insane

check out this fantastic work by @Zettergren0x00

34 years since Linus first announced Linux today! Probably the greatest open source project of all time. What an achievement for mankind.

Just published my first blog post "Cache Deception + CSPT: Turning Non Impactful Findings into Account Takeover" You can read the full write-up here: https://t.co/pfLArv8zUu

special thanks to @sudhanshur705 for the most amazing collab

come check out some crazy bugs today at 4:30 PM Vegas Time in the @BugBountyDEFCON

Here’s the second half of our Friday lineup at @DEFCON – and it’s just as stacked. 🔥 @DaneSherrets, @Shlibness, @mgianarakis, Jordan Macey, @CryptoGangsta, @scriptingxss, @nytr0gen_, @erbbysam, and @BrunoModificato. See you there. 👀 #BugBounty

Last year I found a XSS bug in Google IDX here's a detail writeup about it. Hope you will enjoy it's kinda lengthy :p Shoutouts to @MtnBer for finding the original bug in Gitlab and @kl_sree @sivaneshashok for the required chains to complete the exploit. https://t.co/L3e5rCrUuy

I'm happy to release a script gadgets wiki inspired by the work of @slekies, @kkotowicz, and @sirdarckcat in their Black Hat USA 2017 talk! 🔥 The goal is to provide quick access to gadgets that help bypass HTML sanitizers and CSPs 👇 https://t.co/SgsSyxoEMR 1/4

Most edgy talk this year at #DEFCON33 📐

hi

🔥 A new (more difficult) era for mXSS will come soon! If nothing breaks, Chromium will start escaping "<" and ">" in attributes starting with M138. See https://t.co/lXfe86tpmd for details.

Today, we’re announcing the preview release of ty, an extremely fast type checker and language server for Python, written in Rust. In early testing, it's 10x, 50x, even 100x faster than existing type checkers. (We've seen >600x speed-ups over Mypy in some real-world projects.)

I just finally watched @emil_lerner talk. It's a really good talk on image processing - definitely worth 20 minutes of your time! https://t.co/7Qu4TPy3Sn

I made a tool to help test archive (zip/tar) extraction bugs (synk working directory into archive, add path traversals, links, permissions, etc):

Check out our speakers and get your tickets! https://t.co/BPFrNoym2Y #BSidesHBG #infosec #cybersecurity #BSides

We are 4 weeks out from BSides Harrisburg 2025! Be sure to buy your tickets before me sell out! 🗓️Friday April 25, 2025 🎟️ https://t.co/Lsid8QgsNq #infosec #cybersecurity #BSides #BSidesHBG #Harrisburg

I thought I had good reason to code up a vectorized binary search, which was kind of fun to do, but then I checked, and the standard torch.searchsorted() works well enough. For all the emphasis given in computer science curriculums and job interviews, actually implementing

📣We’re thrilled to welcome @nytr0gen_ to the Speaker lineup for BSides Harrisburg 2025! Robert will speak on “Exploiting CRLF Vulnerabilities for Account Takeovers: Lessons from Bug Bounty Programs” 🗓️Friday April 25, 2025 #BSidesHBG #infosec #cybersecurity #BSides

exciting