Cássio Gomes @netfuzzer
... Brazil Joined September 2011-
Tweets145
-
Followers1K
-
Following313
-
Likes344
REGEXSS: How .* Turned Into over $6k in Bounties Overly-greedy regex replacements can break HTML sanitisation & lead to XSS. Includes a live demo you can try exploiting it yourself! sec.stealthcopter.com/regexss #BugBounty #BugBountyTips #XSS #AppSec
I discovered how to use CSS to steal attribute data without selectors and stylesheet imports! This means you can now exploit CSS injection via style attributes! Learn how below: portswigger.net/research/inlin…
Reporting reflected XSS as critical.
This #NahamCon2025 talk has generated over $50,000 in bounties for @YShahinzadeh and a few other hackers: Puny-Code, 0-Click Account Takeover. 🎥👉🏼youtu.be/4CCghc7eUgI
Full-Width Symbols, a useful cheatsheet to bypass WAF by @therceman
We've updated our URL validation bypass cheat sheet with this shiny Domain allow list bypass payload contributed by @dyak0xdb!
Discover blocklist bypasses via unicode overflows using the latest updates to ActiveScan++, Hackvertor & Shazzer! Thanks to @ryancbarnett and @thecyberneh for sharing this technique. Writeup 👇
Bug Bounty Tip Don't forget to check for the /_wpeprivate/config.json endpoint on a website (usually with WordPress) for information disclosure. Google Dork 👉 Site: *.example.com inurl:"_wpeprivate" Cheers!
Successfully bypassed a SSRF WAF by using a combination of IPV6 + Unicode. Payload for Metadata instances: http://[::ⓕⓕⓕⓕ:①⑥⑨。②⑤④。⑯⑨。②⑤④]:80 Check images for response difference between 169.254.169.254 and the above payload I shared 🔥 #bugbounty #infosec #waf
I found 2 Blind time-based SQL Injections in X-Forwarded-For: header just using Burp Intruder. Made a list of 500+ HTTP request and tested one by one for 3+ hours, here is the result.. X-Forwarded-For: 0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z #BugBounty
☃️ Bug Bounty Reference ☃️ A repository that contains huge list of bug bounty writeups categorized by the bug nature such as ➡️ SQLi ➡️ XSS ➡️ RCE and more ...
I think bug bounty platforms will see a huge decrease of excellent hackers in the next years.
Now that's impressive 🔥 portswigger.net/research/porta…
GitHub - EmperialX/XSS-Automation-Tool: "XSS automation tool helps hackers identify and exploit cross-site scripting vulnerabilities in web apps. Tests for reflected and persistent XSS. Customize request headers, cookies, proxies, and auth github.com/EmperialX/XSS-…
GitHub - 0xTeles/jsleak: a Go code to detect leaks in JS files via regex patterns github.com/0xTeles/jsleak
I created a repository to keep track of cool XSS payloads github.com/terjanq/Tiny-X… Check this out! credit:@terjanq #xss #bugbountytips
I use this tool regularly! It's very simple, it does reverse DNS lookups as fast as possible. It's a great way of discovering domains and subdomains owned by a company when you know their IP address range(s). github.com/hakluke/hakrev…
when you are looking for bugs like SSRF & Open Redirect. and there is a blacklisted character. try to bypassed using other Unicode characters. I found Open Redirect Bypass Using (。) Chinese dot "%E3%80%82". poc: redirect_to=////evil%E3%80%82com credit:@h4x0r_dz #bugbountytip
Updates & Fixes: 1. Increased the sleeping time between the requests 2. made a checking for the status code == 200 (( that would avoid faking the XSS alerts )) 3. Removed the saving for the nothing results, It's useless option github.com/SirBugs/Xssor.…
Shodan for Bug Bounty — and Why You Shouldn’t Use these 53 Dorks. by: nynan cutt.ly/l4cNQCt #bugbounty #WriteUps
Gareth Heyes \u2028 @garethheyes
37K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5
Frans Rosén @fransrosen
43K Followers 900 Following Co-founder of @centrahq/@detectify/@poweredbyingrid. I do not advertise doing hacking services, do not trust the ones telling you I do.
Tuan Anh Nguyen⚡️... @haxor31337
15K Followers 2K Following 29 y/o Bug Bounty Hunter and Red Teamer at Viettel Cyber Security. Brand Ambassador @Hacker0x01 - Researcher Spotlight @Bugcrowd
Geekboy @emgeekboy
25K Followers 453 Following Hacker, Co-Founder @pdiscoveryio, Ex-Security Analyst / BugBounty @Hacker0x01
Pavan @eh_pavan
82 Followers 436 Following 16-Year-Old Ethical Hacker | Web Pen Tester | Python & Bash Enthusiast | Active Directory | SQL Ninja | Always Learning Building @ZeroClyneGlobal
xAmygdxla @xAmygdxla
0 Followers 143 Following
EMiR @EMiR__01
34 Followers 1K Following
xxy534 @8yt1s
1 Followers 248 Following
Cole_x @AyushSonekar4
27 Followers 539 Following B. Tech (cse) Student | Cyber Security & Bug-Bounty Enthusiast
Leon @Leon0772425
3 Followers 473 Following
Abdulrehman Khedr @AbdulrehmanKhe8
0 Followers 85 Following
Rodriguez @buggiethehunter
2 Followers 140 Following
iamdaniel @yesiandaniel
13 Followers 79 Following
Tomas Rodrigues @N1k0k0_tom
205 Followers 7K Following
S.A @Suliman_7s
69 Followers 249 Following If you can't stop thinking about it, don't stop working for it. ⛩⛩ 💎🎯Nothing lasts forever. @portsmouthuni
HAIDER @UzairHaider502
16 Followers 486 Following
Viet Anh Trinh @anhtvie
10 Followers 86 Following
Mr jasus @haryanaala302
42 Followers 816 Following
Hex @HexSentinel1
1 Followers 84 Following
SEIZ @phatdz123
12 Followers 342 Following
Aayush @r00t_ak
73 Followers 2K Following Nothing, just a noob and trying to learn new things🙂 Beg Bounty
Abhishek Raj @Abhi9499
135 Followers 323 Following
shannon @shannon69184090
0 Followers 53 Following
saul @0xCh3ckm4t3
112 Followers 885 Following
Yogesh Bhandage @YBhandage
12 Followers 319 Following
0xSudip @0xsudip
599 Followers 959 Following Bug Hunter | YouTube ( BugBounty POC's): https://t.co/fhIw5Aq1LJ…
Sandeep Kumar 🇮�... @SANDEEPDEV55858
11 Followers 442 Following Security Researcher| bug hunter | Cybersecurity Enthusiasts
sathyacierto.ai @sathya_cierto
117 Followers 2K Following 😉 Everybody wants to go to Heaven but nobody wants to Die
Retard finder @Citizen4chang
1K Followers 4K Following I hate War Mongers,Perverts and Idiots ,I have a disdain for lazy minds
Rifat Uddin @r0arbyte
14 Followers 125 Following
vijaY @vijay922
500 Followers 887 Following ♚Security Analyst 💯Bug Hunter ♛Bugcrowd Top 200 ♥SRT ♘Author ♙Blogger ♦AppSec ☣Freelance Pentester
Fir3Drvgon @A_EL_Kennouch
41 Followers 232 Following
Rahul Sirvi @rahul0x01
987 Followers 167 Following I research, brainstorm, H4ck & Yap! ADHD, Adaptive.
spread love @Itumeleng_Les
4K Followers 2K Following spread love ❤️ | red teamer | bug bounty hunter📚👨🏾💻 | not here to talk to you, i’m either tweeting about my thoughts, cats, hacking, or music I enjoy
Guardian Angel Intell... @GAIA_Sasuki
3 Followers 416 Following
Satya Prakash @0xKayala
768 Followers 2K Following CEH | PenTester @TechnoValS | Portfolio 🌐 https://t.co/LUPW4t7kyB | Bug Hunter 🐞| Security Nerd 👨💻 | Finding flaws 🕵️♂️, Fixing systems 💻 & Sharing the journey 🛤️
Gabriel Geraldino @ggs2__
13 Followers 475 Following
xandsz @xandsz__
2K Followers 756 Following Bug Hunter | Hacking | 5x CVE 🇧🇷 https://t.co/AVdQJgXDUh https://t.co/zlJ0CT8yrq https://t.co/4tROLFkg9A https://t.co/pv1n69PViu
Intigriti @intigriti
195K Followers 657 Following Bug bounty & VDP platform trusted by the world’s largest organisations! 🌍
JS0N Haddix @Jhaddix
167K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. Cybersecurity + Hacking + AI + Sec Leadership @arcanuminfosec
Gareth Heyes \u2028 @garethheyes
37K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5
bugcrowd @Bugcrowd
188K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™
James Kettle @albinowax
79K Followers 94 Following Director of Research at @PortSwigger aka @Burp_Suite. Find my research, tools & contact details at https://t.co/vP6UbGmvl3
André Baptista @0xacb
17K Followers 784 Following Hacker grinding for L1gh7 and Fr33dφm, straight outta the cosmic realm. Co-founder @ethiack
Trend Zero Day Initia... @thezdi
83K Followers 16 Following Trend Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
HackerOne @Hacker0x01
326K Followers 3K Following The only official HackerOne Twitter account. A global leader in offensive security solutions. #HackForGood #togetherwehitharder
publiclyDisclosed @disclosedh1
65K Followers 2 Following This is an unofficial HackerOne public disclosure watcher who keeps you up to date about the recently disclosed bugs. By @NOBBD
![[Hacker + lover of bash] I Don't know how to hack but i know how to pwnd!](https://pbs.twimg.com/profile_images/1176789748322643968/bEReriMR.jpg)
Ahsan Khan @hunter0x7
34K Followers 1K Following [Hacker + lover of bash] I Don't know how to hack but i know how to pwnd!
Aman Mahendra @amanmahendra_
4K Followers 939 Following Infosec Guy! | Bug bounty hunter | Hackerone top 100 | Bugcrowd top 100 | Owned CVE-2023-44296 | https://t.co/3n0bmmVa8L
Khaled Ibn Al-Walid @khaledibnalwled
1K Followers 396 Following Cyber Security Tech Lead @CyShieldCompany, OSCP, CPSA, eCPPT, CRTP, eWPTX, eWPT, eMAPT
spread love @Itumeleng_Les
4K Followers 2K Following spread love ❤️ | red teamer | bug bounty hunter📚👨🏾💻 | not here to talk to you, i’m either tweeting about my thoughts, cats, hacking, or music I enjoy
Ganesh Bagaria @Ganofins
907 Followers 574 Following 27 y/o Bug Bounty Hunter | Senior Cyber Security Analyst | Author
Masonhck357 @Masonhck3571
16K Followers 790 Following 🔍 Top 100 Bug Bounty Hunter @ Bugcrowd | 🇩🇴 Dominican | Ethical hacking fanatic | 🎮🎵 Lover | Keeping the digital world safe. opinions are that of my own
Vend Bug Bounty @VendBugBounty
260 Followers 4 Following
XSS Payloads @XssPayloads
52K Followers 0 Following
harris0ft @harris0ft
5K Followers 99 Following Christian, Hacker, Independent Security Researcher. https://t.co/7rmqelX5L4
João Gomes (zig_shar... @JoaoGomes12243
2K Followers 245 Following 24 | I am nothing, God has everything | 🇦🇴 | white hat hacker @Hacker0x01 | Aberto à colaboração 🤝
Gospel @4osp3l
16K Followers 7K Following Offensive Security | Christain | Full-Time Bug Bounty Hunter On @yeswehack | 0x19 | God Is Everything
Chrome @googlechrome
7.0M Followers 83 Following The official X account for the Google Chrome browser.
Sick.Codes @sickcodes
17K Followers 6K Following Security researcher 🇦🇺 Good-faith hacking 🤡 Weaponizing source code 🧬 https://t.co/qulkQaGWp9
Logan @LoganSaylor_
662K Followers 12K Following Altcoins Promoter, Holder and Investor✊. Best in the Business. Grow Your Project/Business With Logan. 🚀Dm Me For Promo📨 #Altcoin #MemeCoin #BSC #BNB #BTC
Bug Bounty Wall of Sh... @bbwallofshame
358 Followers 0 Following DMs open Anon submissions to: [email protected] PRs to: https://t.co/UQrakpOOlg
Ibamagov @ibamagov
46K Followers 61 Following Perfil oficial do Instituto Brasileiro do Meio Ambiente e dos Recursos Naturais Renováveis (Ibama)
Alexandria Ocasio-Cor... @AOC
12.7M Followers 4K Following US Congresswoman, NY-14. In a modern, moral, and wealthy society, no American should be too poor to live. People-Funded, takes no lobbyist💰. Personal account.
Airlock Secure Access... @ErgonAirlock
646 Followers 263 Following For optimized #security of #applications, #API, #data and #identities. For intelligent access management. For efficient solutions. For you.
Larissa @larissafealves
139 Followers 179 Following
Ricardo Galvão @ricardogalvaosp
90K Followers 284 Following Avô, cientista, apicultor, presidente do CNPq, professor da USP, ex-diretor do Inpe e membro da SBPC. (Os posts refletem posicionamento pessoal)
Loh Alves @Neikeea
146 Followers 183 Following Especialista em Storytelling A emoção como a melhor narrativa 🧡 🧡 Floquinho 🧡 Cebolinha 🧡 Maggie 🧡 Pirata 🧡 Croquete 🧡 Mel 😇 Chico e Scott
Lei Jun @leijun
487K Followers 86 Following Founder and CEO of @Xiaomi Passion is the reason and the answer
arthur aires @arthurair_es
3K Followers 377 Following Bug Hunter at HackerOne ex-Medical Student at the Federal University of Amapá [email protected]
Telegram Brasil @telegram_br
127K Followers 11 Following Simples, rápido, seguro e sincronizado em todos os seus dispositivos. Um dos top 5 apps mais baixados do mundo, com mais de 1 bilhão de usuários ativos.
2PAC @2PAC
764K Followers 2 Following The official Twitter of 2PAC. Managed and operated by the Shakur Estate. His legacy lives.
PipeWire Project @PipewireP
5K Followers 66 Following PipeWire is an audio and video server for Linux systems. #pipewire This is an old account, check our website to find us on social media.
Taiwan Digital Diplom... @digidiploTaiwan
11K Followers 2K Following Non-partisan NGO dedicated to #DigitalDiplomacy and #CitizenDiplomacy for #Taiwan. Facebook: https://t.co/YpDDNXaAm8. IG: https://t.co/AsoviOPoBB. RTs ≠ endorsements
Ukraine / Украї�... @Ukraine
2.2M Followers 28 Following Yes, this is the official X account of Ukraine. Офіційний акаунт твоєї Неньки.
Awesome Google VRP Wr... @gvrp_writeups
3K Followers 0 Following Automatically tweeting new writeups from the GitHub repository "awesome-google-vrp-writeups".
Xiaomi @Xiaomi
4.4M Followers 363 Following Masterpieces far closer. 🟠📷🔴 #Xiaomi15TSeries, co-engineered with Leica. For support, please contact @XiaomiSupport
NVIDIA Brasil @NVIDIABrasil
5K Followers 21 Following O perfil oficial da NVIDIA Brasil. Blog: https://t.co/TUZae8G9Mm | Suporte: https://t.co/eilOAJnMHg | Todas as Redes Sociais da NVIDIA: https://t.co/BEC1nM90ic
Fermat's Library @fermatslibrary
777K Followers 4 Following A platform for illuminating academic papers. We annotate and share a paper every week. Save, annotate and share papers with anyone: https://t.co/0o2Pls3jmo
Chevrolet Brasil @chevroletbrasil
146K Followers 49 Following Queremos conhecer seu vira-lata caramelo. 🐕 Envie a foto aqui 👇
The Debian Project @debian
282K Followers 4K Following The Universal Operating System; follow our news via https://t.co/zD9A4YClrc and https://t.co/wHPftZFODtTrends for United States
You might like
