Say less I'm in!.Follow me on threads 🙏

Wanna see a magic trick 🤓

RT @infosec_au: Whenever I audit C# code, I look for benign file operations such as File.Exists(), especially if there's a preceding Path.C….

RT @ReconVillage: 🔊 Talk Announcement: "Plumbing The Plumber: A Playbook for Integration Servers" by @BadAt_Computers. The speaker is going….

I am really trying to focus on some hands-on hacking recently, and more specifically I have been focused on client-side topics. Here is a little primer of tools/resources I have used and looked at so far :) Share yours with me! <3.

RT @amrelsagaei: Just dropped a new SecMeet episode — this time with Justin Gardner (aka @Rhynorater ), the guy behind @ctbbpodcast and s….

RT @spaceraccoonsec: You're not missing bugs, you're just looking in the wrong place. Most codebases are cluttered with distractions and d….

RT @assetnote: For our first Christmas in July research post: How we managed to get persistent XSS on every Adobe Experience Manager Cloud….

RT @slonser_: My new research.Escalation of Self-XSS to XSS using modern browser capabilities.

RT @xssdoctor: I will be hosting a @Hacker0x01 hacking event in miami on September 20th. We will pick a target, @G0LDEN_infosec will provi….

RT @busf4ctor: I spent the last few weeks mentoring two friends. They received their first bounty today, a fantastic Self-XSS, escalated to….

RT @BugBountyDEFCON: We’re excited to announce that Whit Taylor (@un1tycyb3r) will be speaking at the Bug Bounty Village at DEF CON 33!. St….

RT @ctbbpodcast: We just released episode 128!. This week we're talking Blind SSRF and Self-XSS, as well as Reversing massive minified JS w….

RT @dropn0w: 🚨 It’s happening tomorrow at @_leHACK_ !. I’ll be giving my talk on 𝐀𝐈 𝐑𝐀𝐆 𝐒𝐲𝐬𝐭𝐞𝐦𝐬, where I’ll introduce a technique I develop….

RT @arcanuminfosec: Help us send people to DefCon! We are so close to being able to send all 3 students!

Weird. Christmas came in June 🎅

We. Are. So. Out. Here. 🔥.

Touched grass with doggo ✅

RT @assetnote: Our team recently used a novel technique to increase the impact of what seemed to be only a blind SSRF. This novel technique….

RT @infosec_au: How do we turn bad SSRF (blind) into good SSRF (full response)? The @assetnote Security Research team at @SLCyberSec used a….

RT @busf4ctor: The Gecko extension got an update. I fixed some bugs and removed duplicated findings. That's already available. I also impl….