Roozbeh @tracethecode
Security Researcher | App&Cloud Security Enthusiast London, England Joined March 2012-
Tweets130
-
Followers118
-
Following96
-
Likes310
Conducting a pentest isn't just about finding vulnerabilities; it's crucial to show developers how to reproduce and properly fix issues. A good report includes NOT JUST evidence, but also clear steps for remediation. #Pentesting #CyberSecurity #Appsec
TRACE may be a useful HTTP method for debugging, but it's also a major security risk in production environments. By enabling TRACE, sensitive user data could be exposed to attackers. Always disable TRACE in production environments! #cybersecurity #websecurity
Reminder to developers: always use the verify() method when dealing with JWTs! Don't risk accepting arbitrary signatures by only decoding them with your JWT library. #cybersecurity #jwt #devtips
Good collection of API Security tools and resources. github.com/arainho/awesom… #AppSec #BugBounty #CyberSecurtiy
The results are in! We're proud to announce the Top 10 Web Hacking Techniques of 2022! portswigger.net/research/top-1…
AWSGoat : A Damn Vulnerable AWS Infrastructure. #Cloudsecurity #AWS #CyberSec github.com/ine-labs/AWSGo…
False assumptions = vulnerabilities. Don't assume this #NodeJS code is enough to prevent #PathTraversal attacks. Don't overlook the power of URL encoding! Ensure proper decoding & sanitization of filenames for robust #CyberSecurity. Stay ahead of the game. #WebSecurity 💡
Don't underestimate the importance of function behaviour in penetration testing. A deep understanding of functions behaviour is the foundation for finding vulnerabilities. #infosec #pentesting #BugBounty
Penetration testing is all about understanding a system's behavior. The key to finding vulnerabilities lies in comprehending the functions at play. #cybersecurity #penetrationtesting #AppSec
Different developers bring different levels of security knowledge to the table. That's why understanding the application's functions and their behaviours are crucial during a penetration test. #developers #securityawareness #PenetrationTesting
A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. #informationsecurity #API #BugBounty github.com/Checkmarx/capi…
PHP Development Server <= 7.4.21 - Remote Source Disclosure. #infosecurity #development #AppSec #phpdeveloper blog.projectdiscovery.io/php-http-serve…
Just learned you can exploit blind file-reads in PHP by combining the dechunk filter with the PHP memory limit. This crazy finding by @hash_kitten is a great reminder to pay attention to CTF writeups! github.com/DownUnderCTF/C…
Truffle Security is proud to host a new XSSHunter, that finds new vulnerabilities trufflesecurity.com/blog/xsshunter/
APIs vs microservices! APIs allow communication between different services, while microservices represent a way of organizing and building those services. Think of APIs as the language, and microservices as the architecture. #APIs #Microservices #SoftwareArchitecture #cloud
A simple #Vulnerable File Upload PHP code that is lacking security measures & is vulnerable to #PathTraversal attacks, also allows uploading executables with alternative extensions. #cybersecuritytips #infosec #Security #bugbountytips #PHP
Don't let a simple file upload be your server's downfall! Ensure file names are properly validated & sanitized, and reject any that contain "../" #WebDevelopment #CyberSecurity #CyberSecurityAwareness
250k subdomain combinations in 0.67 seconds with mksub🚀
Here is a good collection of #bugbounty write-ups that can be helpful in understanding the methods and techniques to identify different #vulnerabilities. github.com/devanshbatham/… #CyberSecurity #bugbountyWriteups #PenTest
Tim Brown @timb_machine
3K Followers 5K Following push(@twitter, 'Adversarial Engineer'); # i tweet in Perl
Navid Fazle Rabbi @NavidDL28
7 Followers 26 Following Passionate Offensive Security Researcher, focused on Web & Mobile security. Educator, Mentor, and dedicated contributor to the Security Community.
Ayush shende @Ayushshende0
43 Followers 299 Following Mobile App Developer (Flutter) | Flutter Developer | AI Apps | Firebase | Bloc | Cubit
Taas Tariq @TariqTaas51433
1 Followers 4 Following
ArunKarthik Natarajan @Ak7555
53 Followers 852 Following Crypto Believer & Hodler | AWS & Linux Administrator | Passionate about Cloud Computing & Blockchain Technology | Always Learning & Always exploring. 💻🚀
Adam Reblitz @AdamReblitz
6 Followers 167 Following
Robert Drannikov @RobertDrannikov
2 Followers 369 Following
Are You 1 or 0 @are_you_1or0
1K Followers 1K Following Engineer, because BADASS PROBLEM SOLVER is not a job title https://t.co/hrgLuWRY1i #DC4131 #DEFCONSwitzerland 🇨🇭 BoT Bern Host ThreemaID: 6CJFWZ6N
Ofure Edo @Ofurzy
3 Followers 37 Following
Axis Onyx @n0chy_
0 Followers 1 Following
ZiadNasserGharib @ZiadNasser01
112 Followers 2K Following والذي أطمع أن يغفر لي خطيئتي يوم الدين.❤ . . . . . 🖤🦅 Junior Penetration Tester
Indramal Wansekara @Indramal
76 Followers 1K Following Electrical Engineer (MSc, B.Eng, MIET, MIEEE) || 6+ experience || https://t.co/ubCQeDEoAw || DM for collaborations!
Jay Kang'ara @JayKangara
71 Followers 454 Following Realistically optimistic - we all have the power to make the world a better place :) Offering the best services in Captioning and Transcription Training.
Kumar @Kumar33699
0 Followers 7 Following
Marek Ivanov @ivamanovrek
3 Followers 19 Following
Chris @gats_chris
18 Followers 115 Following
Rajiv Sharma @Rajiv_404
22 Followers 170 Following Hacker | Founder | Penetration Tester | 10+ CyberSecurity Speech
E S @ImaSahami1996
1 Followers 4 Following
MVS SiiZ @MvsSiiz
1 Followers 30 Following
Mustafa sheikh @Mustafashe81071
0 Followers 2 Following
Sivnerof Blue @sivnerof
66 Followers 1K Following
kaiwan Ahmad @kurd_scan
57 Followers 4K Following
Aryannn @aaryan22_
18 Followers 265 Following
Attila Szabo @szaboattila
26 Followers 44 Following
D€NïSZÅß @zabdenis
115 Followers 863 Following Kiswahili & History Teacher: Networking: Manchester united die hard fan ♥️
Jahid @jahidbhuyain
1K Followers 3K Following
hs @muni43221
2 Followers 27 Following
abdallah khaled @abdallakh0dary
1 Followers 110 Following
🏴☠️🏴�... @TigermanRoot
6K Followers 4K Following #𝑶𝒔𝒊𝒏𝒕 #𝑷𝒆𝒏𝒕𝒆𝒔𝒕𝒆𝒓. 𝑰 𝒍𝒐𝒗𝒆 #𝑳𝒊𝒏𝒖𝒙 𝑺𝒚𝒔𝒕𝒆𝒎 #H𝒂𝒄𝒌𝒆𝒓 - Python and C #programmer 🇮🇹 #Windows Admin Active Directory
Paytience Parks @vimverse
3K Followers 1K Following 🔌 Realtor 💰• FAMU Alumna 🐍 • \/!^^• Futures Trader 💻 •
heydion ❤️ Memeco... @heydionoficial
4 Followers 68 Following
God Hot @GodHot13
30 Followers 514 Following
Rick @Nt2Zw
6 Followers 1K Following
DeepSeek @deepseek_ai
972K Followers 0 Following Unravel the mystery of AGI with curiosity. Answer the essential question with long-termism.
Mathias Karlsson @avlidienbrunn
17K Followers 605 Following Web security fiddler. Bug bounty bastard. Sometimes I cut shapes.
Midjourney @midjourney
402K Followers 0 Following A community supported research lab - exploring new mediums of thought and amplifying the imaginative powers of the human species.
Runway @runwayml
260K Followers 324 Following Building for the next era of art, entertainment and human creativity. We're hiring: https://t.co/Aj11xygZYI
GitHub Security Lab @GHSecurityLab
26K Followers 15 Following GitHub Security Lab’s mission is to inspire and enable the community to secure the open source software we all depend on.
Thinkific @thinkific
11K Followers 3K Following 💸 Monetize your knowledge | LMS ✉️ Contact: [email protected] 👇 Free to get started
Geekboy @emgeekboy
25K Followers 453 Following Hacker, Co-Founder @pdiscoveryio, Ex-Security Analyst / BugBounty @Hacker0x01
Simon Scannell @scannell_simon
3K Followers 501 Following Cloud Vulnerability Research @ google. Opinions are my own
🦊 GitLab @gitlab
169K Followers 624 Following Build software faster. The DevSecOps Platform enables your entire organization to collaborate around your code.
Justin Gardner @Rhynorater
35K Followers 2K Following Christian | Full-time Bug Bounty Hunter | Host of @ctbbpodcast | Advisor @CaidoIO | 4x LHE MVH | 🗣️ English, 日本語 | ♥️ @mariahchan_ ♥️
publiclyDisclosed @disclosedh1
65K Followers 2 Following This is an unofficial HackerOne public disclosure watcher who keeps you up to date about the recently disclosed bugs. By @NOBBD
Patrik Fehrenbach @ITSecurityguard
31K Followers 287 Following rɪsˈpɒnsəbl dɪsˈkləʊʒə https://t.co/UKFhw5EBwf https://t.co/uCOkOOoNnP
Julien | MrTuxracer �... @MrTuxracer
37K Followers 444 Following Freelancer @rcesecurity | #BugBounty | @Hacker0x01 H1-Elite | $1,500,000 Overall Bounties | Mobile Hacker | https://t.co/pcWduPOt0n
Nathaniel @nnwakelam
41K Followers 919 Following
Daniel Kelley @danielmakelley
46K Followers 729 Following I'm a reformed black hat hacker who has contributed to 100+ bug bounty programs, and I ghostwrite for cybersecurity teams.
Jun Kokatsu @shhnjk
6K Followers 118 Following Hacking the Web, Browsers, and Agents. Opinions are my own.
Mikhail Klyuchnikov @m1ke_n1
5K Followers 149 Following n1 | Security Researcher at Positive Technologies | OSCP, eWPTX
Ambionics Security @ambionics
2K Followers 92 Following A @LexfoSecurite service. Ambionics is combining the best of human intelligence and technology to continuously assess the security of your applications.
Jake Miller @theBumbleSec
2K Followers 384 Following Web Security Researcher | h2c smuggling, JSON Interop vulns, RMIScout, GadgetProbe, Server-side Spreadsheet Injection | AppSec @BrexHQ; formerly @BishopFox
HTTPVoid @httpvoid0x2f
4K Followers 73 Following Infosec | Managed by @rootxharsh @iamnoooob | Research for @pdiscoveryio
Command Line Magic @climagic
189K Followers 11K Following Cool Unix/Linux Command Line tricks you can use in $TWITTER_CHAR_LIMIT characters or less. Here mostly to inspire. Also on https://t.co/YYJE9JpVnF
Alvaro Muñoz @pwntester
13K Followers 514 Following Security Researcher with @XBOW. CTF #int3pids. Opinions here are mine! bluesky: https://t.co/9HRRzpBECt
Ptrace Security GmbH @ptracesecurity
58K Followers 867 Following Empowering IT Security Professionals through Hands-On Online Courses.
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Sick.Codes @sickcodes
17K Followers 6K Following Security researcher 🇦🇺 Good-faith hacking 🤡 Weaponizing source code 🧬 https://t.co/qulkQaGWp9
bugcrowd @Bugcrowd
188K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™
Brute Logic @BRuteLogic
63K Followers 280 Following #CyberSecurity | #XSS #SQLi #SSRF | #WAF #bypass | #hack2learn | @RodoAssis | @KN0X55 | https://t.co/SIanVGfIHN | https://t.co/GyZaXU7FX9
Dirk-jan @_dirkjan
29K Followers 206 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
Project Zero Bugs @ProjectZeroBugs
35K Followers 0 Following A bot that posts the latest blog posts and disclosures from Google's Project Zero
ProjectDiscovery @pdiscoveryio
38K Followers 132 Following Detect real, exploitable vulnerabilities. Harness the power of Nuclei for fast and accurate findings without false positives.
Sonar Research @Sonar_Research
11K Followers 7 Following Cutting-edge security research by @SonarSource to educate the world about code security across all software. We're also at @[email protected] 🦣
Jobert Abma @jobertabma
43K Followers 718 Following I tweet about security and my experience as a hacker. Co-founder of HackerOne (@Hacker0x01).
@[email protected]... @SecurityMB
11K Followers 284 Following Improving the world’s security at Google. Opinions are mine.
Frans Rosén @fransrosen
43K Followers 900 Following Co-founder of @centrahq/@detectify/@poweredbyingrid. I do not advertise doing hacking services, do not trust the ones telling you I do.
André Baptista @0xacb
17K Followers 786 Following Hacker grinding for L1gh7 and Fr33dφm, straight outta the cosmic realm. Co-founder @ethiack
Inti De Ceukelaire @securinti
29K Followers 372 Following Hacker | @intidc (Dutch) | Chief Hacker Officer @intigriti
Immunefi | Token2049 @immunefi
56K Followers 628 Following Immunefi — One Platform. Unified Security Operations. Complete Onchain Protection. Over $180B of user funds protected across 650+ protocols.
Manish Kishan Tanwar @IndiShell1046
2K Followers 534 Following SQL Injection fan Develop vulnerable labs and web shells in spare time https://t.co/K2kSnZjLDO
Robin @digininja
25K Followers 228 Following Hacker, coder, climber, runner. Co-founder of SteelCon, freelance tester, author of many tools. Always trying to learn new things. @hacknotcrime AdvocateTrends for United States
You might like
