bug bounty hunter. Run a blog to better explain web application security.
Nathaniel @nnwakelam
38K Followers 1K Following
Corben Leo @hacker_
68K Followers 660 Following I hack stuff (legally) | Jesus follower | Co-founder @boringmattress
Julien | MrTuxracer �.. @MrTuxracer
30K Followers 417 Following Freelancer | Full-time #BugBounty | @Hacker0x01 H1-Elite & $1,500,000 Hacker | ❤️ IDA Pro
bugcrowd @Bugcrowd
161K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™
Jason Haddix @Jhaddix
147K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. @arcanuminfosec 18 years hacking + sec leadership. ex:BuddoBot-Ubisoft-Bugcrowd-Fortify-HP-Redspin-Citrix.
shubs @infosec_au
50K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnote
Akita 🇦🇷 who Am.. @akita_zen
25K Followers 1K Following Hacker / Zen Monk / Energy Master / Bugbounty Hunter Founder of Nothing - Being Nothing - Silence - NoTime - only Space
LiveOverflow 🔴 @LiveOverflow
142K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio
Yassine Aboukir 🐐 @Yassineaboukir
26K Followers 338 Following HackerOne Top 20, Pentest Lead, Ambassador, MVH Title and Hacker Advisory Board • Digital Nomad • Aspiring Athlete.
Nicolas Krassas @Dinosn
122K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
HackerOne @Hacker0x01
289K Followers 3K Following The only official HackerOne Twitter account. Peace of mind from security's greatest minds. #HackForGood #togetherwehitharder
payloadartist @payloadartist
34K Followers 288 Following Tweeting about Application Security, Hacking, & Cybersecurity • Helped secure organizations like Google • Opinions are my own
Inti De Ceukelaire @securinti
29K Followers 387 Following Hacker | @intidc (Dutch) | Chief Hacker Officer @intigriti
Jobert Abma @jobertabma
42K Followers 753 Following I tweet about security and my experience as a hacker. Co-founder of HackerOne (@Hacker0x01).
Youssef Sammouda (sam.. @samm0uda
32K Followers 430 Following Hacker, bug bounty hunter, guy behind https://t.co/TBAtP71Cop. 1st in Meta bug bounty program for the last 5 years. YES Team Member
Gareth Heyes \u2028 @garethheyes
32K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5
Guido Vranken @GuidoVranken
5K Followers 514 Following Software security and fuzzing. Contact: [email protected]
Stat Arb @quant_arb
41K Followers 1K Following Crypto HFT/MFT QR | DMs open 📥 (plz no essays) | @QuantitativeArb | Views my own. Not financial advice.
Brainiac @shealtielanz
1K Followers 323 Following Disambiguation of web3 Security | Talented SR & Vulnerability Exploiter
Cantina 🪐 @cantinaxyz
10K Followers 2 Following Your one-stop shop for the highest caliber of Web3 security talent. Book a competition @ https://t.co/UGMSesXryV (incubated by @SpearbitDAO)
Quoll Finance @QuollFinance
28K Followers 169 Following A multichain yield hub. Powered by @WombatExchange and @BNBCHAIN. Telegram: https://t.co/Rk4Z5masM1. Quoll is live on Arbitrum💙🧡
Tal Kol @koltal
3K Followers 144 Following Founder at https://t.co/cH1kjZXM1Z | Ambassador at https://t.co/ReljwZtkrK | https://t.co/qAJY1nX73f | React fan | Ex head of https://t.co/5BiEb74TF7 mobile engineering
Alex Sotirov @alexsotirov
15K Followers 250 Following Co-founder and CTO at Trail of Bits, Inc. Occasional rockstar.
Dmitry Nedospasov @nedos
6K Followers 296 Following Founder of @advsecio, @toothlessco and @walletfail. Working on @recoverytag. We audit wallets as @keylabsio. PhD in hardware security.
Security Alliance @_SEAL_Org
6K Followers 72 Following Securing the future of crypto | Cover art by @yueko__
asymmetric research @asymmetric_re
1K Followers 0 Following Enabling secure innovation. Join us: https://t.co/s1nvQoWoBC
Kei0x @Kei0x
8K Followers 512 Following Founder @ AIKOCorp. Infosec/AI. Weeb Exploit Developer. Perpetually Tired. Follow requests generally ignored unless you radiate The Vibe
π* | ¤ @totlsota
6K Followers 1K Following {quant trading, defi, hft, ml} perma-learning in high-dim space trading on-chain @ https://t.co/uc7Jk1mDjH
Boris Larin @oct0xor
17K Followers 518 Following Former console hacker (PS3/PS4). Hunting in the wild 0-days at Kaspersky GReAT. All tweets are my own.
Authic Labs | Next-ge.. @authic_io
2K Followers 815 Following Unlock the power of Web3 🌟 - Create lifelong communities 👉🏻 - Unique Loyalty programs powered by Web3 📈 - Boost engagement Curious? Book a Demo now👇🏻
Ian Carroll @iangcarroll
9K Followers 1K Following Founder at @SeatsAero. Travel/points, application security, security research, etc.
Alex @wadeAlexC
2K Followers 318 Following Oolong maximalist. Bureaucracy minimalist. Breaking things @eigenlayer | Prev: breaking things @ConsenSysAudits and @EtherealVC
Pop Punk @PopPunkOnChain
23K Followers 250 Following co-founder of @gasliteGG // wassie in residence @g8_keep // the cheapest airdrop tool https://t.co/T919t1We7l
Mikko Ohtamaa @moo9000
18K Followers 12K Following Co-founder at @tradingprotocol. Don't trust, verify. Open source, information security, human rights and cryptocurrency enthusiastic since 1995.
Slick Swap @SlickSwapBot
96 Followers 188 Following Slick Swap is a trading app which can be accessed via Telegram for the most simple (and slickest) trading experience on the market today.
Blast @Blast_L2
628K Followers 133 Following The L2 with native yield. Discord: https://t.co/oWuqLcC1c0
ADOUZ1E @ADOUZiE
4K Followers 476 Following @PUBG partner and IGL for @BetBoomTeam. Business inquires : [email protected]
I am d3d (dead, мё�.. @deadvolvo
2K Followers 154 Following Security Researcher - Founder of Malicious Group Research - Synack Red Team Operator - DoD researcher of the year 2022 - Top 10 web attacks in 2023 - CRTO
Evgeniy Danilenko @EugeneDVV
2K Followers 5K Following core Blockchain development in @FantomFDN, ex @0xPolygon PoS+Edge, @ErigonEth @ADDxco, @ethstatus, #lazada
gmhacker.eth @realgmhacker
4K Followers 459 Following aerospace engineer 🚀 Head of Security @immunefi 🪲 Teaching Advanced Solidity at @RareSkills_io 😎 views are my own
Thomas Millar @thmsmlr
8K Followers 1K Following Follow me for more Elixir in your feed instructor_ex ⬩ https://t.co/lQneGN7LAy ⬩ https://t.co/qziuESZ7hd
Offside Labs @Offside_Labs
1K Followers 22 Following 🚀 Web3 Security pioneers | Expert security auditors & consultants | Guarded $300M+ in digital assets | @Paradigm CTF 2023 Champion 🥇 | https://t.co/wH0uG4O3Mk
lcamtuf (@lcamtuf@inf.. @lcamtuf
35K Followers 494 Following Homepage: https://t.co/iFAXZxCO5H Substack: https://t.co/yFvmNisGW3
CODE WHITE GmbH @codewhitesec
6K Followers 41 Following Red Teaming. Security Research. Continuous Penetration Testing. Threat Intelligence.
sudo rm -rf --no-pres.. @pcaversaccio
16K Followers 374 Following 𝐖𝐨𝐫𝐤𝐢𝐧𝐠 𝐨𝐧 𝐰𝐡𝐚𝐭'𝐬 𝐧𝐞𝐱𝐭. ꟼGꟼ: 063E 966C 93AB 4356 492F E032 7C3B 4B4B 7725 111F
Igor Igamberdiev @FrankResearcher
53K Followers 32 Following Head of Research at @wintermute_t, Research Collaborator at @paradigm, ex @TheBlock__ 𝝪(𝞂ₜ, 𝝩) → 𝞂ₜ₊₁ Views are my own
MevRefund @MevRefund
7K Followers 38 Following MEV searcher (mid-tier), whitehat, blockchain surveyor
unexployed WIP @unexployed_
1K Followers 426 Following @castle__cap 🏰 in it for the long haul gs fgc
⭕️ Carlos👌🏼.. @Carlos_ROcelote
427K Followers 1K Following Carlos ROdriguez 31/44 | K1ng of Gaming | The Circle ⭕️ | @FarcanaOfficial | From Cancelled to Billionaire | Forbes 30 under 30 | IG @oceloteWorld 👁️⃤
Shiba Saga @Shibasagaio
19K Followers 33 Following $SHIA 🐾 | King of Crypto | Meme X Utility | MUCH WOW | Download Shiba Crush NOW🍣 | https://t.co/TADZ9orgpo
ok this is some god-level copium for not building shit
Just a reminder that GDP stands for "Gross" Domestic Product. The future maintenance of these projects will be insane and ultimately destroy what little remains of China's growth story.
Race Condition Authentication Bypass leading to Full Account Takeover: medium.com/@keizobugbount…
Proud to present my first startup ⭐️: 👉🏻hackforfree👈🏻 At hackforfree we offer a platform for VDPs ONLY. We make money with yearly subscriptions and a pool of talented researchers from all over the world will submit vulnerabilities ❤️ make the world a safer place, for free
Today we are finding all contracts in a given chain that have `_burn` function "mistakenly" set as public without any modifiers or requirements, allowing unrestricted access:
🎁 Source Code Disclosure in IIS 10.0! Almost. There is a method to reveal the source code of some .NET apps. Here's how it works. 👉 swarm.ptsecurity.com/source-code-di…
when crypto people tell you to come to their "rave"
@NahamSec i am seeing more and more people ditch burp for caido.... you listening @PortSwigger ? Burp 1.7.37 was the best version you released...
COUNTER STRIKE 😂
Imagine hiding here and killing everyone in CS2 😭
Generalized frontrunners really stepping up their game. 0xa19 stitches together calls from 2 separate txs in different blocks to walk away with $188K. etherscan.io/tx/0xdcf4e70a6…
Check out our new blog post! We hacked into Apple Travel Portal (yes, again!) using a 0-day Remote Code Execution exploit. Part 1 is live now, stay tuned for the follow-up on another RCE worth a total bounty of $40k! blog.projectdiscovery.io/hello-lucee-le…
New blog post: Ethereum Log Confusion in Polygon's Heimdall. A critical vulnerability in Polygon PoS that could have allowed a rogue validator to take over the Heimdall consensus layer, putting over $2B of crypto assets in the PoS bridge at risk. asymmetric.re/blog/polygon-l…
<script> speechSynthesis.speak(new SpeechSynthesisUtterance("didn't know this existed")) </script>
As the weekend approaches here's some more material to assist those competing in the @Blast_L2 competition Provided below are diagrams by Blast for: • Deposits & Withdrawals (OP Bridge) • Accounting (Yield Managers / Providers) Full details in the link provided below 🪐
Some notes for those of you participating in the @Blast_L2 contest on @cantinaxyz. gist.github.com/MiloTruck/c04f… May the bugs be ever in your favor.
Atlassian Confluence Remote Code Execution through OGNL Injection. CVE-2023-22527 #atlassian #bugbounty #hacking #pentest #confluence
Today I threw up a dozen times Blood, hazy mind, squirming in bed till 6pm All I could think about in gaps of consciousness was to find a missing SPF record to report You need to be at this level of obsession to win
The PNDC MEV contract has been verified on Etherscan. etherscan.io/address/0x4a21… As promised, here's exactly how this was used to profit 20 ETH this morning: gas bad 1. Python script watches usesLeftForSpawn and starts submitting flashbot bundles when the amount left goes below…
How to make money for a long time as an automated trading team/ trader (get the max rewards possible through time) Once you have a profitable strategy, it has a gravity and demands that you exploit it to make the most money possible. This is a happy time. 1/n ...
Never really liked how aave rounds "half up", imo it just makes it harder to analyze and you always want to be explicit in your rounding direction. Admittely, compound v2 also has this issue but at least there it's more obvious that the code is wrong 😅
Today's hack on @RDNTCapital results in the loss of 1.9k eth (~$4.5m). The root cause is not new: It basically exploits a time window when a new market is activated in a lending market (forked from the popular Compound/Aave). The exploitation also relies on a known rounding…
Trends for United States
You might like
