I just got access to an attacker's daily diary. Here is what I learned 👇. 🕘 9:00 AM: Clock in. 🔎 9:12 AM: Google Dork says is still alive. 😎 9:30 AM: No rate limits, no auth. Just vibes. 🗃 10:00 AM: Dumped staging DB from

I hacked UberEats in 2017. Here is the story. #ubereats #hacking #uber #cybersecurity #bugbounty

"A medieval knight in full armor riding a motorcycle through a misty jungle trail.". Try Grok Imagine, free for a limited time.

It was amazing to present at @_kernelcon_ today. Thank you for the gift KernelCon team! #kernelcon #offensivesecurity #researchontheroad

💥 Q1 Update from the Field: Real-World Hacking with Orion 💥 . In Q1, we pointed Orion, our offensive Attack Surface Management platform, at a large enterprise to see what it could uncover. The results speak for themselves: .🔍 𝟵 𝘃𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 𝗿𝗲𝗽𝗼𝗿𝘁𝗲𝗱.

RT @uraniumhacker: We are doing #VibeSecurityForAI. If you are an AI startup (pre-seed or seed ) we will test your application for free. We….

Not yet a full multiplayer but doing some basic "Simon Says" style game with increasing difficulties. Will add leaderboard style system soon. Open to ideas to improve it further @levelsio

tj-actions compromise is a great reminder that pinning the action/dependency to a commit SHA instead of a version tag is safer and securer. We monitor repositories of some public organizations, and most of them are safe because they use a SHA like.

🚨 Continuous Monitoring Prevents Million-Dollar Breaches 🚨. In cybersecurity, threats evolve but so should our defenses. At Ophion Security, we continuously monitor Fortune 500 companies’ public assets not just domains and IPs, but also SaaS services, cloud assets, and web.

I reached level 11 in Taptastic! 🎮. Final speed: Super Fast.Tiles: 9. The pattern that defeated me: 🟩 🟨 🟨 🟨 🟦 🟦 🟦 🟨 🟦 🟩 🟩 🟨. Can you beat my score? #Taptastic #memorygame #challenge

🧵 Securing Your @DecagonAI Chat Bot 🧵. We've seen a growing number of organizations using s chat bot to enhance customer support with AI. A quick post on how to make sure you deploy it securely based on a recent issue we saw. 🚨 The issue?.If.

Announcing: Ask Us Anything Security - A free security advisory for startups . Security often gets pushed to the back burner at startups until something breaks or a big deal requires it. But what if you could get expert security guidance without the overhead? . At Ophion.

RT @OphionSecurity: Live chat histories contain treasure trove of data. From answers to security questions to credentials and more. We foun….

As we build Orion actively, we run it against real world targets with disclosure policy. We did the same for Microsoft. Checkout the demo page to see how we are monitoring more than 4,000 users and 160,000 repositories of Microsoft and other organizations.

RT @0xdabbad00: I looked at all the AWS OIDC integrations I could find to identify how they might be misconfigured and to understand the va….

🦊🌊 Proud to have contributed to a safer digital world in 2024! 23 vulnerabilities reported, including 9 critical findings. Special thanks to @Hacker0x01 for providing the platform to make this impact possible. Here's to more secure systems in 2025! 🔒 #BugBounty #CyberSecurity.

Ahhh yeah the classic top tier boxing move. the hug is back. #NetflixFight #TysonPaul.

With HackerOne's Scotland Live Hacking Event now slowly wrapping up, I am excited to have had the opportunity to participate this time. I focused primarily on hacking AWS while collaborating on it with @itscachemoney. Currently, we are ranked in the top 10 for AWS based on our

One of the best part of security research that I love is that it exposes you to learn about different technologies. Randomly, I have learned about different techs that I can reference and help tell organizations how to setup the product like I am an expert on it.