Excited to share I've been awarded a $$$$ bounty 💰 on @Hacker0x01 for critical vulnerabilities, now ranked as #1 🥇 Top Hacker in the program! 😄 💡Tip: Dive into JS files, automation isn't all. Extract URLs 🌐, fuzz for hidden parameters 🔎 #BugBounty #BugBountyTips #InfoSec

I admitted my son to a hospital today. I have a ₹1.2 crore Acko Platinum Health Plan the one with no room rent limit. @ACKOIndia @duavarun Guess what? The hospital flat out denied me a suite room. 👇🏻

Recently ran an experiment and found out how alarmingly easy it was to compromise users via npm lifeycycle hooks. Read about it here - https://t.co/4dwAWtjiAA #supplychain #security #opensource #npm #hacking

I seriously need to fix my seo

I recently upgraded my homelab from a single-node cluster to a multi node k3s cluster. Check out the blog: https://t.co/0vnXoYRaKv #kubernetes #cilium #gitops #cloud #k3s

Block ads & trackers on Android 11+ natively using Private DNS. I've been experimenting with public DNS providers which block annoying ads & trackers and I think the best one is https://t.co/9IglZAFM7v . Haven't seen any app crashes for a while. LMK if you know a better one.

I've been having a blast solving the Wiz Ultimate Cloud Security Championship challenges! I haven’t touched CTFs in quite a while, but jumping back in has been such a breath of fresh air. Thank you @wiz_io for the cool challenges! https://t.co/soj5ZtsQU7

Reading chromium bug reports gives me peace. I don't know why and I don't know how.

Today, Linus Torvalds told a Google engineer that his code (updating RISC-V support in the Linux kernel) is “garbage” which “makes the world actively a worse place to live”. Adding that the Google engineer’s code needs to “get bent”. As you might have guessed, Torvalds has

All the blogs I want to read are finally organized on my reader. Glad I stumbled upon https://t.co/laQgymY51f. This is a neat solution to not give out your email to newsletters. Plus I no more have to scroll through my email to look for any latest tech news I missed out on.

I enjoy debugging problems and decided to document them —

You can also copy as markdown! How perfect🥹

TIL Google Docs has a feature to paste as markdown and have it rendered automatically. One of the best features so far.

Spent two full days troubleshooting with ChatGPT but didn’t get anywhere. Took half a day to dig into the docs and troubleshoot it myself—just like the old days—and I’m happy to say my Pi-hole DNS on k8s is finally reachable on my Tailnet 😄

Ok Mullvad VPN is the example of security *by design*: The company does not store any form of data (no IPs, no logs.) They don’t even offer recurring subscriptions (!!) because doing so would force them to store data that can identify people. No affiliation: just awesome

|￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣| | Don't Push To Production On Friday | |＿＿＿＿＿＿＿＿＿＿＿＿＿＿＿＿＿| \ (•◡•) / \ / —— | | |_ |_

@thebinarybot Bypasses for the following WAFs: Amazon Web Services WAF Cisco Secure WAF Cloudflare Web Application Firewall Citrix Netscaler F5 BIG-IP Advanced WAF Fortinet's Fortiweb WAF Akamai Web Application Firewall Sophos Firewall Broadcom Radware https://t.co/DVzulEOorZ

When bug bounty hunting, assume you are blocked by a WAF. What are the common ways you can evade WAF and continue hunting? Curious to know? Checkout this thread 👇🧵

These resources are all you need to become at least an intermediate level Smart Contract Security Researcher🧐 When I started learning I wasn't lucky enough to have these resources. But now you have it and should take advantage. Let's take a look at them👇🏼

Get Ready with Your AWS Accounts because @Zero0x00 @abhicarmel and me will be delivering training @seasides_conf on 21 September. "Fundamentals of attacking and defending AWS" Attached is a clip of what you can expect at our training. https://t.co/3fKTarlm4M #cloudsecurity

We found two 0-day vulnerabilities in @Ubuntu kernel and it all started by reading descriptions of old CVEs 📖 Thread about the discovery of #GameOverlay 🧵👇🏼