Alex_ @Alex_ctf_
🇫🇷 CTF Player for @idekCTF (Web/Forensic) | ECSC Team France 2023 | Bug Bounty Hunter Paris, France Joined June 2020-
Tweets88
-
Followers129
-
Following730
-
Likes2K
Just published my first blog post "Cache Deception + CSPT: Turning Non Impactful Findings into Account Takeover" You can read the full write-up here: zere.es/posts/cache-de…
Here’s the source code of our #AIxCC winning team @TeamAtlanta24, enjoy! github.com/Team-Atlanta/a… More things TBA
Firefox固有XSS vectorが集まってる bugzilla.mozilla.org/show_bug.cgi?i…
I'm happy to release a script gadgets wiki inspired by the work of @slekies, @kkotowicz, and @sirdarckcat in their Black Hat USA 2017 talk! 🔥 The goal is to provide quick access to gadgets that help bypass HTML sanitizers and CSPs 👇 gmsgadget.com 1/4
Just pushed a new frontend for my site, and a new post! This one's about an tricky file write vulnerability on Windows in OBS. By crafting an image with very specific pixels, we can plant a backdoor on your PC all from an attacker's site by misconfiguring: jorianwoltjer.com/blog/p/researc…
New blog post with @infosec_au: We found a vulnerability in Subaru where an attacker, with just a license plate, could retrieve the full location history, unlock, and start vehicles remotely. The issue was reported and patched. Full post here: samcurry.net/hacking-subaru
I'm thrilled to finally share my research on HTML parsing and DOMPurify at @grehack 2024 📜 The research article is available here: mizu.re/post/exploring… The slides are available here: slides.com/kevin-mizu/gre… 1/3
DOMLogger++ v1.0.6 is now out and available! It comes with some new features, but mostly fixes inconvenient bugs 🔥 More details can be found here 👇 github.com/kevin-mizu/dom… Btw, if you have issues trying the extension on labs, you should check this: github.com/kevin-mizu/dom…
ooh, this works on Chrome Canary :D <input type="hidden" oncontentvisibilityautostatechange="alert(/ChromeCanary/)" style="content-visibility:auto">
ooh, this works on Chrome Canary :D <input type="hidden" oncontentvisibilityautostatechange="alert(/ChromeCanary/)" style="content-visibility:auto">
🔥 XSS on any website with missing charset information? 😳 Attackers may leverage the ISO-2022-JP character encoding to inject arbitrary JavaScript code into a website. Read more in our latest blog post: sonarsource.com/blog/encoding-… #appsec #security #vulnerability
🚨💰 Google VRP Reward Update 💰🚨 Good news, we are significantly increasing the reward amounts offered by the Google VRP! Look out for up to 5x higher payouts and a maximum reward of $151,515! Details here: bughunters.google.com/blog/540051395…
Our security researcher @hash_kitten found one of the most critical exploit chains in the history of @assetnote. Affecting 40k+ instances of ServiceNow, we could execute arbitrary code, access all data without authentication. You can read our blog here: assetnote.io/resources/rese…
My latest blog about my discovery for Evernote Client All-platform RCE via PDF.js font-injection to preload.js exposed ipcRenderer-BrokerBridge-boron.actions bypassing Electron's nodeIntegration | context-isolation; Enjoy reading! 0reg.dev/blog/evernote-…
Iconv, set the charset to RCE (part 2): @cfreal_ exploits direct iconv() calls to hack the PHP engine, and its most popular webmail, @roundcube (CVE-2024-2961). ambionics.io/blog/iconv-cve…
Phishing with Progressive Web Apps: mrd0x.com/progressive-we… More fake URL bars :)
Thanks for everyone watching my keynote on WAF bypasses at Nahamcon. You can find my slides here: drive.google.com/file/d/1PwKdma…
XSS in PDF.js! I think this is going to cause some chaos both client-side and server-side... really nice finding by @CodeanIO codeanlabs.com/blog/research/…
Small Challenge Time 🚩 Rules 📜 - You should display an alert containing the flag cookie :) If you find the solution, please do not send it in the comments; send me a DM instead 📩 Challenge link and sources👇 - challenges.mizu.re:33333 - challenges.mizu.re/chall_03/sourc…
In September, I looked into mlflow, and found several critical vulnerabilities 😁 Most of these reports are now patched and publicly available here: huntr.com/users/kevin-mi… My favorite one involves a fully controlled file write via a custom rogue FTP 👇huntr.com/bounties/029a3…
Mohammad Rhidoy 🇧�... @0xRh1d0Y
315 Followers 200 Following Bug Bounty Hunter @Hacker0x01 @yeswehack @yogoshaofficial
tun0 @NQT8102
1 Followers 38 Following
Root0x1_ @Root0x1_
4 Followers 203 Following Cyber Security Enthusiast ,Bug Hunter, Pantester ,Red Team
Ayman Mo @MoMo1a9
3 Followers 299 Following
0x999 🇮🇱 @_0x999
1K Followers 275 Following "ɪ ᴛᴏᴏᴋ ᴛʜᴇ ʜᴇʟʟ ɪ ᴡᴀꜱ ɢᴏɪɴɢ ᴛʜʀᴏᴜɢʜ (666) ᴀɴᴅ ꜰʟɪᴘᴘᴇᴅ ɪᴛ ᴏᴠᴇʀ ɪɴᴛᴏ ꜱᴏᴍᴇᴛʜɪɴɢ ᴘᴏꜱɪᴛɪᴠᴇ (999)"💔
sebsrt @s3bsrt
134 Followers 475 Following I like to break stuff CTF player w/ @ARESxCTF @aboutblankets @malta_ctf
Kiya Wright @KiyaWright59546
1 Followers 99 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/XH9gBemlgI
pspaul @pspaul95
1K Followers 851 Following source code connoisseur @Sonar_Research | CTF @FluxFingers | @[email protected]
Julian @Roulian92
0 Followers 49 Following
x11250000 @x11250000
22 Followers 1K Following
voydstack @voydstack
2K Followers 929 Following 🥷 @Synacktiv | CTF with @RMUBYGG, @Hexagonctf, @ECSC_TeamFrance 20/21/22/23/24
0xblank @0xblank
52 Followers 1K Following
Jorge Rodriguez @ro61499133
30 Followers 273 Following
Klcium @klcium
18 Followers 538 Following OwO Pentester, Re enthousiast, Msfs24 fanboi. Love some good shitpost. Views are mine blah blah blah
Khoa Tran @ktranowl
0 Followers 58 Following
V3locidad @V3locidad_
28 Followers 111 Following CFT Player - Bugbounty - Hunter - Pentester #redteam #hacking #ethique #hunter
keypa @keylhan_p
12 Followers 228 Following
lbao @bao190505
9 Followers 472 Following
Jonathan Chayna @JonathanChayna1
7 Followers 106 Following
D1n0x0r @D1n0x0r
286 Followers 591 Following CTF Player @Bleubytes || Ex-Student @EsnaBretagne || Ex-Resp. logistique @EsnHack
filime @filime_sec
0 Followers 42 Following WEB2 CTF player | JeongHo Kim, KR | Stealien Security Researcher
0xA98 @Yur1n3s
3 Followers 65 Following I am passionate about cybersecurity, personally it is entertaining and very funny.
denisbordachkov__ @denisborda74416
0 Followers 70 Following
claddagh🇨🇵 🏴... @c14dd49h
338 Followers 867 Following Trust, but verify | Stop killing children in Palestine 🇵🇸
Freddie @freddie0x1
344 Followers 416 Following
Lukastaboga @lukastaboga
9 Followers 232 Following
Larouanne Tristan @Tr4LSecurity
104 Followers 205 Following Win/Linux, vim/vsc, IRC, git, Java/NodeJs
Agrorec @Agrorec1
20 Followers 282 Following
Icare @Icare1337
2K Followers 621 Following Pentester at Thales DIS | OSCP | Bug Bounty Hunter | Researcher | Ethical Hacker | Honoring my father, a hacker of the early days | ckj0756 | Icare
Shaym @0xShaym
28 Followers 495 Following I'm just passing by, Night Rabbit for a Pand team Infosec student at ENSIBS 💻
_WestSideWilly🌒 @_SWICH
35 Followers 119 Following ◉Front-End Web developer ◉Javascript Programmer ◉Guiness World Record Holder #El_the_Creator #Cybersecurity enthusiast.
C0N4N @MarieMyriam19
15 Followers 270 Following
Rachel Ko @rachelko
573 Followers 2K Following (Opinions are mine) Trail Runner & Sr Tech Recruiter at @MagnetForensics (Grayshift); https://t.co/K5OTKQXksN…
NOODLE @bragames2
438 Followers 840 Following I like to learn about Windows/Active Directory pentesting, Red Team stuff & Maldev enjoyer
Youstin @iustinBB
4K Followers 339 Following Bug Bounty https://t.co/zHVPVuGKCf https://t.co/yOdrIW1G71
Debangshu 🇮🇳�... @ThisIsDK999
7K Followers 998 Following Security Ninja/Thought Leader. @hacker0x01 Brand Ambassador. Top 200 | Hacker Advisory Board @bugcrowd. Captain @Str4awHats 🥷. Opinions are personal.
Joel Margolis (teknog... @0xteknogeek
16K Followers 1K Following AppSec by day, Hacker by night || Puzzle addict
Aethlios @AethliosIK
535 Followers 399 Following Lead developer | Bug hunter (approximately every 3 months) Need to switch https://t.co/nqVU1qsMX5
DEFCON GROUP Paris @dcgparis
2K Followers 10 Following A reboot of the DEFCON GROUP Paris group. Free bimonthly meetups. If you would like to give a talk, contact us here: [email protected]
Team Atlanta @TeamAtlanta24
675 Followers 26 Following 🔥AIxCC Winner Team | Georgia Tech, Samsung Research, KAIST, POSTECH | 🚀Building next-gen AI-driven bug finding & fixing systems | CRS Atlantis 🌊
Nagli @galnagli
39K Followers 482 Following Hacker; Head of Threat Exposure at @wiz_io 🧙♂️; Bug Bounty Hunter; Live Hacking Events Winner
Duty @duty_1g
381 Followers 116 Following Application Security Specialist | Red Teamer | Researcher at Synack Red Team | OSCP-OSEP-OSWE-ECPPT-CRTE/P/O | CTF Player @DeadSecCTF Capturing flags since 2011
Aituglo @aituglo
1K Followers 343 Following Aituglo | Cassim Hacker Bug Hunter at HackerOne and YesWeHack • https://t.co/fQ0ssG5V2G
spaceraccoon | Eugene... @spaceraccoonsec
25K Followers 302 Following Here to learn! Infosec@Open Government Products | White Hat && SecOps
Yassine Aboukir 🐐 @Yassineaboukir
31K Followers 372 Following HackerOne Top 50, Elite, Pentest Lead, Ambassador, MVH Title and (former) Hacker Advisory Board • Digital Nomad • (Un)pro Athlete
Assetnote @assetnote
10K Followers 0 Following Assetnote combines advanced reconnaissance and high-signal continuous security analysis to help enterprises gain insight and control of their evolving exposure.
NotebookLM @NotebookLM
73K Followers 15 Following Think smarter, not harder. Meet your brain's new best friend 📒
pilvar (Philippe Dour... @pilvar222
1K Followers 439 Following Co-founder & CEO @haicker_app | @EPFL Computer Science dropout | CTF player @polygl0ts and @0rganizers | ECSC Swiss National Hacking Team @TeamM0unt41n '22-'24
0x999 🇮🇱 @_0x999
1K Followers 275 Following "ɪ ᴛᴏᴏᴋ ᴛʜᴇ ʜᴇʟʟ ɪ ᴡᴀꜱ ɢᴏɪɴɢ ᴛʜʀᴏᴜɢʜ (666) ᴀɴᴅ ꜰʟɪᴘᴘᴇᴅ ɪᴛ ᴏᴠᴇʀ ɪɴᴛᴏ ꜱᴏᴍᴇᴛʜɪɴɢ ᴘᴏꜱɪᴛɪᴠᴇ (999)"💔
sebsrt @s3bsrt
134 Followers 475 Following I like to break stuff CTF player w/ @ARESxCTF @aboutblankets @malta_ctf
Thiebaut Elsa @thiebaut_elsa
386 Followers 278 Following En charge du recrutement chez @Synacktiv 🥷 Si vous souhaitez des informations, n'hésitez pas à me contacter (MP ou [email protected])
BlackWasp @BlWasp_
2K Followers 249 Following Pentester and Red Team technical leader at Advens | Microsoft MVP
Jeppe Weikop @__w4ke
59 Followers 100 Following
Rikesh Baniya @rikeshbaniya
5K Followers 437 Following i love graphql | 🇳🇵| blogs : https://t.co/B9UAv5l2cu
Matthieu Barjole @matthieubjl
97 Followers 102 Following
William Bowling @vakz... @wcbowling
6K Followers 413 Following Security Engineer at @zellic_io, a.k.a vakzz when doing bug bounties and CTFs with @pb_ctf - https://t.co/9bjECLAwXg
Hacktron AI @HacktronAI
2K Followers 6 Following Hacktron is an autonomous vulnerability hunter for ambitious engineering teams. Built by world-class security researchers. Powered by one principle: PoC || GTFO
Haicker @haicker_app
249 Followers 3 Following AI code auditors. Cheaper than pentests, smart enough to spot your bad habits. Get Haicker now on https://t.co/rPLvJrB2jP
pspaul @pspaul95
1K Followers 851 Following source code connoisseur @Sonar_Research | CTF @FluxFingers | @[email protected]
d3d aka dead (dead, �... @deadvolvo
5K Followers 182 Following Senior Security Researcher @akamai - Malicious Group - SRT - DoD researcher of the year 2022 - Top 10 web attacks 2023 - CRTO - MSRC Top 75 in Q1/Q2 2025
mokusou @Mokusou4
681 Followers 170 Following ✝️ | 🇯🇵 | bug bounty hunter |🗣 日本語, English, Français | So Sakaguchi
Jorian @J0R1AN
2K Followers 359 Following Normalize being weird. (also here: https://t.co/cr9Y0kDEBi)
slonser @slonser_
4K Followers 163 Following Co-Founder @neploxaudit. CTF team @C4TBuTS4D Security Researcher at Solidlab.
Omid Rezaei @omidxrz
6K Followers 710 Following
Lukas Weichselbaum @we1x
2K Followers 505 Following Leading @Google's web security team. Opinions are my own. Bluesky: @webappsec.dev
t0 @___t0___
230 Followers 181 Following
skull @brutecat
3K Followers 226 Following hacker, security researcher. i run a blog @ https://t.co/cBW6gzTpV2
quarkslab @quarkslab
12K Followers 9 Following Securing every bit of your data https://t.co/hqdd8jMkYM https://t.co/GOXPtukIXE
XBOW @Xbow
10K Followers 6 Following Bringing AI to offensive security by autonomously finding and exploiting web vulnerabilities. Watch XBOW hack things: https://t.co/D5Mco1u8zM
crazyman @crazyman823886
1K Followers 1K Following CTFer / APT hunter / RedTeam / BlueTeam the member of @r3kapig the leader of @ShadowChasing1 CVE:CVE-2022-30190 pre account @CrazymanArmy
Soroush Dalili @irsdl
20K Followers 909 Following Hacker (ethical), web appsec specialist, trainer, tools builder & apps breaker, @SecProjectLtd founder 🕸️https://t.co/YipuTcYnWc🥷 🍏A dad-joke maker🍐
SinSinology @SinSinology
13K Followers 674 Following Pwn2Own 20{22,23,24,24.5,25,25.5}, i look for 0-Days but i find N-Days & i chase oranges 🍊
V3locidad @V3locidad_
28 Followers 111 Following CFT Player - Bugbounty - Hunter - Pentester #redteam #hacking #ethique #hunter
Rick de Jager @rdjgr
1K Followers 606 Following CyberSecurity student at @TUeindhoven - CTF with Superflat / @0rganizers / ICC team Europe 22/23/24/25Trends for United States
You might like
