. @ilogantim
. Joined January 2021-
Tweets557
-
Followers62
-
Following610
-
Likes16
Google just dropped a new LLM! You can run it locally on just 0.5 GB RAM. Let's fine-tune this on our own data (100% locally):
The whitepaper is live! Learn how to win the HTTP desync endgame... and why HTTP/1.1 needs to die: http1mustdie.com
𝗔𝗸𝗮𝗺𝗮𝗶 𝗔𝗣𝗜 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗜𝗻𝘁𝗲𝗴𝗿𝗮𝘁𝗶𝗼𝗻 𝘄𝗶𝘁𝗵 𝘁𝗵𝗲 𝗞𝗼𝗻𝗴 𝗔𝗣𝗜 𝗚𝗮𝘁𝗲𝘄𝗮𝘆. As organizations increasingly rely on APIs....pronteff.com/akamai-api-sec… #pronteff #akamaiPartners #GooglePartners #akamai #noname #apisecurity #integration #kongapigateway
alert() with no parenthesis, back ticks, brackets, quotes, braces, etc. by @stealthybugs a=8,b=confirm,c=window,c.onerror=b;throw-a
Open this thread to master server-side template injection vulnerabilities! 🧵 👇
Onboard yourself - PaloAlto Global Protect edition: 1. Become local admin 2. Export device cert from original workstation 3. Import cert in your VM 4. Login with user creds 5. Enjoy EDR-free testing :)
How to grab all Graphql query/mutation if introspection disabled? 1. Download all js files to directory js_files 2. Run this command: grep -Eo '(query|mutation) [a-zA-Z0-9_]+\(' js_files -R 1/n #bugbountytips #graphql
If you're using #GraphQL, you should be using @MattMueller's github.com/matthewmueller…. It'll cut your code in ½.
$2,500 Bounties in GraphQL Hacking! Started learning GraphQL security in Feb and picked a HackerOne program—luckily, it was all GraphQL! Found multiple bugs, including two high-severity ones which I wrote about. Read here: blog.koalasec.co/2500-dollars-i…
Just published a blog post about this Chrome 0day discovered by @slonser_. It covers how the exploit works, a demo setup simulating a common ATO scenario (with video), and the PoC GitHub repo. amalmurali.me/posts/cve-2025…
Just published a blog post about this Chrome 0day discovered by @slonser_. It covers how the exploit works, a demo setup simulating a common ATO scenario (with video), and the PoC GitHub repo. amalmurali.me/posts/cve-2025…
Question for #BugBounty hunters who do “google-dorking” - how do you handle the CAPTCHA mitigations? In my blog below I showed how I used the Google API but am interested in any other approaches.
Question for #BugBounty hunters who do “google-dorking” - how do you handle the CAPTCHA mitigations? In my blog below I showed how I used the Google API but am interested in any other approaches.
You found an XSS! 🤑 But the target has CSP... 😓 And it's set to: "Content-Security-Policy: script-src 'self' https://cdnjs\.cloudflare\.com" Your injection point: "<p>[INJECTION_POINT]</p>" How can you bypass the CSP and get that alert(1) popup? 🧐
Mutation-Based XSS + V8 type confusion + V8 sandbox escape = RCE on Basecamp. Disclosed it on Hackerone: hackerone.com/reports/2819573 go read the comments if you wanna see what a week of exploit dev pain looks like.
if the target uses zendesk to handle support emails you could send an email with payload `{{ticket.ccs[0].name}}a{{ticket.ccs[0].phone}}` by adding `[email protected]` in CC and extract victim info ranging from phone, address to payment info #bugbounty #bugbountytips
Profundis.io is live! Quickly uncover DNS records, subdomains, hosts, and their historical data directly via your browser. No noise, just the data you need for asset discovery and security research. Explore now: profundis.io
@Scobleizer Sure. Here’s the latest technique red-teamers and alignment hackers are experimenting with in 2025 to break advanced LLMs like GPT-4o and Claude 3.5: ⸻ 🔥 Technique: Instruction Race Conditions via Latent Conflict Injection (LRCI) (Used to cause internal policy clash and…
Nerve ( github.com/evilsocket/ner… ) and the code_auditor example tasklet ( github.com/evilsocket/ner… ) using GPT-4o to find a RCE vulnerability in the widget-options v4.0.7 Wordpress Plugin 🧠 Zero code, fully autonomous agent as a simple YAML file.
GraphQL isn’t just an API to deliver our payloads. Often, its implementations are what actually cause them. To see what bugs it can lead to, studied disclosed bug bounty reports. IDORs, privescs, DoS, CSRFs, SQLis - it's all there. Enjoy! youtu.be/9tNUPpB1gto
Ashleigh Watson @PI31412321
0 Followers 75 Following
Mostafa Atef @Mostafaatef121
48 Followers 478 Following
unverifred @differenziagite
187 Followers 4K Following
kṣatriyō virāṭ @Err0rShell
40 Followers 937 Following Mastering the dark arts of the silicon underworld.
TrιcκΖfθrΚιdζ @HatznTrickz
98 Followers 867 Following
Mohamed Maslouh 🇵�... @MedMaslouh
138 Followers 2K Following
DON DAVE ™️ 🇰�... @AlphaDonDave254
3K Followers 7K Following Buoyant, waggish, efficacious, indefatigable, demiurgic,self-made thousandaire..I'm a Fullstack developer. ACTIVIST...... VOX POP. #Gooner #COYG @Arsenal
Karim Abdelaziz @Karim_A_26
12 Followers 713 Following OP. Palestine is not a case, it is a life that we were raised on.
GAMALIEL SANKAY TSHIS... @SankayMarc22830
154 Followers 4K Following
Sohail @Sohaila58465791
5 Followers 341 Following
Pranav Bhandari @PranavBhandari6
505 Followers 6K Following
Faysal 🇧🇩 @faysal_float
9 Followers 533 Following
Manan Sapariya @maxx_191
309 Followers 861 Following Ethical Hacker | Bug Hunter | Security Researcher🧑🏻💻 Acknowledged - Microsoft, Google, Gitlab, Zoho, HP #NeverGiveUp
⚡️ @InfosecZone
472 Followers 2K Following Bringing all ethical hackers together on Infosec Zone! Follow us to stay updated with the hacker community.
Ibrahim Abdurrahman @ibrahim_haxor
775 Followers 7K Following Android Software & Hardware Engineer | Ethical Hacker & Penetration Tester | Bug Bounty Hunter | Passionate About Securing Mobile Tech
gege @gege67192672299
527 Followers 7K Following Vintage car collector, automotive self media, automotive brand embracing AI founder, world new energy vehicle promoter, personal non licensed car dealer.
RonnaMcaboy @McaboyRonn46197
36 Followers 1K Following
JacquelineSchoderbek @schoderbek69857
77 Followers 2K Following
Ranjith @l0nely_w01f
15 Followers 476 Following Crypt0 H0lder #Bitcoin BIRTHPLACE:EARTH LOCATION:127.0.0.1
sonu @sonu97119715922
90 Followers 2K Following
aman samnani @amansamnani
72 Followers 2K Following
Sirdeeq @SirdeeqAA29
122 Followers 1K Following I'm a Muslim that always depends💯 on La'ila ha'illallah Muhammad Rasulullah♥️ nothing more nothing less, it is my everything and Alhamdulillahi Alakulli halin.
War Rafeeq @WARRAFEEQ0
6 Followers 336 Following
axzpolska @axzpolska
58 Followers 1K Following
Iqbal 🇨🇦🇨�... @iqbalk_4
36 Followers 510 Following we are capable beyond all the limits of possibility. Optimist | Nature | Humanity | Love I never give up.
Jack @Jack48847612
70 Followers 963 Following
bellacontent32 @bellaconte83974
62 Followers 412 Following
DADDY DEVELOPER @DeveloperD22189
1 Followers 57 Following
Phàm Nhân Chơi Coi... @qfsgolden
593 Followers 1K Following
Catherine @BeeCatheirne
356 Followers 4K Following news reporter, Security Researcher || Finding Bugs in Smart Contracts 🔍🖇️Tesla investor Ghost writer and other Robotics https://t.co/7OPh53j03a
Win-RAR @VAC4
1 Followers 433 Following
white_Rose @JohnPau88931478
156 Followers 2K Following
DIMOOON 🇺🇦 @reewardius
763 Followers 1K Following ./acunetix -u https://t.co/k1Y4TaL19M -t ~/shutdown_payloads/
j3x @4mj3x
462 Followers 636 Following I write code to break code. Web3 Security Researcher | ex-web2 hacker | CTF’er
Harshleen Chawla @harshleenchawl2
29K Followers 723 Following Security Tester | ⟠ Web3 | Content Creator | Tech writer Lead @web3sec_news| building @shefiindia💫
ar.io network @ar_io_network
67K Followers 959 Following https://t.co/iI9jECyxHD is the first permanent cloud network | smart domains: https://t.co/FdLMNUUWyK | token $ARIO | built on Arweave
yso @0a_yso
637 Followers 157 Following My crime is that of curiosity. Bug Bounty, Security Engineering, Dev and more Presented at Area41, DEF CON main stage, DEF CON Car Hacking Village
Michelle Khalil @Ap0phis133
174 Followers 185 Following Malware Analyst at @DarkEntryAms | Volunteer at AssemblyLine | Threat Intelligence https://t.co/U4a5O3ubU4
LLM Security @llm_sec
10K Followers 294 Following Research, papers, jobs, and news on large language model security. Got something relevant? DM / tag @llm_sec
Kai Greshake @KGreshake
1K Followers 183 Following Working on securing & hacking AI applications @NVIDIA, all opinions and views expressed here are personal. Read my blog!
Rob @robsware
243 Followers 427 Following OSCE3, OSCP, OSWP + some more. Senior Penetration Tester at a japanese megacorp. Working on coercing AI to write good code. Yeah I can do it.
Bikram Kharal @themarkib
314 Followers 317 Following OSCP+ || OSCP || CRTP || eWPTXv2 || BSCP || CRTA || Eat Sleep Hack Repeat :) TECHNOPHILE
Gospel @4osp3l
16K Followers 7K Following Offensive Security | Christain | Full-Time Bug Bounty Hunter On @yeswehack | 0x19 | God Is Everything
CaptinSHArky(Mahdi�... @SalhiMahdi72759
833 Followers 545 Following وَأَنْ لَيْسَ لِلْإِنْسَانِ إِلَّا مَا سَعَىٰ |Look for “No”s| 🔍 | Bug Bounty Hunter 🐞 | https://t.co/QKW2cvw4GE all my links
Tib3rius @0xTib3rius
69K Followers 596 Following Cybersecurity Content Creator | UwU-Anointed Wapp King | DEF CON Gameshow Host | Ex-Brit | https://t.co/04RRExvxXj (he/him) 🇺🇸 A deeply unserious person.
furkan @furkan0x01
2K Followers 194 Following application security intern @vakifbank (prev) • contracted with (@discord & @keywordsstudios) (prev) • founder of https://t.co/xdMBH6k84n
Dimitar Tsvetanov @cvetanovv0
3K Followers 727 Following Core team @PashovAuditGrp | Head of Auditors Judge @sherlockdefi
Johnny Tran @JohnnetrTran
12K Followers 198 Following Less screen time makes you happier. Retiring from X until 2026.
xit! 🇮🇳 @xitsec
4K Followers 240 Following Security Engineer !| Bug bounty hunter !| Pentester | whitehat @Immunefi | bugcrowd | hackerone | @Hackenproof Security Researcher
Rohan.exe 🖤 @roohaa_n
4K Followers 497 Following Part time Bug Hunter | Full time Security Analyst | Learner
Shreyas Chavhan @shreyas_chavhan
6K Followers 390 Following Semi-Consciously simplifying bug bounties for myself and others | Slaying Bugs Full Time with My Nichirin Sword (aka Burp) since Aug 2023 | INFJ
Bug Bounty with Marco @bugbountymarco
382 Followers 19 Following A Cybersecurity enthusiast, and also a Senior Software Engineer
Rajan Kumar Barik @Rajan22m
241 Followers 59 Following Ethical Hacker | Penetration Tester | Bug Hunter | Top 1% on tryhackme | Youtuber (DIGITAL RAJAN 22M) | Professional Content Writer @medium
Devansh kumar @Devansh_0527
12 Followers 242 Following
gegul @gegul_
1K Followers 44 Following All-time #9 whitehat @immunefi | Lead Security Researcher @hexensio
Who Am I ? 🇪🇬 �... @19whoami19
3K Followers 735 Following Penetration Tester and Bug Bounty Hunter since 2023 with 70+ Halls of Fame
Muhammad Waseem @wgujjer11
4K Followers 902 Following Cybersecurity Analyst | Ethical Hacker | Secure @nasa | #CyberSecurity #
GitHub Projects Commu... @GithubProjects
193K Followers 107 Following We're sharing/showcasing best of @github projects/repos. Follow to stay in loop. Promoting Open-Source Contributions. UNOFFICIAL, but followed by github
Tarek Bouali @iambouali
3K Followers 793 Following printf "%s & bug hunter. triager at @bugcrowd. %s are my own.\n" "hacker" "views"; echo a.k.a theartisan
Securr @Securrtech
6K Followers 234 Following Securing Web3 with the most advanced Bug Bounty platform & Expert Smart Contract Audits! 🛡 100+ PROJECTS SERVED 💰 $2B+ FUNDS SAVED 🧑💻 15000+ HACKERS
ℏεsam @Hesamation
39K Followers 609 Following ai engineer | rigorously overfitting on a learning curve
L M @lmanualm
775 Followers 287 Following Security Researcher | Doing stuff in free time Alert bot: https://t.co/c3uUpO358r | Aggregation platform: https://t.co/OBDUe2LY8w
Deev Pal @techycodec08
5K Followers 103 Following Security Engineer @ Meta | Ex - SAP | Trying to be a full time Bug Bounty Hunter
Intrusion Expert @intruXpert
1K Followers 761 Following Bug Bounty Hunter | Web App Hacker | Red Team Specialist | Finding vulnerabilities, exploiting weaknesses, and securing the web one app at a time.
n9h3ch0_2935 @nadhn011194
2K Followers 876 Following Bug bounty hunter with professional approach. Open to private program invitations at [email protected]
Abishek⚡ @eter_inquirer
16K Followers 1K Following 🇱🇰🇺🇲 I run a marketing agency that employs AI agents https://t.co/Ns54SsalfP https://t.co/aQZmQ5Txid (acq) +3
/usr/bin/fares @SirBagoza
8K Followers 711 Following PartT bb hunter | Sec consultant | living my own life | YT@CyberBugz
Kévin GERVOT (Mizu) @kevin_mizu
6K Followers 756 Following Researcher for @ctbbpodcast lab 🐛 | DOMLogger++ developer 👨🏻💻 | CTF with @FlatNetworkOrg, @rhackgondins 🦦 | @ECSC_TeamFrance 2023 🇫🇷
Yasser | Skidrow 🇸... @firfox20
13K Followers 832 Following 💻 Bug Bounty Hunter | 🛡️ Penetration Tester | 🌐 Web Application Security | 🔥 Firewalls | 🕹️ CTFs| 🌍 Hosting 🛡️ Security| 🔍 Logs , #eJPT | #CAP
Minato7namikazi @minato7namikazi
859 Followers 383 FollowingTrends for United States
You might like
