Medusa @_medusa_1_
Joined May 2013-
Tweets37
-
Followers426
-
Following394
-
Likes341
Super glad to have collaborated on @albinowax’s research this year with @bsysop and @_medusa_1_. Funny enough, it all started with a random Slack DM that revealed a potential research collision with James, and things took off from there.
Super glad to have collaborated on @albinowax’s research this year with @bsysop and @_medusa_1_. Funny enough, it all started with a random Slack DM that revealed a potential research collision with James, and things took off from there.
I'm thrilled to announce "HTTP/1 Must Die! The Desync Endgame" is coming to #DEFCON33! This talk will feature multiple new classes of desync attack, mass exploitation spanning multiple CDNs, and over $200k in bug bounties. See you there!
I've recently put more work into my ffuf fork, uff, and I think every ffuf user should at least give it a try - and maybe even switch to it. Here's why, in a #bugbounty 🧵
I’m excited to introduce Namespace Confusion, a novel attack discovered during Gareth's and mySAML Roulette: The Hacker Always Wins research. We uncovered a brutal attack on XML signature validation that destroys authentication in Ruby-SAML!
I’m excited to introduce Namespace Confusion, a novel attack discovered during Gareth's and mySAML Roulette: The Hacker Always Wins research. We uncovered a brutal attack on XML signature validation that destroys authentication in Ruby-SAML! https://t.co/AJyEfzGGF8
Super happy to see our research ranking #3 in @PortSwigger Top Web Hacking Techniques of 2024! 🚀 This one was a wild ride! Huge thanks to @_medusa_1_ & @sw33tLie for the amazing teamwork and to @Bugcrowd, who supported us! ❤️ What next? Keep tuned 👀🥷🏻 #BugBounty #Hacking
Super happy to see our research ranking #3 in @PortSwigger Top Web Hacking Techniques of 2024! 🚀 This one was a wild ride! Huge thanks to @_medusa_1_ & @sw33tLie for the amazing teamwork and to @Bugcrowd, who supported us! ❤️ What next? Keep tuned 👀🥷🏻 #BugBounty #Hacking
Huge news! Our research just ranked #3 in @PortSwigger’s Top Web Hacking Techniques of the Year! 🎉 Biggest lesson: ever assume something isn’t exploitable—test it. Smuggling attacks are far from dead! Massive thanks to my research partners @bsysop & @_medusa_1_ 🙌 #bugbounty
Huge news! Our research just ranked #3 in @PortSwigger’s Top Web Hacking Techniques of the Year! 🎉 Biggest lesson: ever assume something isn’t exploitable—test it. Smuggling attacks are far from dead! Massive thanks to my research partners @bsysop & @_medusa_1_ 🙌 #bugbounty https://t.co/gpe3f1B8Po
🏆 Top 10 Web Hacking Techniques of 2024 nominations are live, and this time, we’re participating! Our technique is "TE.0 HTTP Request Smuggling" affecting thousands of servers. Vote in portswigger.net/polls/top-10-w… Questions? CC: @_medusa_1_ @sw33tLie #BugBounty #InfoSec
How novel HTTP request smuggling techniques led to an in-depth investigation and a substantial payout... 🤯 After extensive research and failed attempts, @sw33tLie, @bsysop, and @medusa_1 uncovered a new HTTP Request Smuggling vulnerability 🧩: bgcd.co/3zNVPlB
🐝 Hive Five 181 - What the Dying Teach the Living --- 🔍 Innovative recon tool alert: Lemma, a Python-based AWS Lambda package for executing command-line tools in a scalable, remote environment. @defparam 🕵️ Unveiling TE.0 HTTP Request Smuggling: A critical vulnerability…
It’s been a while since last publication on the hop-by-hop vulnerability affecting Akamai. Special thanks to @bsysop, @sw33tLie, the Google team, and @Bugcrowd for their invaluable support. bugcrowd.com/blog/unveiling…
Servers with top-notch security measures like authentication, authorization, and ZeroTrust can still fall prey to HTTP Smuggling 🏴☠️. Proud to work with @_medusa_1_ and @sw33tLie on this discovery. Genius guys! 🚀🧠 bugcrowd.com/blog/unveiling… #BugBounty @Bugcrowd
BIG round of applause for this BIG find! 👏🐛📈
BIG round of applause for this BIG find! 👏🐛📈
This is one of the most widespread and impactful bugs I've ever found in my career. Great collab with @bsysop and @_medusa_1_ Smugglings are still out there—stay vigilant! #bugbounty @Bugcrowd bugcrowd.com/blog/unveiling…
portswigger.net/daily-swig/res… Hey @_medusa_1_ , the situation is getting out of hand! 😅 @PortSwigger
I just published a post on Medium about the most relevant vulnerability I have found in my life so far. "Worldwide Server-side Cache Poisoning on All Akamai Edge Nodes ($50K+ Bounty Earned)": medium.com/@jacopotediosi…
blog.hacktivesecurity.com/index.php/2022… TL;DR: Overall bounty of USD 46,000! 😱🥳 First post by @_medusa_1_ showing the outcomes of his most recent #bugbounty activity which led to the detection of an HTTP Request #Smuggling #vulnerability on several big Corp. #cybersecurity #bugbountytips
really it's not fun for me, some @Hacker0x01 trigger team don't care about reports without understand the report quickly close it as N/A or dups, i had 4 reports it was closed as dups and i talked with them to closer look at these reports and they was mistake it was not dups.
Christopher Morales @D4sh010101
73 Followers 2K Following
Ashbi @ashbi_sec
84 Followers 687 Following
Ujjwal Kumar @mehtasec
1 Followers 104 Following
Anibal @anibalvera
215 Followers 1K Following Evangelista de la seguridad informática, promotor de conocimiento y software libre, Conferencista , Computer Science UCV, Padre y esposo de una Reina.
Brumens @Brumens2
2K Followers 498 Following @yeswehack employee 🪖 | Bug Bounty hunter🐝 & coffee lover ☕ I'm a big fan of breaking into all sorts of things 🌐
Hamzah Abdlmotalb Abd... @HAbdullah55817
10 Followers 489 Following
Pablo Picurelli Ortiz @superpegaso2703
11 Followers 121 Following Security researcher. HTB CPTS, CBBH. CVE-2025-53621. Cyber security student at Universidad Rey Juan Carlos (URJC)
VRIIZ @_VRIIZ_
4 Followers 183 Following N00b in Cyber Security, but Excited to Learn 😁✌️ Eat, Sleep, Hack, Repeat 😉
boffman @b0ffm4n
4 Followers 160 Following
Thomas Stacey @t0xodile
507 Followers 209 Following Penetration tester trying to perform novel research. You can find all of my write-ups and research at https://t.co/2chUIHJDeP.
DreyAnd @dreyand_
2K Followers 836 Following 19yo, Bug Bounty, Security Research & CTF w/@ProjectSEKAIctf
Aman Subedi @amsubedi2
5 Followers 657 Following
raff0x1 @Raoufmaklouf
29 Followers 190 Following
Kévin GERVOT (Mizu) @kevin_mizu
6K Followers 754 Following Researcher for @ctbbpodcast lab 🐛 | DOMLogger++ developer 👨🏻💻 | CTF with @FlatNetworkOrg, @rhackgondins 🦦 | @ECSC_TeamFrance 2023 🇫🇷
Abdullah Asif @AbdullahAsifVir
373 Followers 1K Following #Cybersecurity #WebApplications #CloudArchitect. Retweet not endorsement.
Shadow @AhmdMhmd30376
15 Followers 285 Following Penetration tester | Bug Hunter | CTF Player 🚩 lifeless
Dk Mn @m8elos
3 Followers 151 Following
heaven @haloiceyx14152
0 Followers 149 Following
eye 👁️ @minometidji
1K Followers 379 Following We have a new day, new opportunities, and new possibilities, so go ahead and learn something .
sadpiranha @LeadNead
0 Followers 455 Following Cybersecurity lover | sharing what I found interesting.
::: @pelamx
165 Followers 5K Following
303sec @303sec
291 Followers 1K Following Security Research & DevSecOps. 303sec on all platforms. Ex-baby (now fully grown).
TheZakMan @thezakman
315 Followers 2K Following Graphic Artist / CTF Player / ʁakɚɹ / Bug Hunter https://t.co/3Wk9WMb53N https://t.co/ob3ot9VgGa 𝓘 𝓟𝓮𝓮𝓹 𝓢𝓱𝓲𝓽
Muhammad Farhan @Realmufar
6 Followers 437 Following
Tur.js @Tur24Tur
4K Followers 1K Following Application security fan, dedicated to writing custom security tools. @NoBugEscapes @BugBountyZip JavaScript - ExpressJS ♥️💛 https://t.co/bltifT1jkQ
Muhammad Waseem @wgujjer11
4K Followers 872 Following Cybersecurity Analyst | Ethical Hacker | Secure @nasa | #CyberSecurity #
tfly @oracleoverflow
1K Followers 4K Following passionate about cyber security and ethical hacking ctf player @fr334aks
صفر الزمن @non___existen
87 Followers 7K Following
smaury @smaury92
4K Followers 2K Following Co-Founder @ShielderSec | Cliff Jumping Lover (23mt max so far) | ♫ I knew all the rules but the rules did not know me. ♫
chux @chux13786509
8K Followers 324 Following Web Warrior 👻 | Bug Hunter | CVE-2024-46990 | CVE-2024-54128 | CVE-2025-29930 | https://t.co/LbpguTTSEk | https://t.co/e9bO0RZKlB
^.Übermensch @_foobarr
24 Followers 2K Following
pablo palma @pablopalmappr
3 Followers 440 Following
Adrian.09 @Adriannx09
40 Followers 138 Following
Hackwhy @Hackwhyy
2 Followers 13 Following
Ashek-Alahi @mdashekalahi35
29 Followers 793 Following
Vaisov Bek @vaisovbek
866 Followers 6K Following Security Researcher aka Bug Bounty Hunter | CTF Player
Hoa Lê Ngọc @Le_Ngoc_Hoa
7 Followers 201 Following
Isaiah @Hacker_Ise
5 Followers 605 Following Web & Mobile Security Reseacher | Exploring Blockchain and Cloud Security | ARM | Chasing My Curiousity
Erez @ErezYalon
1K Followers 462 Following VP of Security Research @Checkmarx; Founder of @AppSec_Village; API Security Project Leader @OWASP
NeM0x00 @Yousef39960629
472 Followers 414 Following Security Researcher 👾 write a code that breaks Programmers code
badmash jatt @badmash1337
564 Followers 772 Following 📍سرزمینیں پاکستان | منزلیں بہادروں کا استقبال کرتی ہیں بزدلوں کو تو راستے کا خوف ہی مار دیتا ہے
syc10 @bm00__
38 Followers 336 Following
Abdelkrim @ASn4k3y3
30 Followers 1K Following
fnord0 @0xfnord
209 Followers 2K Following computer, network/telecommunications and security enthusiast - budding programmer, @political
zodiac_ @_zodiacHacker
57 Followers 229 Following Bug hunter @Hacker0x01 github : https://t.co/SS5SOY3xqO
Ameya Kannurkar @AmeyaKannurkar
19 Followers 143 Following
Patrick @Patrick0x41
688 Followers 4K Following Offensive Security Engineer | Interested in Red Teaming & Vulnerability Research
turb0 @7urb01
270 Followers 110 Following CTBB Full-Time Hunters' Guild Member | JavaScript Exterminator | Part-Time UID 0 |Not afraid to PTRACE_SEIZE | Bits, bytes, and bad ideas https://t.co/0iE5bU44up
naive_tester @naive_tester
34 Followers 1K Following
sudi @sudhanshur705
5K Followers 695 Following Remember, whatever happens... There's always a vulnerability https://t.co/FFVfnf39jY
Ghalahad @j_Kingsmand
48 Followers 599 Following
roughwire @roughwire
1K Followers 467 Following Security Engineer I love guitar more than info security ❤️
Niv Levy 🇮🇱 @restr1ct3d
6K Followers 3K Following Penetration Testing Engineer / Bug Bounty Hunter / OSCP, OSWE, GCPN
Mr. @nine_squar
58 Followers 1K Following
xssdoctor @xssdoctor
4K Followers 372 Following hacker and cardiologist… not necessarily in that order
Ananda Dhakal @dhakal_ananda
11K Followers 663 Following Vulnerability Researcher @patchstackapp | Brand Ambassador @Hacker0x01 | Blogs: https://t.co/a0aOojdwyl 🇳🇵
Tuan Anh Nguyen⚡️... @haxor31337
15K Followers 2K Following 29 y/o Bug Bounty Hunter and Red Teamer at Viettel Cyber Security. Brand Ambassador @Hacker0x01 - Researcher Spotlight @Bugcrowd
WhiteHatMage @WhiteHatMage
3K Followers 316 Following Bug bounty wizard - All Stars @immunefi. I cast Exorcise on vulnerabilities and Heal on protocols. Prevented exploits worth over $150M.
eternalkyu @eternalky_u
67 Followers 35 Following Bug bounty hunter, security researcher and CEO @ https://t.co/v4XQBkbrfj
Gareth Heyes \u2028 @garethheyes
37K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5
Kévin GERVOT (Mizu) @kevin_mizu
6K Followers 754 Following Researcher for @ctbbpodcast lab 🐛 | DOMLogger++ developer 👨🏻💻 | CTF with @FlatNetworkOrg, @rhackgondins 🦦 | @ECSC_TeamFrance 2023 🇫🇷
Fat @fattselimi
16K Followers 9K Following Chasing Positive vibes only & Ethical Hacking for fun and profit🧑🍳
Brumens @Brumens2
2K Followers 498 Following @yeswehack employee 🪖 | Bug Bounty hunter🐝 & coffee lover ☕ I'm a big fan of breaking into all sorts of things 🌐
Thái Vũ @thaivd98
3K Followers 929 Following
Carmine Gragnano @CGragnano
40 Followers 120 FollowingTrends for United States
You might like
