
sshell
@sshell_
Followers
10K
Following
39K
Media
893
Statuses
6K
ai + security research. ccdc red team. tummy ache survivor.
Virginia, USA
Joined June 2013
RT @samwcyo: When applying for a job at McDonald's, over 90% of franchises use "Olivia," an AI-powered chatbot. We (@iangcarroll and I) dis….
0
88
0
RT @jackhcable: Update: @cluely filed a DMCA takedown for my tweet about their system prompt, alleging that it contained "proprietary sourc….
0
282
0
And remember, even though they announce a “winner” every year, we all know @CCDCRedTeam is the real winner 😂. Huge shouts out to @1njection @alexlevinson @egyp7 @Hultoko and everyone else who I had the privilege of playing with this year!.
0
0
3
New blog post about all the fun I had red teaming at @NationalCCDC this year!.Covers some of the fun we had this year specifically relating to the web side of things, as well as some tips and resources for competitors & those interested in participating.
3
48
172
Used this trick go find a bug in a big AI app where I could read everyone’s private conversations!. TLDR: You can do greater/less-than queries against UUIDs because in Supabase they’re stored like 128-bit integers. Thanks to @rez0__ and @Rhynorater for the shoutout on the pod!.
4
21
143
RT @infosec_au: To kick off our Christmas and July research posts, we explain how we achieved persistent XSS on every Adobe Experience Mana….
0
38
0
RT @greglesnewich: Fun crossover blog about TA829 (RomCom) & TransferLoader with my ecrime pals it’s got everything:. 🛰️ Popped routers for….
0
21
0
RT @infosec_au: We’re celebrating Christmas in July this year, starting July 1st. We’ll release a security research post on Searchlight Cyb….
0
15
0
RT @infosec_au: How do we turn bad SSRF (blind) into good SSRF (full response)? The @assetnote Security Research team at @SLCyberSec used a….
0
179
0
RT @jackhcable: I reverse engineered @cluely – and their desktop source code exposes their entire system prompts and models used. What's i….
0
502
0
RT @binarygolf: BGGP6 will happen fall/winter 2025 instead of our usual summer event! Stay tuned for more details.
0
10
0
RT @birchb0y: excited bc today @HuntressLabs is releasing our analysis of a gnarly intrusion into a web3 company by the DPRK's BlueNoroff!!….
0
95
0
RT @spaceraccoonsec: To everyone who pre-ordered "From Day Zero to Zero Day" – thank you for your patience. The wait is almost over. We'r….
0
30
0
when i talk about o3-pro being impressive at thinking through security problems, this is the kind of answer i'm talking about. the answers i get from every other model (gemini pro 2.5 and normal o3 included) is essentially just different flavors of "response hashing and regex".
@vmfunc when asking "how to fingerprint web apps without version numbers" o3-pro said all of the normal stuff, but THEN also went down to checking for function similarity at the javascript bytecode level and a "train a simple TF‑IDF + cosine similarity classifier" to map bundle versions.
0
0
3