RT @ryanetornam: 🧑‍💻🔎From Logs to Insights: Bridging the Gap between AI and Security Operations ⭐️. Security teams often spend hours diggin….

RT @BugBountyDEFCON: To celebrate our badge launch, we're giving away FIVE free 6-month licenses to @pentesterlab. ✅ Comment BADGELIFE and….

RT @bytetimesession: Hackers, this Saturday is the day — mark your calendars!.

RT @bytetimesession: 📢 BYTE TIME SESSIONS: BINARY EXPLOITATION WEBINAR.🎯 Topic: Bending the Bytes of Software — Basics of Binary Exploitati….

To help others test the vulnerability in a controlled environment, I’ve included a setup script for Gogs: I hope it helps others better understand and validate this issue. (4/4).

I've documented the full process, including technical insights and a step-by-step breakdown, on my blog: The PoC exploit code is available here: (3/4).

After analyzing Gogs' source code and understanding how it handles environment variables and Git command execution, I developed a working proof-of-concept exploit. (2/4).

RCE in Gogs (CVE-2024-39930). CVE-2024-39930 is a Remote Code Execution vulnerability affecting the SSH server built into Gogs. While the Sonar's blog post explains the vulnerability well, no working exploit or guide to exploiting this vulnerability had been made public. (1/4).

RT @bytetimesession: Hello Byte Time Ninjas! @everyone . Remember our promise to host monthly knowledge-packed sessions? Well, it's that ti….

RT @bytetimesession: Yo, hacker crew! 🚀 Join our X Space as the hackmaster 🥷 @ens_nii drops 7 years of epic hacking & defending secrets.….

RT @Infosecpat: 🎉 GIVEAWAY ALERT! 🎉 From InfoSec Pat and a special thanks to ,. The Hack The Box Cyber Apocalypse CTF is live and in full….

RT @CVEnew: CVE-2024-57170 SOPlanning 1.53.00 is vulnerable to a directory traversal issue in /process/upload.php. The "fichier_to_delete"….

RT @CVEnew: CVE-2024-57169 A file upload bypass vulnerability exists in SOPlanning 1.53.00, specifically in /process/upload.php. This vulne….

We played in the Snyk Fetch The Flag CTF 2025, hosted by @_JohnHammond and @snyksec, and we put up an impressive fight! . Massive shoutout to my incredible teammates @markuche1337, @TroyLynx, and @QuophiZiv—y’all were skillful and unstoppable! . #Pwn #FetchTheFlag

Move in silence.

RT @brCTF: Through the night, our brilliant teams have been battling it out. We introduced a lock-picking challenge at midnight, and teams….

RT @lauriewired: What’s the difference between MOV and LEA in assembly?. These instructions are often read almost interchangeably, but both….

RT @brCTF: Don’t forget to create your account and set up your teams for the brCTF V2 at Each team needs 4 members,….

RT @brCTF: We’d love to have media partners like @tv3_ghana involved to help spread the word about the importance of cybersecurity in Ghan….

RT @brCTF: Exciting News! . Registration for brCTF V2 will be open tomorrow, September 25th, 2024! Get ready to create your accounts and fo….