zere
@j_zere
Followers
2K
Following
723
Media
15
Statuses
165
Jorge Cerezo πͺπΈ | https://t.co/17kagQjtlr
Joined July 2022
During my bachelor's thesis, I reviewed several web apps of my university and ended up finding a large number of vulnerabilities. Here are a few that stood out, technically simple, yet highly critical. https://t.co/KBNC1KjBqf
zere.es
During my final degree project, I audited several web applications from my university, the Universidad PolitΓ©cnica de Madrid, and identified hundreds of vulnerabilities, many of which had a critical...
6
19
128
Thanks to everyone who joined us at the @Hacker0x01 Brand Ambassadors Speed Show&Tell in Madrid, and special thanks to all who presented! π
6
12
123
Interesting technique by @j_zere: When a cache deception requires a specific header/token that you can't directly provide, try chaining it with CSPT to make it exploitable.
1
19
131
Madrid: el jueves 11 de septiembre por la tarde organizamos un "Speed Show & Tell", abierto a quien quiera presentar. Plazas limitadas, toda la info y registro aquΓ π
0
8
32
Thanks for the shout-out!
Episode 137 is out! - https://t.co/NRibn06zqk In this episode, @Rhynorater and @rez0__ talk about AI Hacking Assistants, CSPT and cache deception, and a bunch of tools like ch . at, Slice, Ebka, and more!
0
0
17
Just published my first blog post "Cache Deception + CSPT: Turning Non Impactful Findings into Account Takeover" You can read the full write-up here: https://t.co/pfLArv8zUu
zere.es
Recently, while auditing the main application of a private bug bounty program, I discovered a Client-Side Path Traversal (CSPT) and a Cache Deception vulnerability. Individually, these issues were...
26
130
540
π¨ 180+ vulnerabilities found. π 763 hackers. 38 countries. π 4 elite teams. Adobe brought serious energy to the 2024 #AmbassadorWorldCup, working side-by-side with ethical hackers to secure products like Firefly & Lightroom. We were proud to host β https://t.co/ngHSPmiotk
4
26
177
That's a wrap for H1-6102, it was a pleasure meeting all the new faces (@bsysop @monkehack etc). Thanks to @salesforce & @Hacker0x01 for an amazing event out it Sydney!
3
2
71
Los hackers espaΓ±oles que se han coronado como los mejores del mundo: "AquΓ tenemos mucho nivel" βοΈ @NachoMartin_
https://t.co/xE2Lp1696U
elindependiente.com
EspaΓ±a acaba de ganar por segunda vez consecutiva la Ambassadors World Cup, el mundial que enfrenta a los mejores hackers del mundo
0
6
27
We won the H1 Ambassadors World Cup again! πͺπΈ π§΅A thread about our journey during the finals, the experience in Dubai, and a quick trip to Oman β¬οΈ
14
16
256
Give it up for the four teams headed to the next round of the #AmbassadorWorldCup! π π The teams from Greece π¬π·, Egypt πͺπ¬, Spain πͺπΈ and The Netherlands π³π± dominated the Elite 8 round and will move on to go head-to-head as the final four. Who do you think will make it to the
5
22
148
What a way to finish the Elite Eight round! πͺ Each of these amazing teams' incredible work over the last 11 days is something to be extremely proud of. On behalf of the entire HackerOne team and our #AmbassadorWorldCup partners @ASWatsonGroup and @okx--- THANK YOU! π Stay
8
18
124
2024 was a great year for my #BugBounty journey! π Ranked Top 13 on @Hacker0x01 (critical/high & overall) and #2 in Spain π
Earned 3,500+ rep in past 90 days on HackerOne (5th globally) π Participated in Live Hacking Events in Miami, Singapore, GdaΕsk, Las Vegas & Edinburgh
22
3
258
We've got the results you've been waiting for! π The eight teams headed to the Elite Eight round of the #AmbassadorWorldCup are Greece π¬π·, Chile π¨π±, Egypt πͺπ¬, Poland π΅π±, Spain πͺπΈ, Vietnam 2 π»π³, Nepalπ³π΅, and Netherlands π³π±! The Elite Eight Round kicks off at the end of
3
19
122
AI vs AI: How XBOW found a path traversal vulnerability (CVE-2024-53844) in LabsAI's EDDI, an open source conversational AI middleware.
xbow.com
XBOW discovered a Path Traversal vulnerability in the open-source project, LabsAIβs EDDI.
0
7
44
