shubs @infosec_au
Co-founder, security researcher. Building an attack surface management platform, @assetnote assetnote.io halcyon Joined August 2013-
Tweets4K
-
Followers49K
-
Following2K
-
Likes10K
I'm helping build HackerOne's Australia club. If you're in Australia and want to join, head over to h1.community/australia-hack… We aren't participating in AWC 2024 this year, but the plan is to build our community and participate next year :)
SourceForge: Vulnerability in import feature leads to RCE! 🔥 Cybercriminals could have compromised SourceForge entirely, targeting millions of users worldwide through malicious software downloads. Read more in our latest blog post: sonarsource.com/blog/dangerous… #appsec #security
Great post from the Rapid7 team with a detailed analysis of the most recent PAN-OS critical bug.
Great post from the Rapid7 team with a detailed analysis of the most recent PAN-OS critical bug.
I'm grateful that I have a network of people who enjoy hacking as much as I do; even in hard times, I can always push boundaries. Working on a difficult target and seeing results makes it all worth it.
A short article from me dedicated to a topic that receives little attention in the community. Hopefully, it will be useful to someone. blog.slonser.info/posts/ipv6-zon…
We've got another 2.5 hour podcast for you this week - this time featuring our boi, @samwcyo! Sam is one of the most legendary hackers around and this time we double clicked into his motivation for these crazy hacks and the methodology behind them. Enjoy ctbb.show/65
I've written up an unintended and (IMO) novel solution for picoCTF 2024 "Elements" - an XSS and CSP bypass challenge by @EhhThing . Check the tl;dr spoilers in the post if you want to know if it's up your alley, but I think it was super cute! justinsteven.com/posts/2024/04/…
The setup behind the CVE-2024-3094 supply-chain attack is fascinating. I originally wanted to finish and share a tool to audit other OSS projects for anomalous contributor behavior, but I feel what I found trying to MVP it is way more interesting. 🧵 1/25 gist.github.com/rubyroobs/77cc…
Does anyone have an account on apigee.com with an organization set up there? It would really help with some research I am doing. Can you please DM me if you have an org on apigee.com (not gcloud).
More details about the vulnerability I brought to last p2o (which is not success) Many lessons were learnt from this failure Hope it will help someone who’s working as a system admin or a researcher testbnull.medium.com/sharepoint-not…?
I can't believe so many people are sleeping on this research: code-white.com/blog/leaking-o… Code White again smashes it out of the park with their meticulous knowledge of software stacks. I have so much respect for them publishing this. Nice work, @mwulftange!
Today we disclosed serious security issues our team discovered in over three million hotel locks that could allow anyone to create master keys. We’ve been working on this for almost two years to ensure it’s fixed responsibly. Thanks to Andy for the great coverage!
Today we disclosed serious security issues our team discovered in over three million hotel locks that could allow anyone to create master keys. We’ve been working on this for almost two years to ensure it’s fixed responsibly. Thanks to Andy for the great coverage!
@steventseeley @frycos This one is for you 😉 github.com/codewhitesec/H…
Huge thanks to @davidbombal for covering the past car hacking research from @_specters_ @bbuerhaus @xEHLE_ @iangcarroll @sshell_ @infosec_au and I. David and his team put in a ton of effort to research this and asked some great questions. More than happy to share the fun stories.
Huge thanks to @davidbombal for covering the past car hacking research from @_specters_ @bbuerhaus @xEHLE_ @iangcarroll @sshell_ @infosec_au and I. David and his team put in a ton of effort to research this and asked some great questions. More than happy to share the fun stories.
At @assetnote, our security research team has worked tirelessly to build capabilities to exploit CVE-2024-21762, a pre-auth RCE vulnerability in FortiGate SSLVPN. 150k+ instances of this on the internet. Dylan explained his journey in our blog: assetnote.io/resources/rese…
🔒 Hackers, rejoice! 🎉 Unveiling the recording of Andre Baptista’s (@0xacb) groundbreaking talk at #BSidesAhmedabad2023! 💻 YouTube Link: youtu.be/GSfJ3Sf24ZQ?fe… Explore the world of REcollapse and its game-changing tactics for zero-interaction account takeovers and web…
I gave a keynote talk for BSides Ahmedabad last year. Not many people know, but my family is from Gujarat, so it was really special to give this talk. I thank the organizers for giving me the opportunity to speak to such a special crowd.
I gave a keynote talk for BSides Ahmedabad last year. Not many people know, but my family is from Gujarat, so it was really special to give this talk. I thank the organizers for giving me the opportunity to speak to such a special crowd.
Our security research team at @assetnote discovered CVE-2023-5914 & CVE-2023-6184 in Citrix StoreFront and Citrix Session Recording. Customers of Assetnote's ASM responded rapidly to these vulnerabilities as they were the first to know. Blog: assetnote.io/resources/rese…
I've been using @WeaselJs for the last year, and I'm so stoked that @CharlieEriksen is receptive to feedback and works hard for his users. Some of the best support I've ever had. Great product.
🎁 Source Code Disclosure in IIS 10.0! Almost. There is a method to reveal the source code of some .NET apps. Here's how it works. 👉 swarm.ptsecurity.com/source-code-di…
Intigriti @intigriti
155K Followers 644 Following Global Bug Bounty & VDP Platform. 🌐: https://t.co/fgCupJckrW ▶️: https://t.co/lRfCzZBgb7 👾: https://t.co/Inf7N9VQIl
Ben Sadeghipour @NahamSec
197K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷
Sam Curry @samwcyo
77K Followers 948 Following Hacker, bug bounty hunter. Run a blog to better explain web application security.
The XSS Rat - Uncle R.. @theXSSrat
128K Followers 888 Following Alone we survive, together we prosper. Are you with me? https://t.co/AfnDsVhqqA
bugcrowd @Bugcrowd
161K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™
Jason Haddix @Jhaddix
147K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. @arcanuminfosec 18 years hacking + sec leadership. ex:BuddoBot-Ubisoft-Bugcrowd-Fortify-HP-Redspin-Citrix.
Joseph Thacker @rez0__
49K Followers 869 Following the promptfather. christian. hacker. hobby jogger. principal ai engineer @appomnisecurity.
hakluke @hakluke
88K Followers 2K Following Hacker, bounties, entrepreneur. I help cybersecurity companies produce amazing content for their blogs and socials. Founder of: @haksecio and @hacker_content
Katie Paxton-Fear @InsiderPhD
82K Followers 2K Following Dr, apparently. Creator @traceableai, Lecturer & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/her
STÖK ✌️ @stokfredrik
127K Followers 1K Following Hi.. im that hacker / creative that your friends told you about. Creative Director & Hacks all the things at @truesec
Nathaniel @nnwakelam
38K Followers 1K Following
Hussein Daher @HusseiN98D
43K Followers 151 Following Entrepreneur, Hacker 🇱🇧🇨🇮 @WebImmunify 27th/270000 BugCrowd Hacking Platform
InfoSec Community @InfoSecComm
38K Followers 636 Following Largest InfoSec publication with 30k+ followers and 1M+ monthly views. 3rd edition of @IWcon_ happening in December 2023!
Harsh Bothra @harshbothra_
42K Followers 663 Following Freelance Pentester & Consultant • Cobalt Core Lead & Pentester • Author • Speaker • Blogger • SecurityExplained • Project Bheem • Learn365 • Views are personal
Farah Hawa @Farah_Hawaa
44K Followers 842 Following security analyst @fbsecurity | part-time bug hunter | content creator | she/her | views = mine
Julien | MrTuxracer �.. @MrTuxracer
30K Followers 417 Following Freelancer | Full-time #BugBounty | @Hacker0x01 H1-Elite & $1,500,000 Hacker | ❤️ IDA Pro
payloadartist @payloadartist
34K Followers 288 Following Tweeting about Application Security, Hacking, & Cybersecurity • Helped secure organizations like Google • Opinions are my own
Md Ismail Šojal @0x0SojalSec
22K Followers 4K Following Cyber_Security_Researchers || 0SINT || Digital Forensics System Analysis / incident Response II Pwn || GH0ST_3xP10iT || 0ld Accounts Suspended @0xSojalSec ||
nuy @0xnuy
4 Followers 128 Following Life stored in my PC. Hacking is my passion "1 | Bug Hunter | Senior Cybersecurity
mostafa Elserry @ElserryMos51616
23 Followers 460 Following
احسانـــــ�.. @TheFreyja_
373 Followers 264 Following You can find my pure soul, deep thoughts and chaotic mind here...
Do @DoDorisa74964
0 Followers 89 Following
megopigs @megopigs1
63 Followers 524 Following
s0ufi4n3 @s0ufm3l
2 Followers 117 Following
Khaja Faiz @KhajaFaiz4
0 Followers 40 Following
Software Developer @dmkavanagh
2K Followers 6K Following Software Developer for 44+ years currently involved in Java, AppSec, Rancher, Storm, AWS, Kubernetes, Kafka, Cryptography, BA, BSCS, MSCS, GoTerps!, Go Joe!
d4m4d4 @d4m4d44
2 Followers 111 Following | programmer | hacker |full stack web developer | hackthebox | tryhackme
John Franco Saraceno @jfsaraceno
215 Followers 2K Following
WIΞST ¯\_(ツ)_/¯ @w3stw0rld
17 Followers 1K Following
LOGU_JK @LoGU85572123
17 Followers 319 Following
121 @121Beyond
30 Followers 787 Following
0xMahmud @cybersheikhhh
4 Followers 299 Following !maginary , Muslim , #cybersecurity , #computerscience , security researcher
aprilliar @aprilliar13
64 Followers 52 Following In the blink of an eye, April, when we met, is approaching. April is coming without you.
Jimmy Ferrari @JimmyFerrari8
662 Followers 5K Following Crypto miner stock investor and interested in Cryptocurrencies
Frank Cash @frankcashhh
47 Followers 157 Following
Electronicsseeker @libertarian108
8 Followers 1K Following
azizk @realazizk
6 Followers 167 Following
zxvc @zxcv_zxvc
0 Followers 28 Following
Nassir Ghraizi @NassirGhraizi
2 Followers 145 Following
Md. Akram Hossen @MdAkram39170379
3 Followers 46 Following
سفر سعيد عي�.. @sfrghmdi
349 Followers 490 Following
sushant @sushant71064275
1 Followers 92 Following
nikhil narayan @nikhilnarayan91
1 Followers 34 Following
beige @0xbeige_
1 Followers 101 Following
Robot .Bot @RobotBot314414
52 Followers 444 Following
Neda @Neda62455817
9 Followers 80 Following
𝗛𝘂𝗺𝗮𝗻 .. @secguro
20K Followers 1K Following Try to keep up! BREAKING & up to the minute #news, #cybersecurity tips and #technology best practices. Visit website for more. #cyber #infosec #humanfirewall
Azazzi @Azazzi9
9 Followers 65 Following
D@n!3l @20_04D
145 Followers 1K Following Cybersecurity Enthusiasts/ crypto enthusiasts/ Arsenal dude, working towards greatness.
Q @Q7520994033543
1 Followers 17 Following
Nikhil Sahoo @nikhilsahoo1232
43 Followers 309 Following Security Engineer @ Microsoft | Application Security | Pentester | SAST | DAST
Anachronist @Anachronis43313
27 Followers 587 Following
Mohammed Ouahman @OuahmanMohammed
6 Followers 109 Following I m a Data Scientist in the e-commerce industry, I like to analyze data and predict the future of data.
K @huynv28
122 Followers 1K Following
Yusuph @T3chnocr4t
450 Followers 626 Following Aspiring SECURITY Researcher 📊.. {} I works in the shell 💻
teja @teja72725248621
0 Followers 1 Following
Ben Sadeghipour @NahamSec
197K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷
PentesterLab @PentesterLab
153K Followers 0 Following We make learning web hacking and security easier. Online systems, code review, videos & courses that can be used to understand, test and exploit bugs!
Sam Curry @samwcyo
77K Followers 948 Following Hacker, bug bounty hunter. Run a blog to better explain web application security.
bugcrowd @Bugcrowd
161K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™
Jason Haddix @Jhaddix
147K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. @arcanuminfosec 18 years hacking + sec leadership. ex:BuddoBot-Ubisoft-Bugcrowd-Fortify-HP-Redspin-Citrix.
Joseph Thacker @rez0__
49K Followers 869 Following the promptfather. christian. hacker. hobby jogger. principal ai engineer @appomnisecurity.
hakluke @hakluke
88K Followers 2K Following Hacker, bounties, entrepreneur. I help cybersecurity companies produce amazing content for their blogs and socials. Founder of: @haksecio and @hacker_content
Katie Paxton-Fear @InsiderPhD
82K Followers 2K Following Dr, apparently. Creator @traceableai, Lecturer & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/her
STÖK ✌️ @stokfredrik
127K Followers 1K Following Hi.. im that hacker / creative that your friends told you about. Creative Director & Hacks all the things at @truesec
Nathaniel @nnwakelam
38K Followers 1K Following
Hussein Daher @HusseiN98D
43K Followers 151 Following Entrepreneur, Hacker 🇱🇧🇨🇮 @WebImmunify 27th/270000 BugCrowd Hacking Platform
Farah Hawa @Farah_Hawaa
44K Followers 842 Following security analyst @fbsecurity | part-time bug hunter | content creator | she/her | views = mine
Julien | MrTuxracer �.. @MrTuxracer
30K Followers 417 Following Freelancer | Full-time #BugBounty | @Hacker0x01 H1-Elite & $1,500,000 Hacker | ❤️ IDA Pro
payloadartist @payloadartist
34K Followers 288 Following Tweeting about Application Security, Hacking, & Cybersecurity • Helped secure organizations like Google • Opinions are my own
Yassine Aboukir 🐐 @Yassineaboukir
26K Followers 338 Following HackerOne Top 20, Pentest Lead, Ambassador, MVH Title and Hacker Advisory Board • Digital Nomad • Aspiring Athlete.
Bug Bounty Reports Ex.. @gregxsunday
39K Followers 555 Following Grzegorz Niedziela - a hacker who documents his hacking journey by creating and curating the best content about bug bounty and offensive security.
Tuan Anh Nguyen 🇻�.. @haxor31337
13K Followers 2K Following 28 y/o Bug Bounty Hunter and Red Teamer at Viettel Cyber Security. Brand Ambassador @Hacker0x01 - Researcher Spotlight @Bugcrowd
HackerOne @Hacker0x01
289K Followers 3K Following The only official HackerOne Twitter account. Peace of mind from security's greatest minds. #HackForGood #togetherwehitharder
Dominic Alvieri @AlvieriD
14K Followers 293 Following Cybersecurity analyst and security researcher. Deleted my own Facebook & hacked yours. #cybersecurity #infosec https://t.co/jpm0COr5fY
t.j. miller @nottjmiller
273K Followers 925 Following Comedian. Died in 2010 of an AVM. The “MOSTLY EUROPE WORLD TOUR” begins May 10th in Paris- tickets on my website. Have you seen Gorburger? Look it up.
pizzapower @pizzap0w3r
47 Followers 295 Following You've never heard of me. You don't know me. I'm nobody. See what I'm doing at https://t.co/KGSWIR6wbi
Ankita Gupta @ankitaiitr
1K Followers 1K Following Cofounder and CEO @aktodotio | @iitroorkee @Dartmouth
Will C @WillCaruana
2K Followers 1K Following I'm a security hobbyist, maker of things, high voltage enthusiast and a hacker of cars. (he/him) You can call me at 617-440-8667
Lennert @LennertWo
4K Followers 1K Following PhD Researcher @CosicBe | Hardware Security @[email protected]
crazyman_army @CrazymanArmy
6K Followers 3K Following CTFer / APT hunter / RedTeam / BlueTeam the member of @r3kapig the leader of @ShadowChasing1 CVE-2022-30190 find job opportunities opinions are own not group
Eqqie @Eqq111e
789 Followers 361 Following aka 赤道企鹅🐧 / Binary Security Researcher / Fuzzing Test / IoT, NFV Sec / Virtualization / UCAS / CTF pwner of L-team & El3ctronic & Never Stop Exploiting
Gunnar Andrews @G0LDEN_infosec
3K Followers 771 Following Hack Stuff | Code Stuff | Fitness | Kaizen OSCP | OSWA | OSWE https://t.co/4lgaVGZxd0 https://t.co/4JbA2DgF90 https://t.co/uY8NkPXaqA
Prashant Mahajan @prashant3535
1K Followers 499 Following InfoSec Professional | Trainer | Developer | ADRecon | AzureADRecon | Payatu Australia | OzHack
Gal Weizman @WeizmanGal
1K Followers 464 Following Browser JS {App} Security @MetaMask 🦊 & LavaMoat 🌋 | Creator of Snow JS ❄️ | Sometimes finds CVEs, no longer on purpose | In a toxic relationship with iframes
Valeriy @Krevetk0Valeriy
3K Followers 661 Following Security enthusiast, bug bounty hunter at @Hacker0x01 and @Bugcrowd https://t.co/RjYvPJaXTW https://t.co/dkUfA2vywe
Dominik Penner @zer0pwn
6K Followers 2K Following principal security consultant @mandconsulting_. former ssc @nccgroupinfosec. co-founder @hackerschange. vulnerability researcher in the pursuit of knowledge
Stephen Fewer @stephenfewer
8K Followers 208 Following Principal Security Researcher @rapid7. Decompiler @relyze. Core @metasploit dev 2009 - 2013. MSRC Top 100 2015. Pwn2Own 2011 & 2021.
@levelsio @levelsio
418K Followers 1K Following 🦄https://t.co/sQ0aiU7v02 $202K/m 💆https://t.co/AoNP9BW2Dp $3K/m ✨https://t.co/BmbkrX4Zyf $0.1K/m 📸https://t.co/lAyoqmSBRX $57K/m 🖼https://t.co/1oqUgfD6CZ $44K/m 🌍https://t.co/BjTozWAXwG $27K/m 🛰https://t.co/ZHSvI2wjyW $51K/m
Kei0x @Kei0x
8K Followers 508 Following Founder @ AIKOCorp. Infosec/AI. Weeb Exploit Developer. Perpetually Tired. Follow requests generally ignored unless you radiate The Vibe
Hammad 🇵🇰🇵�.. @Hammad7361
3K Followers 121 Following Bug bounty hunter on @Bugcrowd | https://t.co/ZzgPZQzdTp
Rico J (infosec.excha.. @0Rickyy0
156 Followers 394 Following SOC Analyst, Programmer, Interested in infosec, malware analysis and other IT related stuff | https://t.co/m29wZBaQE2 | vi/vim
Lorenzo Pirondini @LorenzoPirondin
227 Followers 2K Following
BrunoZero @BrunoModificato
1K Followers 383 Following CTFer for: @Water_Paddler( 💦) / Security auditor for @osec_io 🦦 my writeups: https://t.co/XurIhbWdj7 23y
Mehmet INCE @mdisec
30K Followers 2K Following Sr Vulnerability Researcher. Co-founder of @PRODAFT. Muay Thai fighter of Team Tieu.
Alyse @Bellebytes
1K Followers 1K Following Red Team Director #GXPN #GMOB / I also sing for a band called LYLVC
Kévin - Mizu @kevin_mizu
3K Followers 649 Following Vulnerability researcher 🐛 | CTF with @HexagonCTF, @rhackgondins 🦦 | Team FR 2023 🇫🇷 | https://t.co/sEBb6VnMrm
Jenish Sojitra @_jensec
16K Followers 575 Following Security & Finance. HackerOne Top 20 Hackers of all Time. Security at Exodus.
Jia Hao @Chocologicall
478 Followers 263 Following Web Security Researcher @starlabs_sg | Patience is a virtue. Every puzzle has an answer. | Opinions expressed are of my own.
Mohamed Mahmoudi @medmahmoudi_619
201 Followers 154 Following Full time hacker with pentesting and web development background
bsysop @bsysop
4K Followers 880 Following If you can dream with it, you can do it🤘🏻! TOP14 @bugcrowd, TOP12 P1 Warrior 🚀 https://t.co/4PRRx7QQaH 🤟🏻 https://t.co/eehzMtCJO4
SECUINFRA FALCON TEAM @SI_FalconTeam
2K Followers 85 Following Insights from the Digital Forensics/Incident Response and Threat Research Team at SECUINFRA. We regularly publish reports, detection rules and other findings!
Nitesh Dhanjani @nitesh_dhanjani
1K Followers 342 Following Cybersecurity Executive, Author, & Researcher
Jayesh Madnani @Jayesh25_
11K Followers 354 Following CEO and Hacker in charge @ EIS | HackerOne Top 15 | https://t.co/JSX03WutFN
Felipe Warrener-Igles.. @fwrnr
2K Followers 258 Following flexing on computers, every bone and muscle
Adam Djemai @AdamDjemai1
58 Followers 75 Following
Javier Corral @corraldev
2K Followers 881 Following Full time bug bounty hunter | Software Engineer | Short steps, long vision. 📈 Crackonce founder
Matt Strahan @matt_strahan
188 Followers 93 Following Co-founder/Managing Director of Volkis. Security guy.
Aaron Costello @ConspiracyProof
2K Followers 298 Following Irish 🇮🇪 SaaS Security. Opinions may be that of James Joyce or Samuel Beckett who occasionally channel their spirits through me.
mhmd berro (badcracke.. @badcrack3r
4K Followers 260 Following 21 Years old. Researcher at hackerone. Known as badcracker. Listed at more than 100 companies hacker's hall of fame.
New video! This one shows how the @Jhaddix discord helped me tune CloudRecon, and how I use it to scrape certificates across all IPv4 IPs! youtu.be/neXwq_0hlfE
Using a combination of tools we enumerated subdomains and paths on those subdomains with wordlist from assetnote. After which we had a few hits 1 interesting one being ebr.curaleaf.com/api/logs
Reproduced DOMPurify 3.1.0 bypass, but my payload requires two mutations. Has anyone managed to trigger it with a single mutation?
Some really interesting data points will start being exposed for better transparency across the industry. Very excited 🎉
Testing started on new levels of bounty table transparency for hackers.
No stream today guys sorry 😢 I got stuck doing yardwork! We can send a Friday stream tomorrow 🔥🔥
CVE-2024-4040 | AttackerKB - attackerkb.com/topics/20oYjlm…
@mongobug is the greatest
@justdionysus Solved it (a friend sent it to me) and it was pretty fun and different :) ty
i am in Dubai attending #gisec if any of you are around and would like to meet up.
yall have 5 seconds to convince me that this is a bad idea
Thank you @salesforce and @Hacker0x01 for the opportunity! This LHE definitely was one for the books! 📚 Very honored and grateful to receive a second MVH award, 7 (!) years after my first one (2017) and 5 (!) years after participating in my last H1 LHE (2019) 🙏🙏🙏
The first batch of #H165 winners are here! On behalf of the HackerOne and @salesforce teams, thank you for your hard work. 💪 1st Place: arneswinner 3rd Place: ngocdh Eliminator: matanber Exterminators: shubs, ziot, nahamsec, ryotak Most Valuable Hacker: arneswinner
How to optimize your bug bounty programs helpnetsecurity.com/2024/04/22/roy…
Gratitude.. for all the experiences & everyone that has supported me on my content creation / hacking journey so far. With the house sold, the store closed, the studio rented out. We now embark on a new adventure with no address, two dogs & a camper van. here’s to uncertainty ✌️
Calling bug bounty hunters 🥷 in Hanoi and Ho Chi Minh areas to participate in HackerOne's biggest Ambassador Worldcup 2024 event of the year 🔥 If you want to try your hand at difficult targets and collaborate in a strong, experienced community. Please join us 🇻🇳 🤝💰💪 @LamScun
want every dinner to taste as good as @samyscurry on Dempsey Road, Singapore
Trends for United States
You might like
