@[email protected] @SecurityMB
Improving the world’s security at Google. Opinions are mine. bentkowski.info Zurich, Switzerland Joined September 2014-
Tweets1K
-
Followers11K
-
Following284
-
Likes921
I'm happy to release a script gadgets wiki inspired by the work of @slekies, @kkotowicz, and @sirdarckcat in their Black Hat USA 2017 talk! 🔥 The goal is to provide quick access to gadgets that help bypass HTML sanitizers and CSPs 👇 gmsgadget.com 1/4
11
167
437
33K
284
Download Image
@[email protected] retweeted
It started! pV!
Google CTF is on! Here's a challenge that I created: capturetheflag.withgoogle.com/challenges/web…. Good luck 😀
Here's my blog post about escaping `<>` in attributes and why it makes mXSS harder to exploit!
Here's my blog post about escaping `<>` in attributes and why it makes mXSS harder to exploit!
🔥 A new (more difficult) era for mXSS will come soon! If nothing breaks, Chromium will start escaping "<" and ">" in attributes starting with M138. See chromestatus.com/feature/626498… for details.
Celebrating 15 years of password hacking 💻 🔑, Swiss Army knives (and sometimes even chainsaws or swords) included! 😲 Discover how Google's security teams turn employee farewells into security tests. bughunters.google.com/blog/635526578…
@[email protected] retweeted
Pewien inżynier bezpieczeństwa musi zadbać o bezpieczeństwo dosłownie tysięcy aplikacji. 💥 Jak to osiągnąć? Michał Bentkowski pokaże kilka rozwiązań, które pozwolą upewnić się, że każda nowonapisana aplikacja zachowuje wysoki poziom bezpieczeństwa. 🎟 omhconf.pl
Reading about new mXSS techniques always warms my heart. Amazing writeup @kevin_mizu and great bugs!
Reading about new mXSS techniques always warms my heart. Amazing writeup @kevin_mizu and great bugs!
Do you want to learn more about the various Vulnerability Reward Programs offered by Google? Or you're looking for inspiration? Check the video below in which @kkotowicz and @SecurityMB talk about Google VRPs! youtube.com/watch?v=R2qMd4…
@[email protected] retweeted
It's always nice to talk with Mr @SecurityMB 🔥
Check out the video in which I’m talking with @kkotowicz about Google VRPs. Learn how you can start hacking Google! Let me know if there’s something you’d like us to cover in future videos 😀 youtu.be/R2qMd4PZbko?si…
Very nice presentation about web security at a scale by @SecurityMB. Finally, web security is solved for good.
[PL] Zapraszam na MSHP do Krakowa! Sam też będę miał tam prezentację 😀
[PL] Zapraszam na MSHP do Krakowa! Sam też będę miał tam prezentację 😀
Google VRP significantly increases reward amounts! Just go and hack 😀
Google VRP significantly increases reward amounts! Just go and hack 😀
🚫 DOM XSS, begone! 👋 Discover how we used Trusted Types to protect AppSheet, and how that can inform your own web application's journey to a safer security posture where DOM XSS vulnerabilities are a thing of the past. bughunters.google.com/blog/603789066…
@[email protected] retweeted
I didn't manage to solve postviewer v1 in 2022, really close to solve v2 in 2023, but this year finally solve v3 💯 It's my writeup to the GoogleCTF 2024, almost all web challenges are client-side, so I really like it lol blog.huli.tw/2024/06/28/en/…
Congratulations for the five teams that solved in-the-shadows! The challenge is open-sourced now including a short writeup and a solver: github.com/google/google-…
Congratulations for the five teams that solved in-the-shadows! The challenge is open-sourced now including a short writeup and a solver: github.com/google/google-…
Google CTF is on! I'm especially curious how many teams will be able to solve the challenge "in the shadows" 😉
Google CTF is on! I'm especially curious how many teams will be able to solve the challenge "in the shadows" 😉
Czy można zgłaszać propozycje odcinków @RadioNaukowe? Jeśli tak, to świetnie byłoby posłuchać o ostatnich zmianach w języku polskim, rjp.pan.pl 😀
Here is a 72-byte alphanum MD5 collision with 1-byte difference for fun: md5("TEXTCOLLBYfGiJUETHQ4hAcKSMd5zYpgqf1YRDhkmxHkhPWptrkoyz28wnI9V0aHeAuaKnak") = md5("TEXTCOLLBYfGiJUETHQ4hEcKSMd5zYpgqf1YRDhkmxHkhPWptrkoyz28wnI9V0aHeAuaKnak")
Sam Curry @samwcyo
97K Followers 1K Following Hacker, bug bounty hunter. Run a blog to better explain web application security.
Ben Sadeghipour @NahamSec
233K Followers 1K Following Cofounder @hackinghub_io | Advisor @CaidoIO. I hack companies and make content about it. #NahamCon organizer. ex @hacker0x01🇮🇷
Gareth Heyes \u2028 @garethheyes
37K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5
LiveOverflow 🔴 @LiveOverflow
155K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio
shubs @infosec_au
56K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnote
Informatyk Zakładowy @InfZakladowy
32K Followers 295 Following Sprawdź szkolenie ze scrapowania edycja 2025! https://t.co/wVtJ9T7CIu
Bug Bounty Reports Ex... @gregxsunday
52K Followers 616 Following Grzegorz Niedziela - a hacker who documents his hacking journey by creating and curating the best content about bug bounty and offensive security.
Kacper Szurek @KacperSzurek
16K Followers 415 Following Opowiadam o bezpieczeństwie w prosty i zrozumiały sposób. https://t.co/G7JVu4ctCU
James Kettle @albinowax
79K Followers 92 Following Director of Research at PortSwigger aka Burp Suite. Find my research, tools & contact details at https://t.co/vP6UbGmvl3
Tuan Anh Nguyen⚡️... @haxor31337
15K Followers 2K Following 29 y/o Bug Bounty Hunter and Red Teamer at Viettel Cyber Security. Brand Ambassador @Hacker0x01 - Researcher Spotlight @Bugcrowd
Frans Rosén @fransrosen
43K Followers 897 Following Co-founder of @centrahq/@detectify/@poweredbyingrid. I do not advertise doing hacking services, do not trust the ones telling you I do.
Md Ismail Šojal �... @0x0SojalSec
30K Followers 5K Following Cyber_Security_Re-searcher || 0SINT || Malware Analysis II Pwn || Ai Re-searcher || Project @AIStrikeSec || 0ld Accounts Suspended @0xSojalSec ||
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
Nicolas Grégoire @Agarri_FR
27K Followers 630 Following Web hacker and Burp Suite Pro trainer Refer to https://t.co/D5tRH7U2hg for trainings Follow @MasteringBurp for free tips and tricks
Azrieeeeel_ @Moch_Azril14
17 Followers 383 Following
r04dk1ll @r04dk1ll1
27 Followers 1K Following
Sambam4mba @he31707900
8 Followers 917 Following Bor3d hacker of iot devices, security researcher? Security Breacher!
DeepVoid @DeepVoid_0
8 Followers 339 Following
Eric Tchirnhausen @tchirnhaus20039
24 Followers 5K Following Like to try new things you never know; trying to prove all software can be automated 😅 😅 😅 | ML/AI, | C++/Java/Go | GitHub : Dyl777
turb0 @7urb01
270 Followers 110 Following CTBB Full-Time Hunters' Guild Member | JavaScript Exterminator | Part-Time UID 0 |Not afraid to PTRACE_SEIZE | Bits, bytes, and bad ideas https://t.co/0iE5bU44up
moash0x11 @moash0x11
44 Followers 792 Following
super @to_the_distance
0 Followers 12 Following
xhkdddrv @OF3tr2Wg1lGL8k0
2 Followers 268 Following
HSLancelot @henriquehoffma5
231 Followers 803 Following
Meni Tasa @MeniTasa
18 Followers 84 Following CyberOps Leader | 🛡️ CISO | ☁️ CloudSec | 🌐 NetSec (CCNP) | 🔍 Web Pentester | ✍️ Writer
آدَم الفَقِ... @elfaqii
0 Followers 97 Following فأقم وجهك للدين القيم من قبل ان ياتي يوم لا مرد له من الله ▼ 🇵🇸
HKR PI @HKRPI1
5 Followers 1K Following
ice_bre4d @ice95405
0 Followers 52 Following
CtmR1x @FerkanSec
0 Followers 114 Following Ethical Hacker | Security Researcher | AI Strategist Developer of AI Security Tools | Penetration Tester | Bug Bounty Hunter 📩 [email protected]
jjmina @jjmina22125
1 Followers 70 Following
Abolfazl @Abolfazlda2pac
476 Followers 2K Following
Yodahe Eshetu @yodahe_eshetu
14 Followers 143 Following
Shubham Sharma @jsbucket
2 Followers 90 Following I will be the best full stack developer and hacker
Editor4-Affair7 @EAffair752680
0 Followers 12 Following
07x_v3177.exe @VedGawde
82 Followers 2K Following Trust in His plan | God's love makes even the hardest journeys worthwhile | His love is the compass guiding your life's purpose |
Rayan Swaid @Rayanswaaid
333 Followers 3K Following Between silence and sound, I shape my voice. Cybersecurity, jazz, and the art of curiosity.
Eden @Ed3nxn
5 Followers 84 Following
seaking @seakingvalhalla
184 Followers 1K Following Fuel truck driver for Nelson Reisner. Hobbies include hacking, hunting, fishing. Patriot USA! Christian, Catholic.
Kaoojfo @Kaoojfo98203
27 Followers 948 Following
Paredes 成功 🇨�... @el73405
0 Followers 6K Following "Si te fijas metas demasiado altas y fracasas, fracasarás por encima del éxito de todos los demás."
Paul Samuels @PaulSamuel84079
0 Followers 64 Following
Tymoteusz Jóźwiak @t_jozwiak
18 Followers 27 Following Blogger, #GDPR & #cybersecurity enthusiast @[email protected]
apac-publisher @ApacPublisher
162 Followers 2K Following Asia Pacific Academy of Science Pte. Ltd. provides an important bridge for communication and sharing for academic groups around the world.
Muhammad Waseem @wgujjer11
4K Followers 872 Following Cybersecurity Analyst | Ethical Hacker | Secure @nasa | #CyberSecurity #
Dani Lopez @armaiaan11
4 Followers 503 Following
Sam Curry @samwcyo
97K Followers 1K Following Hacker, bug bounty hunter. Run a blog to better explain web application security.
Ben Sadeghipour @NahamSec
233K Followers 1K Following Cofounder @hackinghub_io | Advisor @CaidoIO. I hack companies and make content about it. #NahamCon organizer. ex @hacker0x01🇮🇷
Gareth Heyes \u2028 @garethheyes
37K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5
LiveOverflow 🔴 @LiveOverflow
155K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio
Julien | MrTuxracer �... @MrTuxracer
37K Followers 443 Following Freelancer | #BugBounty | @Hacker0x01 H1-Elite | $1,500,000 Overall Bounties | ❤️ Reversing | Mobile Hacker | https://t.co/pcWduPOt0n
PortSwigger Research @PortSwiggerRes
111K Followers 7 Following Web security research from the team at @PortSwigger
ZaufanaTrzeciaStrona ... @Zaufana3Strona
44K Followers 279 Following Wszystko co chcesz wiedzieć o hasłach: https://t.co/bn2iYZxaPh
Kacper Szurek @KacperSzurek
16K Followers 415 Following Opowiadam o bezpieczeństwie w prosty i zrozumiały sposób. https://t.co/G7JVu4ctCU
James Kettle @albinowax
79K Followers 92 Following Director of Research at PortSwigger aka Burp Suite. Find my research, tools & contact details at https://t.co/vP6UbGmvl3
Frans Rosén @fransrosen
43K Followers 897 Following Co-founder of @centrahq/@detectify/@poweredbyingrid. I do not advertise doing hacking services, do not trust the ones telling you I do.
XSS Payloads @XssPayloads
52K Followers 0 Following
Nicolas Grégoire @Agarri_FR
27K Followers 630 Following Web hacker and Burp Suite Pro trainer Refer to https://t.co/D5tRH7U2hg for trainings Follow @MasteringBurp for free tips and tricks
lcamtuf @lcamtuf
38K Followers 498 Following Substack: https://t.co/yFvmNisGW3 Homepage: https://t.co/iFAXZxCO5H
publiclyDisclosed @disclosedh1
65K Followers 2 Following This is an unofficial HackerOne public disclosure watcher who keeps you up to date about the recently disclosed bugs. By @NOBBD
Web Security Academy @WebSecAcademy
130K Followers 36 Following Free web security training from @PortSwigger
ᴀᴅᴀᴍ ʟᴀɴ�... @AdamLangePL
4K Followers 583 Following Breaking things professionally | Researcher | Speaker | Lecturer | Podcaster | #ProudToBeDefender | Opinions are my own.
Chromium Disclosed Se... @BugsChromium
8K Followers 0 Following Tweets publicly disclosed bugs in Chromium. Not an official Google product. Run by @SecurityMB. Mastodon: @[email protected]
scryh @scryh_
2K Followers 245 Following Cloud Vulnerability Research at Google. Opinions are my own.
bkardell 🐦 @briankardell
3K Followers 2K Following Brian, you know, from the Internet. Dev Advocate at Igalia | Co-author Extensible Web Manifesto | Standards Dude (Igalia AC/OpenJS) https://t.co/XXE6f9UrQR | he/him
Johan Carlsson @joaxcar
6K Followers 181 Following Father and full time bug hunter 🐞 currently on https://t.co/CMDtCLppy8
Radio Naukowe @RadioNaukowe
5K Followers 32 Following Podcast popularnonaukowy tworzony przez @KaroGlowacka. Zobacz nasze odcinki i wydawnictwo: https://t.co/c1hzllgbrn https://t.co/impUbEZhvN
Kévin GERVOT (Mizu) @kevin_mizu
6K Followers 754 Following Researcher for @ctbbpodcast lab 🐛 | DOMLogger++ developer 👨🏻💻 | CTF with @FlatNetworkOrg, @rhackgondins 🦦 | @ECSC_TeamFrance 2023 🇫🇷
Luke (🦋 @lukewarlo... @luke_warlow
732 Followers 1 Following
Soheil @Soheil__K
343 Followers 407 Following Security Researcher @CrowdStrike, Web, Program Analysis | Past: CISPA @IMDEA_Software.
Marco Squarcina @blueminimal
2K Followers 767 Following Senior Scientist @tu_wien / Web security / CTF w @mhackeroni @We_0wn_Y0u @kukhofhackerei @TeamAustriaECSC / #drumandbass DJ / @[email protected]
VIE @vie_pls
2K Followers 234 Following Security Engineer @ Google • @mmm_ctf_team and @maplebaconctf • UBC alum
PLinSwitzerland @PLinSwitzerland
4K Followers 519 Following Ambasada RP w Bernie 🇵🇱 Botschaft vo Pole z Bärn 🇨🇭 Ambassade de Pologne à Berne 🇱🇮 Ambasciata di Polonia a Berna 💯 L'ambassada da la Pologna a Berna
Simona Cotin 🇺🇦 @simona_cotin
18K Followers 3K Following engineering manager @angular. she/her @[email protected]
akrasuski1 @akrasuski1
137 Followers 20 Following
Mikhail Shcherbakov @yu5k3
976 Followers 646 Following Doing security research. For fun and profit...
Jordy Zomer @pwningsystems
3K Followers 258 Following Security Engineer @ Google, likes fuzzing, static analysis and VR. The opinions stated here are my own, not those of my company.
Attack and Defense @attackndefense
1K Followers 8 Following @[email protected] - Mozilla's Security Internals for Security Engineers, Security Researchers, and Bug Bounty Hunters.
Bluesky @bluesky
433K Followers 1 Following 🌐💬💙 From platforms to protocols. Bugs, feature requests, feedback: [email protected]
Matteo Rizzo @_MatteoRizzo
3K Followers 589 Following Security engineer, CTF player for @0rganizers. Mastodon: @[email protected]
Y2K38 countdown ⏱�... @countdownY2K38
1K Followers 127 Following a little bot that tweets the countdown to the 32-bit timestamp overflow aka the #Y2K38 problem
Swissky @pentest_swissky
20K Followers 2K Following RedTeam | Pentest Author of PayloadsAllTheThings & SSRFmap https://t.co/w1ZLRqoafG
Ryan Grove @yaypie
4K Followers 368 Following Mastodon: @[email protected] — https://t.co/24OerhhLyd
Naugtur 💔🇺🇦 @naugtur
1K Followers 369 Following Working on supply chain security for JS. meet.js Poland organizer. Node.js user since v0.8. Addicted to teaching. Fediverse with me @[email protected]
Adam 'pi3' Zabrocki @Adam_pi3
3K Followers 334 Following Director of Offensive Security @NVIDIA, architecting @RISC_V, @LKRG_org Founder, @BlackHatEvents & @Defcon Speaker, #Phrack author, @PwnieAwards nominee
Disconnect3d @disconnect3d_pl
3K Followers 690 Following Security Engineer at @trailofbits. Pwndbg maintainer, justCatTheFish CTF team captain. Opinions are my own =)
Andy Nguyen @theflow0
61K Followers 446 Following The opinions stated here are my own, not those of my company.
Heather Adkins - Ꜻ ... @argvee
14K Followers 1K Following VP Security @Google, Co-Author "Building Secure and Reliable Systems" @r00t0wns, Medieval Historian
Claudio Criscione @paradoxengine
3K Followers 375 Following Security Robot Overlord @ Google. Vulnerability Management @paradoxengine.criscio.net @[email protected]
Tim Nguyen @methodtim
4K Followers 826 Following Director, Detection & Response @Google. Opinions mostly stolen from people smarter than me. #BlackLivesMatter
Una 🇺🇦 @Una
88K Followers 1K Following Making the web more stylish ✨🎨 Web UI DevRel Lead @GoogleChrome 🦄 @csswg + @openuicg. #CSSPodcast host 🎬 https://t.co/J9Y8U6B1eH on the other app
Tailscale @Tailscale
25K Followers 169 Following Simple, secure networks for teams of any scale. Built on WireGuard.
huli @aszx87410
5K Followers 420 Following Taiwan / Front-end Engineer <=> Security Researcher. Interested in web. CTF player at @Water_Paddler
Thomas H. Ptacek @tqbf
33K Followers 611 Following Don't look at me sideways. Don't even look me straight on. bsky:@sockpuppet.org
Piotr Bazydło @chudyPB
4K Followers 307 Following Principal Vulnerability Researcher at watchTowr | Previously: Zero Day Initiative | @[email protected]
Crypto Bros Taking Ls @CoinersTakingLs
404K Followers 51 Following Documenting The Other Side Of Crypto | DM for Submission. 💬 | ran by @sociablebarely
Mason Freed @Mfreed777
199 Followers 182 Following Blink rendering team. I don’t tweet much. @[email protected]
Maciej Pulikowski �... @pulik_io
3K Followers 344 Following 🧙 Software Engineer | 👾 Security Researcher | 🏆 8 x Google Hall of Fame | Working on: ♟️ https://t.co/5VBC921Hon 🦜 https://t.co/SLmRlO5OyX
harisec @har1sec
8K Followers 3K Following Interested in web security, bug bounties, machine learning and investing. SolidGoldMagikarp. Orson Kovacs.
Jon Bottarini @jon_bottarini
13K Followers 749 Following Product Manager @ Google. I post about bug bounties, infosec, and everything in between. This is a personal account. Formerly: @Hacker0x01
Michal Melewski @carste1n
3K Followers 343 Following Security Engineer @ Cloudflare, ex-Google ISE, I use bad software and bad machines for the wrong things. My writing: https://t.co/Z7uucr5BYW
Andreas Kling @awesomekling
52K Followers 1K Following building @ladybirdbrowser. recovering addict. husband of @katalinkult. uncle. gymnasium brother.
Alesandro Ortiz 🇵�... @AlesandroOrtizR
2K Followers 3K Following Software Engineer. Security Researcher. Puerto Rican 🇵🇷. New Yorker. Bilingual. LG(B)TQ 🏳️🌈. He/him. (Header: @econrivera) @[email protected]
Felix Gröbert @fel1x
4K Followers 623 Following Principal Engineer, Product Security Engineering at Google Cloud. Opinions own. Tweets deleted periodically.
Jorge @jorge_ctf
2K Followers 464 Following offline - ex @github @water_paddler @ripp3rsctf | OSWE | DC30 CTF finalistTrends for United States
121 B posts
58,4 B posts
45,5 B posts
25,5 B posts
15,2 B posts
23,6 B posts
2.806 posts
31,6 B posts
2.547 posts
125 B posts
10,2 B posts
6.996 posts
1.167 posts
2.182 posts
17,8 B posts
3.106 posts
32,5 B posts
3.480 posts
4.825 posts
You might like
publiclyDisclosed
@disclosedh1
65K Followers
Gareth Heyes \u2028
@garethheyes
37K Followers
James Kettle
@albinowax
79K Followers
Brett Buerhaus
@bbuerhaus
27K Followers
Nicolas Grégoire
@Agarri_FR
27K Followers
terjanq
@terjanq
10K Followers
Orange Tsai 🍊
@orange_8361
60K Followers
Tanner
@itscachemoney
7K Followers
Geekboy
@emgeekboy
25K Followers
Julien | MrTuxracer �...
@MrTuxracer
37K Followers
André Baptista
@0xacb
17K Followers
Patrik Fehrenbach
@ITSecurityguard
31K Followers
Yassine Aboukir 🐐
@Yassineaboukir
31K Followers
Soroush Dalili
@irsdl
20K Followers
Uranium238
@uraniumhacker
12K Followers