Geekboy
@emgeekboy
Followers
25K
Following
3K
Media
92
Statuses
1K
Hacker, Co-Founder @pdiscoveryio, Ex-Security Analyst / BugBounty @Hacker0x01
India
Joined April 2014
We've been building this for a while at @pdiscoveryio Neo is an AI security engineer for your day-to-day security work: the kind of tasks you'd normally hand to your most experienced engineers. Turns out LLMs with the right tools, memory, and execution layer can automate
2
19
66
Ways to map a GitHub username from a given user email, could be useful when doing GitHub repo secret scanning. https://t.co/pItO25ovHP
#github #osint
2
6
47
Why did I only find this now? It keeps the sink organized and it stays put.
0
16
246
I've been testing Neo by @pdiscoveryio for the past few days and I'm really impressed. They have some community agents, but I've created my own agents specialized in offensive security. And I love how the dashboard integrates the agent with the terminal and the files all in
π’ Introducing Neo: a cloud-based AI security engineer for real-world security work. A framework for automated security workflows inside your environment,Β Neo owns workflows like vuln triage, feature reviews, pentesting, and continuous compliance. It learns your stack, remembers
0
5
29
A recurring theme among security leaders: the volume of findings keeps growing, but the amount of verified information is shrinking. AI is accelerating attacks while simultaneously amplifying noise, and validation is becoming the critical bottleneck. This report breaks down why
0
3
10
Scanning for CVE-2025-55182 using @pdnuclei π¨ If you're running Next.js / React, scan your apps now. Nuclei Template - https://t.co/Uxg2yUSw0g Vulnerability Advisory - https://t.co/HmGGTsNNpq
#nextjs #cybersecurity #react2shell
2
76
414
Magnesiacore. Indoor Pool Drywall and Ceilings is a True Marine Wallboard. When it comes to indoor pools, natatoriums, or other enclosed spaces with high humidity and the moist chemical exposure it entails, you need a construction board that can withstand these elements.
20
45
242
This is the most reliable public detection (at this time) to indicate whether a machine is actually exploitable to CVE-2025-55182 / React2Shell without invoking the RCE and limited FP's. it triggers an internal error and validates the vulnerable version https://t.co/YKiNeY7swX
2
76
349
Here's Neo in action finding vulnerability in real-world application running with outdated components. https://t.co/Mj5QYaDzCb
We've been building this for a while at @pdiscoveryio Neo is an AI security engineer for your day-to-day security work: the kind of tasks you'd normally hand to your most experienced engineers. Turns out LLMs with the right tools, memory, and execution layer can automate
0
6
40
After adding Raw & Hex views, I realized we needed more flexibility. So I just added a layout toggle to switch between horizontal and vertical split panes! Now you can view your requests exactly how you like π«‘
3
1
40
π Shopping online? Donβt let weak passwords ruin your holiday. Avoid using personal info like names or birthdays. Create strong, unique passwords for each account and turn on multifactor authentication. Learn more and download free resources!
0
4
5
π As promised β v1.4.0 is live! Hierarchical request grouping, smarter secret detection, cleaner UI, and better workflows across the board. If this made your testing life 1% easier, sponsor rep+ and Iβll ship 10% faster β€οΈ
4
2
80
Reversing web CVEs isn't guesswork. It's process. New blog: how we go from "vague advisory" β local lab β patch diff β safe Nuclei PoC, with concrete examples (Zimbra, Ivanti, Versa, Lucee). Read the full methodology:
projectdiscovery.io
Introduction This blog serves as a detailed methodology guide for analyzing, reversing, and researching web vulnerabilities, particularly those with CVEs assigned. The content outlines repeatable...
5
44
198
New blog - documented our CVE research process - patch analysis, setting up debug environments across different stacks, and keeping research organized. https://t.co/tJ7EZb4d87
1
52
247
I automated finding reflected XSS using Nuclei and some passive recon data and ran it against a bug bounty program. Watch it here ππΌ https://t.co/2XrXOVJsUD
4
58
469
We are thrilled to welcome Sandeep Singh AKA @emgeekboy Co-Founder & CTO at @pdiscoveryio , to the BSides Mussoorie 2026 Review Board! ποΈπ Sandeepβs journey is nothing short of inspiring from starting out as an Independent Security Researcher, to advancing global
0
5
15
Your email or company passwords are probably in a malware log somewhere - we've built free cred monitoring so you find out before attackers do. Try it β https://t.co/avI67lgaCA Docs β https://t.co/KY7AFoCdym
1
9
28
π οΈ Stop running Subfinder, Nuclei, HTTPX βout of the box.β In this walkthrough with @NahamSec, we: β’ Build a VPS recon box β’ Install & manage all PD tools w/ Go installer β’ Chain Subfinder β AlterX β DNSX β Naboo β HTTPX β Katana β’ Move from automation β methodology
1
85
483
How Burp AI works internally. I touched this briefly in my BB village talk. We will learn how to proxy Burp and what the requests/responses look like. This allows us to write an extension to redirect Burp to our own AI instance. https://t.co/17qcfHsSkM
parsiya.net
This is a quick peek inside Burp AI. I'll show how to proxy its requests, what actually happens when you trigger a feature. This knowledge allows us to redirect Burp AI to your own AI instance. As...
1
8
21
Only ~6% of CVEs are ever exploitedβ¦ yet scanners still flood teams with endless alerts. More signatures β more security. They guess. We validate. Curious what actually matters? Check out our latest blog: The Coverage Lie π https://t.co/7khv5ZmpOH
0
9
26
π¨ NEW FEATURE - Live CT Log Streaming in tlsx! π¨ With tlsx, you can now stream and store live certificate transparency logs with the -ctl flag. This lets anyone build their own https://t.co/IZa9xDyzru or power threat hunting based on cert data!Β Perfect for OSINT, detection,
1
9
19