And seriously, if you're not watching @ctbbpodcast yet... you're missing out. @Rhynorater 💪💪💪

Now my alerts look like: "New API endpoint exposed user emails - potential data leak [HIGH]" My workflow went from "ugh, another JS change" to "oh shit, actual findings" real quick. It's open source because that's how we do things here🫡 Give it a spin:

Started with @r0bre 's JSMon (legendary tool btw), but wanted something that could tell me "this change matters, here's why" without me having to dig through diffs

You know that feeling when you're monitoring JS files, and you get 50 alerts but only 2 actually matter?

@rez0__ @gr3pme @ctbbpodcast @Rhynorater Prompt engineers please enhance the prompt if possible ;)

The idea hit me after watching @rez0__ and @gr3pme discuss CVE-GENIE in this episode: https://t.co/PBt2MUJhhc @ctbbpodcast @Rhynorater

Built LabGenie: a multi-agent framework that automatically converts security write-ups into hands-on labs. We're drowning in amazing vulnerability write-ups, but have no easy way to practice them in their original context. Blog:

Most people were calling this guy a bluff. Some even mocked him. Some said he was chasing clout. Now he has done something crazy and he’s going to shut a lot of mouth up. When you see people like this, don’t be quick to judge, shut up and learn from them. Congrats @ehsan

Not Going To Forget Again

publication of my latest modest paper; Eclipse on Next.js: Conditioned exploitation of an intended race-condition - (CVE-2025-32421) enabling a partial bypass of my previous vulnerability, CVE-2024-46982 by chaining a race-condition to a cache-poisoning https://t.co/NV8IYWvkil

🥈 Scored the 2nd-highest bounty on @Hacker0x01 and broke into the Top 10 leaderboard three times in the past 30 days! Huge thanks to @cryptocom for trusting us with their security—now, back to hunting. 🐛🚀 #BugBounty #EthicalHacking #Cybersecurity

I don't know what the fuck I am actually doing these days, I am finding bugs by just using the browser DevTools, using browser console for sending requests.....never touched burpsuite this week, This was all happened because of @Rhynorater

@ArchAngelDDay One of the best lessons learned from CTFs. There's a solution to the challenge, you have to find it. You need to carry that mentality into the real world. Don't see it? Keep looking 👀

I earned $2,500 for my submission on @bugcrowd https://t.co/itGL2EHjpg #ItTakesACrowd

After observing the 1.5 Billion ByBit hack yesterday. Myself and @sammyaudits decided to dive deeper into all the bug bounties on top 10 centralized exchanges. What I've found is SHOCKING and Scary. Let's go through each one in the thread and callout the terrible and good

Very happy to be a part of the BSidesKerala 2025 conference, taking place at the Marriott Kochi hotel! Looking forward to insightful discussions, networking with fellow security enthusiasts, and sharing knowledge in the cybersecurity community. #BugBounty #cybersecuritytips

I earned $750 for my submission on @bugcrowd https://t.co/itGL2EHReO #ItTakesACrowd

Why are so many individuals spamming the curl BBP? @bagder

Wrapping up the year with some fantastic bounties from @Bugcrowd! 🥳Grateful for the opportunities, challenges, and growth. #BugBounty #Bugcrowd #HackingGoals #hackingtools #bugbountytips #security

despite some turbulence keeping me quite busy these days, I found a rather interesting 0-day in a very popular framework /huh\ now that a report+PoC has been sent to the maintainers, it's time to look for vulnerable BBPs to fund my research 👽; maybe a CVE soon