Siddharth @parad0xr
Security @ MPL | Bug Hunter | F1 Enthusiast | Web3 noob | Gamer | My opinions are my own India Joined October 2009-
Tweets3K
-
Followers291
-
Following1K
-
Likes3K
I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…
The Great Firewall of China (GFW) today experienced the largest internal document leak in its history. More than 500GB of source code, work logs, and internal communications have been exposed, revealing details about the development and operation of the GFW. The leak originated…
When we decompile an APK and see an unreadable index.android.bundle, it could be Hermes bytecode. Using github.com/P1sec/hermes-d… we can make it readable and look for interesting endpoints, keys, or app flows. #bugbounty
That is actually the real exploit. I went through all the decoding and stuff. It finally is the payload that creates spinstall0.aspx which then gets you the machine keys that allow you to craft your own Viewstates.
That is actually the real exploit. I went through all the decoding and stuff. It finally is the payload that creates spinstall0.aspx which then gets you the machine keys that allow you to craft your own Viewstates. https://t.co/9SjaPAlurx
Super easy win for defenders… block everything from LoLRMM lolrmm.io
Microsoft has discovered worldwide cloud abuse activity by new Russia-affiliated threat actor Void Blizzard (LAUNDRY BEAR), whose cyberespionage activity targets gov't, defense, transportation, media, NGO, and healthcare in Europe and North America. msft.it/6011S9JpN
Reading Microsoft’s new Void Blizzard report, one thing stands out (again): Everything is about credential theft, phishing, and tokens. Initial access comes from buying or stealing creds - often through low-effort phishing. All the real action happens in the cloud, not on…
Reading Microsoft’s new Void Blizzard report, one thing stands out (again): Everything is about credential theft, phishing, and tokens. Initial access comes from buying or stealing creds - often through low-effort phishing. All the real action happens in the cloud, not on… https://t.co/4Jx9DRqHJS
This vulnerability not only affects users of PuTTY but also extends to several other tools... Affected Products - PuTTY 0.68 - 0.80 - FileZilla 3.24.1 - 3.66.5 - WinSCP 5.9.5 - 6.3.2 - TortoiseGit 2.4.0.2 - 2.15.0 - TortoiseSVN 1.10.0 - 1.14.6
This vulnerability not only affects users of PuTTY but also extends to several other tools... Affected Products - PuTTY 0.68 - 0.80 - FileZilla 3.24.1 - 3.66.5 - WinSCP 5.9.5 - 6.3.2 - TortoiseGit 2.4.0.2 - 2.15.0 - TortoiseSVN 1.10.0 - 1.14.6
Vulnerability in Putty: "attacker in possession of a few dozen signed messages and the public key has enough information to recover the private key" * Revoke keys immediately including public in authorized_keys * Generate a new key pair and replace chiark.greenend.org.uk/~sgtatham/putt…
I spent the last 5 months reverse engineering Denuvo's protection in Hogwarts Legacy and finally managed to bypass it using more than 2000 hooks 😂 One of the toughest challenges of my life. Here's my blog post about it: momo5502.com/posts/2024-03-…
The results are in! We're proud to announce the Top 10 Web Hacking Techniques of 2023! portswigger.net/research/top-1…
Interesting Thread on a massive dump from a Chinese 🇨🇳 Ministry of Public Security (MPS) private industry contractor called iSoon (aka Anxun) Leak contains: - Spyware - Espionage Ops - “Twitter Monitoring Platform” - And a lot more 🔥 This is a crazy NTC Vulkan-level leak ⚠️
#threatintel someone just leaked a bunch of internal Chinese government documents on GitHub github.com/I-S00N/I-S00N/
I recently came across a weird case of cache deception vulnerability on a @SynackRedTeam target. I'm very excited to share the details with y'all. Also, I'm trying a new blog format this time. I hope you folks like it. Here you go: kuldeep.io/posts/web-cach…
Check out our new blog post! We hacked into Apple Travel Portal (yes, again!) using a 0-day Remote Code Execution exploit. Part 1 is live now, stay tuned for the follow-up on another RCE worth a total bounty of $40k! blog.projectdiscovery.io/hello-lucee-le…
"Guide to Reversing and Exploiting iOS binaries Part 2: ARM64 ROP Chains" #infosec #pentest #redteam inversecos.com/2022/06/guide-…
🧊 IceKube: Finding complex attack paths in Kubernetes clusters Bloodhound for Kubernetes Uses Neo4j to store & analyze Kubernetes resource relationships → identify attack paths & security misconfigs Currently has 25 attack techniques By @WithSecure labs.withsecure.com/tools/icekube-…

FayJack @FENSlpvC5IIazt1
40 Followers 2K Following
AlbertaLattimore @r31lzL9kO1X2Om
13 Followers 521 Following
AudreyHutt @3107knkdf52T85
62 Followers 2K Following
Tina Wilson @TinaWilson23351
4 Followers 171 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please cont act https://t.co/FQ8W2rxX3Y
SHIVANSH OJHA @SHIVANS95838269
12 Followers 46 Following
Ketha @Ketha843615
8 Followers 327 Following
Whoaret @Whoaret19785
11 Followers 159 Following Mong anh mê man và lạc đi đường chạy đến bên cạnh Em nhe ,
GGX @ggx_universe
169 Followers 107 Following GGX empowers game developers with digital asset ownership & in-app trading solutions. We are poised to set new standards for value creation & exchange in gaming
lotus @wafintel
146 Followers 2K Following #AppSec #InfoSec #CyberSecurity #MachineLearning #AI #BugBounty #ArtificialIntelligence #CVE #WAF Now, I have become Death, the Destroyer of the Worlds!!
blokk - beyond the ch... @blokkstudio
166 Followers 724 Following We help your ventures to succeed with beautiful and easy to use blockchain solutions that work. #Web3 #Blockchain #Metaverse #SmartContracts #DAO #NFT #UX
Himanshu Patel @Himansh91713264
2 Followers 17 Following
Or Duan @hacking_this
876 Followers 1K Following CTO @ Sayfer | White-hat Hacker 🚀 We are hiring! If you care about web3 security - talk with us!
0xchaos @0x1chaos
45 Followers 783 Following
Cloud Security Master... @cloudsecclass
51 Followers 174 Following Seasoned Cloud Security Engineer offering Cloud Security articles and video lab demos
Omar (mainnet arc) @acceleratooooor
10K Followers 4K Following securing @monad | grew @Spearbit @Cantinaxyz + eng @Coinbase
0xParad0x \ Ξmma ⟠... @0xParad0x
187 Followers 656 Following a dark bar with an excellent beverage selection is the only acceptable place to ask anything significant of me | 🐐 @alfalfapod 🌾
qckhp @qckhp
862 Followers 883 Following web3 security researcher, bug bounty hunter. @Immunefi All Star Auditor
Mohammed Farhan @FarhanKn
190 Followers 401 Following Appsec and Cloudsec at Amazon Travel and Volunteer. Hackathon Lover and Organizer
Akhil Mahendra @Akhil_Mahendra
461 Followers 1K Following Building @getscapia | previously @CRED_club | Security generalist | CTFer{ @teambi0s }
Landolsi Zakaria @ZakariaLandolsi
6 Followers 243 Following 𝐵𝑒 𝐶𝑜𝑛𝑓𝑖𝑑𝑒𝑛𝑡 𝑖𝑛 𝑡ℎ𝑒 𝑝𝑜𝑤𝑒𝑟 𝑜𝑓 𝐺𝑜𝑜𝑑 𝑎𝑛𝑑 𝑦𝑜𝑢 𝑤𝑖𝑙𝑙 𝑛𝑒𝑣𝑒𝑟 regret
geanderson lopes @gebralo
581 Followers 4K Following Conservador !.. BRASIL ACIMA DE TODOS DEUS ACIMA DE TUDO !!! A VAI CORINTHIANS SEMPRE !.. Jiu Jitsu na veia !Cyber Security Eng. #nft #ptvaitomarnocu
Mohammad Khan @mohamadkhanthk
36 Followers 192 Following Cyber security analyst , Penetration tester
Shalevos @shalev0s
226 Followers 442 Following Co-Founder and CTO @sodot_hq | Web3 MPC Key Management Infrastructure.
RamiRond 🦇🔊 @RondRami
79 Followers 313 Following
Nikhil @nicktplay
18 Followers 424 Following
Simon J. Bell @SimonByte
5K Followers 3K Following Cyber Security Researcher | Engineer | Building @CVEtrends | Runs honeypot @SecureHoney | PhD in CyberSecurity | Alum @RoyalHolloway (@ISGNews) & @SussexUni
Dana Gardner @Dana_Gardner
17K Followers 4K Following Prolific content producer of thought-provoking analysis and interviews on today's hottest AI and data technology trends.
Web3 Security @BlockSecu
1K Followers 1K Following Connects #Blockchain #Security experts to #Web3 leading actors.
Nordic Defender @nordicdefender
1K Followers 843 Following Nordic's Only Crowd-Powered Next Generation MSSP,
Chevy Phillip @chevyphillip
4K Followers 4K Following Founder @FleetSportsAI - a platform that leverages autonomous AI agents to transform complex sports data into actionable intelligence.
Vincent Heidarinia @vincet_he
866 Followers 836 Following Founder of @nordicdefender -Serial CyberSec Entrepreneur 😎 Reality is finally better than dreams 💫✨ Definitely, I’m in Love with Success 🤌
Hrushikesh @hkh4cks
395 Followers 827 Following Aspiring cyber-security researcher | OSCP | Tech enthusiast
Rohan Birtia @C0ld_b00t3r
397 Followers 561 Following Staff Security Engineer, former Consultant, Chess Player, etc. FTW done OSCP/OSWP/CREST/CKS etc......
SYN CUBES @syn_cubes
182 Followers 37 Following Since our establishment in 2020, Syn Cubes has been committed to providing results oriented penetration testing services.
ARMOsec @armosec
3K Followers 2K Following Zero-day and everyday protection for your cloud applications with the first runtime behavioral Cloud Application Detection and Response (CADR) solution.
rashi kashyap @rashikashyap3
0 Followers 137 Following No beleive in religious just beleive in humanity. . .
Julien | MrTuxracer �... @MrTuxracer
37K Followers 444 Following Freelancer | #BugBounty | @Hacker0x01 H1-Elite | $1,500,000 Overall Bounties | ❤️ Reversing | Mobile Hacker | https://t.co/pcWduPOt0n
Ben Sadeghipour @NahamSec
235K Followers 1K Following Cofounder @hackinghub_io | Advisor @CaidoIO. I hack companies and make content about it. #NahamCon organizer. ex @hacker0x01🇮🇷
Hussein Daher @HusseiN98D
49K Followers 199 Following Entrepreneur, Hacker 🇱🇧🇨🇮 @WebImmunify 21th/270000 BugCrowd Hacking Platform
Luke Stephens (hakluk... @hakluke
96K Followers 2K Following Hacker, marketer. I manage socials and produce amazing technical blogs for cybersecurity orgs. Founder of @hacker_content and @haksecio
Pentester Academy @SecurityTube
195K Followers 14K Following We help professionals acquire the skills, knowledge and certificates by teaching defense through offense to advance their careers in cybersecurity.
Intigriti @intigriti
195K Followers 657 Following Bug bounty & VDP platform trusted by the world’s largest organisations! 🌍
meg west @cybersecmeg
152K Followers 936 Following Tweets about #dogs & travel & fitness & cybersecurity, oh my! Opinions are my own. 📧: [email protected]
Chetan Nayak (Brute R... @NinjaParanoid
31K Followers 0 Following Founder Dark Vortex/Brute Ratel | Former RedTeam @CrowdStrike @Mandiant @niiconsulting
Jake Williams @MalwareJake
143K Followers 2K Following Breaker of software | VP R&D @hunterstrategy | CTI/DFIR | @ians_security faculty | Bookings: jake at malwarejake dot com | GSE #150 | He/him
Aditya Shende @ADITYASHENDE17
60K Followers 419 Following MS Cyber 🇬🇧 | Work @BforeAI | @Bugcrowd Top 100 | Bug Bounty Trainer | Keynote Speaker | Professional Biker | @kong_sec 🇮🇳 | Own Views ≠ Employment
Hacktron AI @HacktronAI
2K Followers 7 Following Hacktron is an autonomous vulnerability hunter for ambitious engineering teams. Built by world-class security researchers. Powered by one principle: PoC || GTFO
Tib3rius @0xTib3rius
69K Followers 596 Following Cybersecurity Content Creator | UwU-Anointed Wapp King | DEF CON Gameshow Host | Ex-Brit | https://t.co/04RRExvxXj (he/him) 🇺🇸 A deeply unserious person.
Max Prilutskiy @MaxPrilutskiy
6K Followers 845 Following Co-founder @LingoDotDev – i18n tools for LLM-powered translations. @ycombinator F24. Join the community: https://t.co/pvgj1Ri24R.
HaxRob @haxrob
15K Followers 452 Following I enjoy breaking things. Telco / mobile and IoT security. Surfing the information super highway one keystroke at a time.
Soufiane @S0ufi4n3
13K Followers 222 Following A random infosec/science enthusiast guy... This account is personal and only reflects my opinions, not those of my employer..🖕
Babu @pooniawalla
5K Followers 117 Following Building App Store Fraud Intelligence | Safeguarding Consumers & Brands | Removed 30,000+ Scam Apps | Fintech Engineer | Part-Time Farmer | NIT Rourkela
/ XNL -н4cĸ3r (and ... @xnl_h4ck3r
9K Followers 928 Following Aspiring Bug Bounty Hunter & dev of tools: GAP, xnLinkFinder, waymore, urless, XnlReveal, knoxnl, xnldorker 🤘 RTFM🧐... always... PLEASE!
Shannon McHale @_shannon_mchale
1K Followers 690 Following Red Team @ Mandiant/Google 👩🏻💻 Focused on hacking and protecting clouds. Presenter at DefCon, ShmooCon, WiCyS, and WiConnects. Ex-@RITSECclub President
Filip Hráček @filiphracek
33K Followers 602 Following I explain difficult things to smart people. Separately, I also make games and useful little software projects (https://t.co/LnvSFrG2Uc). Also @[email protected].
mpgn @mpgn_x64
18K Followers 230 Following Flibustier du net ̿ ̿̿'̿'\̵͇̿̿\=(•̪●)=/̵͇̿̿/'̿̿ ̿ ̿ ̿ Podcast Hack'n Speak @hacknspeak / https://t.co/GyACSFg9mw
Cyrex @cyrextech
473 Followers 57 Following Global leader in cybersecurity, load testing, & development for game studios. Trusted by Amazon, Tencent, EA, & more. Proud member of @LetsCreateMagic
HackTricks @hacktricks_live
15K Followers 202 Following HackTricks offers free quality hacking resources in 17 languages: https://t.co/O1TVFk5r9q, https://t.co/0RhWRaaPIm Paid certs by HT-Training: https://t.co/2C0w8pkq6v
OpenSense ₿ @opensensepw
4K Followers 1K Following Open Web3 Security. backed by @ethereum, @starknet, @zokyo_io, @droseranetwork and @guvenkaya_sec https://t.co/Oo3bP7Erp0 https://t.co/djIVlodR25
PhABC @PhABCD
12K Followers 689 Following Building @frenglishAI - Advisor @0xsequence 📝 Co-author of ERC-1155 and ERC-1271.
GGX @ggx_universe
169 Followers 107 Following GGX empowers game developers with digital asset ownership & in-app trading solutions. We are poised to set new standards for value creation & exchange in gaming
Jeff Security @jeffsecurity
8K Followers 2K Following Independent Smart Contract Researcher & Researcher at @ShieldifySec My mission is to find vulnerabilities in smart contracts for a safer Web3 Space!
MevRefund @MevRefund
8K Followers 36 Following MEV searcher (mid-tier), whitehat, blockchain surveyor
JohnnyTime 🤓🔥 @RealJohnnyTime
12K Followers 1K Following Founder @ https://t.co/gcgrMm4Njh, JohnnyTime @ Youtube, Securing Web3 @ https://t.co/wJdpJyYcg0 & https://t.co/3d9aL8n5G8
AI Breakfast @AiBreakfast
218K Followers 425 Following The latest rumors and developments in the world of artificial intelligence. DM to include your AI project in the newsletter.
Toran Bruce Richards @SigGravitas
51K Followers 684 Following Inventor of AutoGPT 🐙 World #1 AI GitHub Repo by Stars ⭐ Committed to making AI Agents work for YOU. https://t.co/IpFu1W1Bmp https://t.co/IdX2LTXwe2
Chris Farris (@jcfarr... @jcfarris
2K Followers 464 Following Cloud Security nerd @fwdcloudsec Organizer | Warning: Snark ahead | @[email protected]
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
b33f | 🇺🇦✊ @FuzzySec
33K Followers 1K Following 意志 / Antiquarian @ IBM X-Force / Team 501 / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
Godfather Orwa 🇯�... @GodfatherOrwa
25K Followers 2K Following Hacker | Bug Hunter | Cooker | Top 5 P1 Warrior On https://t.co/dzFQH75OWj | LevelUpX Champion | 10+ 0Days/CVEs
Chris Lattner @clattner_llvm
87K Followers 194 Following Building beautiful things like Mojo🔥 and MAX @Modular, lifting the world of production AI/ML software into a new phase of innovation. We’re hiring! 🚀🧠
PeckShield Inc. @peckshield
82K Followers 525 Following A blockchain security and data analytics company (telegram: https://t.co/x72dANZur3)
Calyptus @calyptus_web3
7K Followers 1K Following Tinder meets Web3 hiring ❣️ Swipe right for goats. See the magic happen✨ https://t.co/hc5xVHoZP9 . Follow our intern @CalyptusCareers
Roen branham @BranhamRoen
6K Followers 5K Following I once was secretive & Evil, now I am open about it ;-) – CTO/CSO HILLERT NEXT. I am the sum of each lesson learned from every mistake & failure in IT!
Jackson @sjkelleyjr
8K Followers 85 Following tech lead @robinhoodapp | ex-@amazonalexa | protected billions in value at @securityOak, @electisec, and more | lackadaisical angel investor
Code4rena @code4rena
39K Followers 550 Following Web3 security, on demand. $20M+ in rewards paid. 1200+ High Severity vulns found. Start an audit in 48 hrs
Owen | Guardian @0xOwenThurm
12K Followers 1K Following Founder, @guardianaudits. $10,000,000,000+ Protected. Host: Permissionless Podcast. Book an audit → https://t.co/M4i98qF4Nv
@bytes032.xyz @bytes032
19K Followers 1K Following chief smart contract security cook @zenith256 tg: https://t.co/fVm8KmTyY2
reverseame @reverseame
21K Followers 1 Following RME-DisCo research group from University of Zaragoza. Special interest on software and systems security. Link to our Telegram channel: https://t.co/UmkcXVG8MU
leastwood (latam arc) @0xleastwood
5K Followers 292 Following Reader of code, hunter of bugs @Spearbit & @cantinaxyz | Member @_SEAL_Org | Fellow @paradigm | doing stuff @whetstonedotcc