Looks better at night 😉

Pretty funny to meet my French buddy @0xEdra at the other side of the world in Beijing Thanks Bug Bounty for letting us travel at any time anywhere

0 to 1, Working Remotely and Hong Kong https://t.co/OLLriTHAH4

We just released a new article on how we hacked with @adnanthekhan the npm Supply Chain of 36 Million Weekly Installs 🔥 🔗Link: https://t.co/CEvO7NSHQw

@Formation_bzh annule à J-15 la 1re année BTS SIO SLAM (11 admissibles). Une honte ! Pour les jeunes : nouvelle école à trouver, alternance, logements... Traitement inhumain de ses jeunes considérés comme des lignes d'un tableau excel. On attend des réponses. #ESNA #UIMM

I've released a DOMLogger++ config that helps detect any replacements occurring in a DOMPurify output by inserting and tracking a canary value at runtime. I think it highlights how useful DOMLogger++ can be for tracking JS execution :D 👉 https://t.co/ScqNSP1j8b 1/3

Guillaume Chouquet, fondateur et directeur de l'ESNA, viré de sa propre école par l'@Formation_bzh !!! Je suis consterné et en colère. C'est affligeant de prendre une telle décision quand on sait tout ce que le bonhomme a fait pour l'école et les alternants !

Bug bounty is a life changer !!! Took two weeks off, didn’t touch my laptop. Now I’m flying back one bug found, vacation paid off.

I'm happy to release a script gadgets wiki inspired by the work of @slekies, @kkotowicz, and @sirdarckcat in their Black Hat USA 2017 talk! 🔥 The goal is to provide quick access to gadgets that help bypass HTML sanitizers and CSPs 👇 https://t.co/SgsSyxoEMR 1/4

Solana 🔥🔥🔥

Today was my last day as a pentester at Bsecure, and it feels a bit surreal. After a three-year journey of hunting on the side, I’m finally ready to go all-in as a full-time bug bounty hunter. To celebrate this milestone, I've written an article sharing the full story. It’s a

Un projet de loi sur le PEA a été déposé le 24 juin 2025. J’ai dû le relire plusieurs fois pour y croire… S’il est adopté, ce serait tout simplement une révolution pour l’épargne des Français 🇫🇷 Voici ce qu’il faut savoir 👇

⏰ It's CHALLENGE O'CLOCK! 👉 Capture the flag before Thursday the 26th of June 👉 Win €400 in SWAG prizes 👉 We'll release a tip for every 100 likes on this tweet Thanks @Toogidog for the challenge 👇 https://t.co/7koFEiaTaA

@aituglo that was so cool!! really happy I got to organize this with you - let’s do it again next year for sure :p (best view for hacking 👀)

Very late this time, but here it is. Hacker House, Teaching and Gadgets https://t.co/cwffjTsqgK

Congrats to these award winners for their innovation, collaboration, and relentless pursuit of impact. 🔥 Most Valuable Hacker | Top Criticality, Community, & Consistency of the event >>WINNER: shubs 🕷️ Exterminator | Best/most Impactful bug of the event >>WINNERS:

I won the Most Valuable Hacker award for the Salesforce H1-6102 live hacking event in Sydney (my hometown)! I enjoyed working with some very talented hackers, including @ryotkak, @Geluchat, and @kevin_mizu. This is my third MVH award, and I'm grateful to be able to compete.

lol, this works on Firefox: <object data=# codebase=javascript:alert(document.domain)//> OR <embed src=# codebase=javascript:alert(document.domain)//>

Introducing a new tool of The Manticore Project: Delegations Manage Kerberos delegations like a pro: audit, add, remove, monitor & more — all in one tool! Supports unconstrained, constrained (+protocol transition), & RBCD. 🔗

Happy to have been rewarded for discovering a hidden XSS vulnerability with Onetest, a new tool for discovering hidden XSS ! Curious to test it out ? Join the Discord and give it a try : https://t.co/pJ74EanUnG #XSS #BugBounty #WebSecurity #Onetest