Ishfaq Fariq @ishfaq_fariq
Cybersecurity Engineer| Frontend Developer | Application Security Engineer | Red Teamer | Software Engineer | ishfaqfariq.github.io Rawalpindi, Pakistan Joined March 2020-
Tweets5K
-
Followers161
-
Following2K
-
Likes6K
To celebrate our badge launch, we're giving away FIVE free 6-month licenses to @PentesterLab. ✅ Comment BADGELIFE and retweet this post to enter. Additionally, pre-order a custom badge at shop.bugbountydefcon.com for a chance to win one of FIVE Annual VIP+ subscription to…
👻 Hacking SSO: Pre Account Takeover 👻 No email verification ➕ SSO 🟰 full account compromise. Read more on my blog: ghostlulz.com/blog/pre-accou… #bugbountytip #bugbountytips #hackerone #bugcrowd #infosec #redteam #CyberSec #bugbounty
🏴 Exploiting PDF Generators 🏴 If a web application can generate PDFs make sure you look for LFI and SSRF. Its an easy HIGH severity finding. 🧠 Learn more on my blog: ghostlulz.com/blog/exploitin… #bugbountytip #bugbountytips #hackerone #bugcrowd #bugbounty #infosec #redteam
API Hacking - Cracking JWT Tokens ghostlulz.com/blog/api-hacki… Pre Account Takeover ghostlulz.com/blog/pre-accou… XSS With Polyglots ghostlulz.com/blog/smart-xss… React JS SourceMaps to XSS ghostlulz.com/blog/reactjs-s… Bypass AI Powered Wafs ghostlulz.com/blog/bypass-ai… #bugbounty #bugbountytips…
📔 Pentest Interview Playbook 📔 My new book is officially live! This book walks you through every stage of the interview process from crafting your resume to landing the offer. payhip.com/b/jqNZC/ Discount Code 25% Off - Q57D21FZWI #SecurityInterview #pentest…
I’m excited to announce that I’ll be attending one of the largest and most technical cybersecurity events, Black Hat Middle East & Africa 2024! #BlackHatMEA #BlackHat_At_Malham #CyberSecurity #Networking #InformationSecurity
🎯 Black Friday Special+ Giveaway: Get the full course for just $29 (reg. $119) at with code 'FRIDAY2024'! hhub.io/BlackFriday Includes: 15+ Hours of content + 100+ labs! 🎁 BONUS: reply & retweet - one lucky winner gets 2 FREE course coupons (keep one, gift one)!
Mass Account Takeover Here are 10 BLogs to learn about them ! 1. zonduu.medium.com/idor-in-sessio… 2. 1-day.medium.com/an-idor-and-au… 3. medium.com/@bugbounty_lea… 4. 0d-samii.medium.com/0-click-mass-a… 5. medium.com/@sniss_thomas/… 6. tushara2517.medium.com/breaking-2fa-l… 7. medium.com/@ahmed.raza.ar… 8.…
🚀 Google Dorks for Bug Bounty taksec.github.io/google-dorks-b… #bugbounty #bugbountytips #bugbountytip #hackerone #bugcrowd #infosec #cybersecurity #pentesting #redteam #informationsecurity #securitycipher #technology #coding #code #recon #ai #llm #owasp
On 10th April I had reported 6 admin panel access on different programs. By using @osintleak it was an easy find tbh 🙌 Admin panel tips: 1: leaked creds via osintleak.com 2: auth bypasses. 3: by analyzing js files for creds and secrets. #BugHunting #adminpanel 1/*
An IDOR and Auth Bypass That Led to Mass Account Takeover — KSFE 1-day.medium.com/an-idor-and-au… #bugbounty #bugbountytips #bugbountytip
Admin Panel Takeover Using a Leaky JS File osintteam.blog/admin-panel-ta… Join Bug Bounty Community: discord.gg/U2HfKnZuxr #bugbounty #bugbountytips #cybersecurity #hacking
Finding Postmessage xss Vulnerabilities 1.Follow the prompts to turn on the switch portswigger.net/burp/documenta…
Breaking In: How RXSS and SQLi Can Lead to Full Account Takeover and Database Access Thanks to all the security researcher for their awesome tools and automation. Credits: @KN0X55 @xnl_h4ck3r @s0md3v @elk0kc blog.bhuwanbhetwal.com.np/breaking-in-ho…
A Step-by-Step Guide to the Bug Hunting Process: From Reconnaissance to Reporting myselfakash20.medium.com/a-step-by-step… #bugbounty #bugbountytips #bugbountytip
all you need to know about JWT vulnerabilities: medium.com/@0x_xnum/all-a… #Hacking #JWT #BugBounty #BugBountytips
Hacking Tips: Captcha Bypass Author: Mehdi0x90 Credit: github.com/Mehdi0x90/Web_…
As I previously promised I would publish a writeup on how I managed to find the SSRF bug on the biggest social media website, Facebook. So I wrote a blog about that finding. I hope you like it. 🍷 #BugBounty #Infosec link.medium.com/smZtjTvTV6
Found a backup ZIP file on the web app server via a JS comment. Extracted the ZIP, which contained the application's code. Identified RCE during a code review of an unlinked file. Exploited this RCE to gain server access and found crypto mining software running on the server.

Bernice @b_butler99
237 Followers 3K Following
@tipjar @a2ztipjar
36 Followers 1K Following @tipjar, #tipjar, #crypto, #cryptocurrency, #coin, #eth, #eth.tipjar.eth
Francene @whitaker_france
278 Followers 3K Following
Youssef Elsayed @youssefjo4433
18 Followers 116 Following
Jamil Borer @BorerJamil38978
92 Followers 3K Following
GeraldineGregory @47TGKQ493cWxp
13 Followers 712 Following
0xRift @0xRiftStreamer
285 Followers 3K Following
zokyo @zokyo_io
8K Followers 808 Following Cybersecurity experts | Security review, Pen testing, Fuzz testing | Token Economics, ADGM DLT Compliance | Inquiries ➡️ https://t.co/qTD0UWEXeh
Jonas vasconceloss @Jonasvasco66460
158 Followers 4K Following
Raul Renales @RaulRenales
4K Followers 693 Following Team Manager Ciberseguridad y Jefe de Proyecto. Cofundador de @Honey_Sec. #RedTeam #Pentesting #DFIR #BlueTeam #Criminology
ghostlulz @ghostlulz1337
14K Followers 1K Following Founder /CEO @StealthNetAI , Author - Bug Bounty Playbook. @DakotaState Alum , Founder/Former CTO RedSentry , Ex @bishopfox. #bugbounty #infosec #redteam
pirate.moo @apiratemoo
7K Followers 3K Following \x6d\x6f\x6f\x62\x69\x74\x63\x68 I break things for a living. Opinions are my own.
Adam @Adammmm12310
109 Followers 6K Following
TechWizNet (❖,❖) @TechW1zNet
286 Followers 2K Following On the path to becoming a cybersecurity expert. Currently building skills in penetration testing and auditing smart contracts.
Ookleji @Ookleji2804
56 Followers 2K Following
Gospel @4osp3l
16K Followers 7K Following Offensive Security | Christain | Full-Time Bug Bounty Hunter On @yeswehack | 0x19 | God Is Everything
Judas Noor @VincentJc319898
18 Followers 117 Following 💰 7782 kişi kazandı, sıradaki sen ol! 7 günlük ücretsiz hisse paketi sadece 100 kişiye özel. Hemen WhatsApp’tan katıl!
Saresheel @SaresheelFGfeN
72 Followers 3K Following
Dr Gerhard Knecht, Ph... @GerhardKnecht
14K Followers 11K Following Cybersec. & Audit VP, Global CISO, Global Head MSS, Prof. Speaker, TV appearance, Top 10 UK security personality 2010, Compliance guru, AI, Followback Security.
Sheetaez @SheetaezRX6Z5Z
63 Followers 7K Following
geeksteev @binaryhansolo
359 Followers 2K Following Endless curiosity and a passion for understanding how everything works. Open source everything. Irish exit connoisseur. AuDHD. @ushi has my heart.
alrouxnof🇮🇳 @alrouxnof
3K Followers 4K Following Cybersecurity enthausist,Newbie. student @IITISM_DHANBAD aHR0cHM6Ly95b3V0dS5iZS9kUXc0dzlXZ1hjUQ==
Amir Safsri @ASafsri57267
90 Followers 1K Following #انضم لفريقنا #كقائد للتسويق الشبكي! #اكتشف الإمكانات #للنمو والنجاح
Kate Brew @securitybrew
28K Followers 16K Following Mom, Moderate common sense engineer #owasp #lasconatx @GeorgiaTech alum. Funemployed. No one knows what I’m up to.
Иormallik Ölümdür... @zero0day0
824 Followers 4K Following o kadar özgür ol ki seni sınıflandıramasınlar.
I_am_Bishal @C15C01337
1K Followers 3K Following Security Research Engineer 💂 Founder of CTF Team: Hack@Sec 🇳🇵 Crypto and Web w/@hackasec 🕸️ Blackhat MEA 2023/24/25 CTF Finalist 🎩 BBH at Hacker0x01 🐞🇳🇵
Abubakar shah @hunterabubakar
172 Followers 813 Following Penetration tester and Software engineer! https://t.co/pAowaPQoSP
Aditya @termihell
159 Followers 548 Following Cybersecurity | Memes | Music | Football and Cricket |
PwrSpl0it @newbiepath
858 Followers 1K Following Bug bounty hunter, web app security enthusiast, chess player, soccer player sometimes
Tabbs over spaces ☕... @lost_irish
2K Followers 3K Following Skies are blue, x is black, I ain’t never going back. Find my in the sky
Jim Nitterauer 🇺�... @JNitterauer
9K Followers 9K Following Husband, Dad, Director of Information Security @graylog2. InfoSec enthusiast. CISSP, CISM, Speaker. Ethical Hacker. @BSidesLV Staff @ITENWired Guitarist
Nick Howard @NickHKlaatu_ITS
3K Followers 7K Following CEO of Klaatu IT Security, father, golfer, sci-fi interested, Red wine and Guinness liking, International Rugby Fan. 1962
Jorn Hartvigsen @joha_nu
1K Followers 5K Following Forensicator transition into cyber security Password cracking, sysadmin stuff and gaming. SWL,HF,Digimodes Veteran SFOR (NATO) & UNIFIL (UN) Traveling and food
Kevin McNally @HAPI_dude
5K Followers 5K Following Husband, Father, Conservative Patriot, Retired Engineer and Cybersecurity Expert, Notre Dame and Boise St fan. DMs from people I don’t know will be blocked.
AEMSecurity @AEMSecurity
10K Followers 2K Following Husband + Father | Penetration Tester / Hacker | Interested in Security - Bugbounty - Vulnerability/Exploit Research CVE-2016-0956, CVE-2013-6674, CVE-2014-2018
WELSH PATRIOTS @Patriotsofwales
534 Followers 4K Following EXPOSING CORRUPTION FROM WITHIN BY ANY FORCE NECESSARY. #FREEWALESARMY
Noorsec @0x_5wf
615 Followers 670 Following Bug Bounty hunter | High school Student | Python developer
Vulnlab @vulnlab_eu
6K Followers 1K Following Labs & Training by @xct_de | https://t.co/3vRSpRWwJb | You are welcome to join the community @ https://t.co/8tvZ0UZ5ZL
Tiseautoo @TiseautoofJvz2
182 Followers 4K Following
Shutoughf @ShutoughfLUO
8 Followers 254 Following
Ibrahim Abdurrahman @ibrahim_haxor
775 Followers 7K Following Android Software & Hardware Engineer | Ethical Hacker & Penetration Tester | Bug Bounty Hunter | Passionate About Securing Mobile Tech
heige @80vul
11K Followers 1K Following (a.k.a. SuperHei) ZoomEye https://t.co/fzvFAoPrvG SeeBug https://t.co/ldKpbho6eg KCon https://t.co/46w4vXpfkv AiPy https://t.co/bFgrqc8h9s,Team: 0x557
Ryan Cobb @cobbr_io
12K Followers 480 Following Red Teamer | Hobbyist Software Developer | Operator @SpecterOps Developer: Covenant, SharpSploit, PSAmsi
Vector 35 @vector35
10K Followers 2K Following Makers of the Binary Ninja - Reverse Engineering Platform. https://t.co/opkys50srq Also posting at https://t.co/2HEfgOtSSR
Olaf Hartong @olafhartong
17K Followers 966 Following @FalconForceTeam | researcher with a camera | Microsoft MVP | Snow man role model
Red Canary, a Zscaler... @redcanary
30K Followers 1K Following 24/7/365 threat detection and response across your cloud, identity, endpoints and everything in-between. We got you: https://t.co/pFNwBJN3d5
RET2 Systems @ret2systems
12K Followers 1 Following We strive to reimagine vulnerability research, program analysis, and security education as it exists today. An @RPISEC corporation.
rapiddns @rapiddns
3K Followers 3K Following Bug Bounty Hunter. The https://t.co/11fvDW8SRb is a free, open and unlimited dns query tool. It makes easy to query subdomains or sites of the same.
FuzzingLabs @FuzzingLabs
8K Followers 4K Following Research-oriented Cybersecurity startup specializing in #fuzzing, Vulnerability Research & Offensive security on Mobile, Browser, AI/LLM, Network & Blockchain.
stephen @_tsuro
10K Followers 527 Following @v8js security, CTFs and CPU vulnz. LCHL. @[email protected]
[email protected] @Zardus
7K Followers 88 Following Retired @DEFCON CTF org, @Shellphish Captain Emeritus, @ASU Prof, @angrdothorse hacker, @pwncollege sensei, @ACE_Inst Director.
ch @chybeta
14K Followers 4K Following open to bug bounty collaboration @HackenProof Security Researcher Just dm https://t.co/VVU1OV5yz6 业余打土狗
Jorge Orchilles @jorgeorchilles
11K Followers 473 Following SANS Principal Instructor & Author #SEC565 | #RedTeam | #PurpleTeam | #PenTest | #C2Matrix Creator | ATT&CK & Atomic Red Team Contributor | Published Author
Source Incite @sourceincite
3K Followers 4 Following We are Incite Team. Providing high quality Vulnerability Research & Training Services.
C2 Matrix | #C2Matrix @c2_matrix
6K Followers 97 Following Matrix of Command and Control (C2) Frameworks #C2Matrix #RedTeam #BlueTeam #PurpleTeam
Roberto Rodriguez �... @Cyb3rWard0g
26K Followers 632 Following AI Security Researcher @nvidia | Prev: @Microsoft | Founder of the @OTR_Community
Vulmon @vulmoncom
2K Followers 2 Following Vulnerability Intelligence Search Engine https://t.co/nxqvEXUxMU Offical Account | Follow @VulmonFeeds for vulnerability feed
0xdf @0xdf_
25K Followers 467 Following Training Architect @ HackTheBox "Potentially a legit security researcher" he/him https://t.co/GCcLVlmdQK https://t.co/uQWVpw4nft 0xdf on discord
Stephen Sims @Steph3nSims
24K Followers 833 Following Perpetual Student | SANS Fellow | Musician | Braggart Hater | Gray Hat Hacking | VR | 🏂 | deadcode | https://t.co/CadJehomsU
Adam Doupé @adamdoupe
5K Followers 1K Following Former DEF CON CTF organizer. Associate Professor @ASU. Web, system, and network security. Loves CTFs. Hacks w/ @shellphish. Hosts @ctfradiooo. Open DMs.
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
CryptoCat @_CryptoCat
8K Followers 199 Following Security Researcher 😈 Hacking Content @ https://t.co/U7jVhNr9sC 💜
@mikko @mikko
229K Followers 934 Following Researcher and a best-selling author. Keynote talks at RSA, Black Hat & DEF CON. TED Speaker. Chief Research Officer at Sensofusion.
Flipper Zero @flipper_zero
101K Followers 147 Following A portable multi-tool device in a toy-like body for pentesters and hardware geeks. Buy worldwide here ➡️ https://t.co/n09EKVnqri
Yarden Shafir @yarden_shafir
24K Followers 311 Following A circus artist with a visual studio license
Zion Leonahenahe Basq... @mahal0z
2K Followers 268 Following Native Hawaiian Hacker | Prev Co-captain of @Shellphish | PhD Student in Comp Sci @ASU l Decompiler Research | Mastodon: @[email protected]
zokyo @zokyo_io
8K Followers 808 Following Cybersecurity experts | Security review, Pen testing, Fuzz testing | Token Economics, ADGM DLT Compliance | Inquiries ➡️ https://t.co/qTD0UWEXeh
Brenda Miller @BrendaM68649506
747 Followers 5K Following Achieve your certification dreams with us! 100% pass guarantee
ret2basic.eth @ret2basic
2K Followers 4K Following Resident @electisec | Solidity + Move auditor @taichiaudit | I solve hard problems in different fields
HST @mit_hst
7K Followers 270 Following Harvard-MIT Health Sciences and Technology. Integrating science, engineering, and medicine to solve problems in human health.
Amol 🇮🇳 @codewithamol
1K Followers 5K Following My name is Amol from India.I am dad,husband and Hacker C|EH | eWPTX | CC | CSSLP | CISSP | CDP DevSecOps |Security Consultant |B.E Computer | MBA IT
Addy Osmani @addyosmani
354K Followers 2K Following Engineering leader, @GoogleChrome • Author • Great user, developer & AI experiences • @ChromiumDev @ChromeDevTools • @GoogleDeepMind
GNOME @gnome
201K Followers 301 Following Creators of the GNOME Project, GTK, Flatpak, and other open source technologies.
ANSSI @ANSSI_FR
82K Followers 54 Following Compte officiel de l'Agence nationale de la sécurité des systèmes d'information (ANSSI) | Retrouvez les alertes de #cybersécurité sur le compte @CERT_FR
Async @asynchronous_x
1K Followers 544 Following current CTO ✧ former security engineer ✧ full time technomancer
Psyho @FakePsyho
26K Followers 370 Following Game Designer; Problem Solver; past: OpenAI (Dota), Pro Competitive Programmer, Poker
Ben Canning @benhackshealth
4K Followers 142 Following Rewriting the health code for tech, infosec & cybersecurity pros Helping high achievers optimize strength, focus & longevity #wehackhealth
Sh3llCON @Sh3llCON
6K Followers 2K Following Congreso de #Seguridad #Informática #Cantabria #Hacking Foro de encuentro #profesionales y #aficionados. https://t.co/LyGp57eZUB
Navaja Negra Conferen... @NavajaNegra_AB
10K Followers 123 Following Congreso de Ciberseguridad 🛡️☠️ Cybersecurity Conference #NN2025 🖤💛
root@MAALP🇮🇳 @MAALP1225
1K Followers 825 Following I’m learning | Nõöb!😑 | CREST CRT and CPSA | Hack-Eat-Sleep-Repeat | CEH | eWPTXv2 | eCPPTv2 | CAP | Security Consultant | #Beinspired
Bug Bounty Village @BugBountyDEFCON
8K Followers 580 Following Official X account for the Bug Bounty Village @DEFCON. Founded by @infinitelogins and @arl_rose.
Wasim Shaikh @Wa_sim_sim
326 Followers 389 Following
Sec/Admln Cybersecuri... @secadm1n
4K Followers 863 Following Conferencias en #Hacking y #Ciberseguridad #SecAdmin
Disclosed. @getDisclosed
25 Followers 1 Following
Will Schroeder @harmj0y
48K Followers 960 Following Researcher @SpecterOps. Coding towards chaotic good while living on the decision boundary.