Alessandro @CottoAlessandro
Joined August 2013-
Tweets3K
-
Followers602
-
Following4K
-
Likes28K
PoIEx, a new #Doyensec tool, identifies "Points of Intersection" where code & IaC definitions meet. Visualize & explore IaC, plus create & share real-time notes w/ teammates in VS Code. Try it out today‼️ blog.doyensec.com/2024/01/30/poi… github.com/doyensec/PoiEx #CloudSecurity #appsec
OpenAI's security team noticed that a group reverse engineered and was abusing ChatGPT's internal API. Instead of shutting them down, they quickly replaced ChatGPT with CatGPT… and then lurked in the attackers' Discord to watch the chaos. Absolute legend. youtube.com/watch?v=PeKMEX…
Learn more about finding DOM #XSS and instrumenting client-side #javascript using Eval Villain, a tool by Doyensec's @bemodtwz ! #doyensec #appsec #websecurity #security blog.doyensec.com/2023/09/25/cli…
Introducing Session Hijacking Visual Exploitation (SHVE): A new tool for taking #xss exploitation to the next level - remotely viewing a target's browser Details on our blog: blog.doyensec.com/2023/08/31/int… Download: github.com/doyensec/Sessi… #doyensec #appsec #appsecurity #websecurity
Announcing wsrepl, the WebSocket testing tool from Doyensec! This intuitive tool is super easy to use and makes automation around WebSockets simple! Check out our blog for the details and download it today! blog.doyensec.com/2023/07/18/str… #doyensec #appsec #websockets #burpsuite
We're happy to partner with @TrustVanta and appreciate their show of confidence in our team! We really enjoy the unique challenges of helping to secure the security industry itself! #appsec #doyensec #graphql #infosec #devsecops
New advisory! @viktorot provides details on a CSRF protection bypass he discovered in Sveltekit. Ensure your apps are up-to-date. #doyensec #appsec #javascript #DevSecOps doyensec.com/resources/Doye…
In our latest blog post, learn how Szymon Drosdzol found a trivial SSRF bypass in #NodeJS 's `request` library (18M weekly downloads). Learn how to patch it and get the details on how other widely used libraries handle the same vector. #Doyensec #appsec blog.doyensec.com/2023/03/16/ssr…
In our latest blog post, our chefs from 🇮🇹 and 🇫🇷 have collaborated to bring you a culinary masterpiece! Learn @lorenzostella and @maxenceschmitt's recipe for a tasty arbitrary file write to RCE via abusing #uWSGI files. Bon appétit! blog.doyensec.com/2023/02/28/new… #doyensec #AppSec
Check out @lacerenza_fra's new PESD @Burp_Suite extension. It converts proxy history to interactive diagrams! Easily document findings or convey complicated logical application flows in seconds! #Doyensec #appsec #Pentesting blog.doyensec.com/2023/02/14/pes… github.com/doyensec/PESD-…
The second edition of #Doyensec's "CloudSec Tidbits" has just been published! Learn all about #AWS Cognito User Attributes tampering and experiment with it in our free lab. Check it out today! #CloudSecurity #appsec #devsecops blog.doyensec.com/2023/01/24/tam…
We're definitely not your typical AppSec consultancy! youtube.com/watch?v=fFOiS5… doyensec.com/careers.html #infosecjobs #doyensec #appsec #career #notyourtypicalappsec Credit: @pmontesel
Announcing the release of `safeurl` - a library to help #golang devs "Build with Security"! This module provides tested & versatile protection against Server Side Request Forgery (SSRF)! Hurry and check it out! #doyensec #AppSec blog.doyensec.com/2022/12/13/saf… github.com/doyensec/safeu…
Great news! ElectroNG, our premium #Electron security testing tool, can now be seamlessly integrated into your CI/CD pipelines. Automating the protection of your apps has never been easier! get-electrong.com/docs/#/install… #Doyensec #appsec #security #javascript
It's Black Friday! 🎉 Get FREE recurring API credits if you like + retweet this tweet (must be following @securitytrails). If we get up to 100 RTs everyone gets 100 recurring monthly API credits. If we get over 100 RTs, everyone gets the # of API credits in the amount of RTs.
Our workshop will be in SALA C Friday morning. If you're at #EKOPARTY2022 come check it out!
Our workshop will be in SALA C Friday morning. If you're at #EKOPARTY2022 come check it out!
See how @lucacarettoni leveraged newly public bugs and techniques, along with (un)fortunate design choices to elevate an XSS discovered by @justinsteven into a full-blown RCE in VSCode, via its support for Jupyter Notebook. blog.doyensec.com/2022/10/27/jup… #doyensec #appsec #xss #RCE
Learn about the dangers of code that falls through to the System role in the first edition of our new "CloudSec Tidbits" series! We'll be focusing on the intersection of #appsec and #CloudSecurity! doyensec.com/research.html#… Follow us so you don't miss future posts! #doyensec #AWS
PLDC @PLDC09710726
16K Followers 4K Following Account ufficiale del Principato libero delle Costeselle: informazioni ai sudditi sul degrado morale che li circonda.Claudio Centa @ClaudioCenta1
6K Followers 5K Following “Labia sacerdotis custodient scientiam et ex ore eius requiritur sapientia” (Malachia 2,7). PhD in Storia della Chiesa; diploma in Archivistica.Daisie Fanney @FannDais
51 Followers 5K FollowingBaylee Figueredo @FiguereBayl
27 Followers 5K FollowingBabara Gavitt @BabaraGavit
39 Followers 5K FollowingCecelia Knick @KnicCecel
99 Followers 5K FollowingZahara Mcnorton @ZahMcnorto
41 Followers 5K FollowingCherrie Bartamian @bartamian33217
77 Followers 5K FollowingOdelia Connelley @odeli_connell
41 Followers 5K FollowingVienna Alcaraz @alca_vie
52 Followers 5K FollowingAVE MARIA 🇮🇹 �.. @AVEMARIA188510
438 Followers 3K Following Questa non è una semplice pagina religiosa, Twitter ne ha tante e ognuna fa il suo ruolo egregiamente.Qui si condividono preghiere, si chiacchiera si commentan…Rina Rossi🇮🇹 �.. @R35578Rina
84 Followers 1K FollowingMake money easily @F1U596rbXWn870K
9 Followers 597 Following MEXC focuses on financial management, stocks, cryptocurrencies, digital assets and investments. Currently, new users can get free dollars when they sign up.Virgen de Guadalupe �.. @CarmenPiras
105 Followers 2K Following Grazie a Dio!😊 Dio ci fa conoscere e ci sceglie come suoi figli. Dio vuole che i suoi figli si aiutino e si incoraggino a vicenda. che Dio sia con te!🙏❤️TRILOGY @Trilogyerp
20 Followers 302 Following System Integration company with two main department first is the information technology solutions, second is business Applications especially ERPNext.opontheroad @fragiovanniop
3K Followers 355 Following Frate domenicano e sacerdote fra Istanbul e Trabzon. Fra Corno d'oro e Mar Nero. Fra Europa e Asia. 🇹🇷🇹🇷🇹🇷🇹🇷Make money easily @U4Cc3G662cv6
4 Followers 602 Following MEXC focuses on financial management, stocks, cryptocurrencies, digital assets and investments. Currently, new users can get free dollars when they sign up.JesusITrustInYou @JesusITrustInU4
3K Followers 5K Following Encourager (†) Wanna be saint(†) Pray the Rosary(†) I am a Portuguese Tutor https://t.co/bPK18JyrJk(†)A K M MONIR AHAMED (S.. @MonirAhame41409
103 Followers 3K Following ( LL.B, LL.M ) LAWYER // GOD BLESS EVERYONE TILL 2099 YEARS FROM RIGHT NOW.Brian Pavicic @Brian__Pavicic
53 Followers 158 Following Software Security Activist & Champion @stake - Symantec - Veracode - Rapid7 alum learn more - https://t.co/p0sMZhRvKo…Viktor Chuchurski @viktorot
161 Followers 386 Following yes, no, maybe, i don't know. can you repeat the question?Wythenshawe Catholic .. @WythenshaweCC
358 Followers 370 Following Serving the parishes of Our Lady Queen of Peace, St. Hilda & St. Aidan’s, Sacred Heart & Saint Peter’sshaikFazal @shaikFazal01
237 Followers 603 FollowingEmanuele Campanella �.. @EmanueleCampan8
786 Followers 744 Following Pozzallo ➡️ Siena➡️ Taranto➡️Corigliano Rossano➡️Trebisacce, per il momento direi basta. Ma sempre e solo Siciliano #Pozzallese Sono!! Critical Area NURSE💉🩹🩺Medusa @_medusa_1_
96 Followers 308 Followingphosphore @lorenzostella
865 Followers 468 Following Application Security @ https://t.co/Kh9lQ7HDjx, securing affordable financial infra for Sub-Saharan Africa ex @Doyensec Partner @ https://t.co/75RZb6Pmho (AS62233) @jbzteam memberMaxence SCHMITT @maxenceschmitt
286 Followers 629 Following Application Security @doyensec . I am learning new stuff everyday and I love it.SapicAnaximander @lacerenza_fra
391 Followers 837 Following web && cloud sec enthusiast — Application Security @DoyensecSalvo @salvo_loiacono
28 Followers 212 FollowingCodemaster @codemastercm
72 Followers 279 Following Software/ App / Product development, HTML5, CSS, JavaScript, PHP, MySQL, Java, Kotlin, Python, Solidity, Android, DataScience, CTOMauro Soria @_maurosoria
741 Followers 622 FollowingStefano Ferrari @rquattrogtl
2K Followers 2K Following Father of 👩🦰👩🦰. Learning to code. Python, web-dev, Django. Next step: JS. I love to play guitar and sing. Across the clouds I see my shadow fly.Owebest Technologies .. @OweBest
683 Followers 3K Following Empower your business,transforming and building essential building capabilities by developing advanced Mobile Applications and Software. https://t.co/2Ej9i6EAJQHCLSoftware @HCLSoftware
40K Followers 15K Following We develop, market, sell, and support software for AI and Automation, Data, Analytics and Insights, Digital Transformation, and Enterprise Security.𝒁𝒊𝒐𝑲𝒍�.. @ZioKlint
12K Followers 810 Following Il tempo vola e noi no. Strano sarebbe se noi volassimo e il tempo no: il cielo sarebbe pieno di gente con gli orologi fermi. Profilo debagnaizzato.Hacking Articles @hackinarticles
224K Followers 402 Following House of Pentesters Follow us: https://t.co/Y6XOlSOA92Giuliano Lancioni @giulianol
10K Followers 2K Followingsw33tLie @sw33tLie
7K Followers 820 Following Hacker and CS student, 23yo. Top 50 @ https://t.co/u2ia5UqJZA https://t.co/ukQXXGMJxT https://t.co/LGYK7tMOGoMaria Grazia G @GazzilloGrazia
1K Followers 674 Following Perché la Sua vita non è come quella degli altrimrroot @_mohd_saqlain
808 Followers 389 Following Application Security Engineer | https://t.co/qtnfut2Q6C✠ Stefano ✠ @InVeritateX
6K Followers 2K Following ✝️O Sangue ed Acqua che scaturisti dal Cuore di Gesù come sorgente di Misericordia per noi, confido in Te!✝️Luca Battanta @lucabattanta
27K Followers 14K Following il profilo del politicamente scorretto. -only my personal views here, rt ≠endorsement -PLDC @PLDC09710726
16K Followers 4K Following Account ufficiale del Principato libero delle Costeselle: informazioni ai sudditi sul degrado morale che li circonda.bugcrowd @Bugcrowd
160K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™InfoSec Community @InfoSecComm
38K Followers 637 Following Largest InfoSec publication with 30k+ followers and 1M+ monthly views. 3rd edition of @IWcon_ happening in December 2023!hakluke @hakluke
88K Followers 2K Following Hacker, bounties, entrepreneur. I help cybersecurity companies produce amazing content for their blogs and socials. Founder of: @haksecio and @hacker_contentHussein Daher @HusseiN98D
43K Followers 151 Following Entrepreneur, Hacker 🇱🇧🇨🇮 @WebImmunify 27th/270000 BugCrowd Hacking PlatformIntigriti @intigriti
155K Followers 644 Following Global Bug Bounty & VDP Platform. 🌐: https://t.co/fgCupJckrW ▶️: https://t.co/lRfCzZBgb7 👾: https://t.co/Inf7N9VQIlSTÖK ✌️ @stokfredrik
126K Followers 1K Following Hi.. im that hacker / creative that your friends told you about. Creative Director & Hacks all the things at @truesecAditya Shende @ADITYASHENDE17
51K Followers 421 Following MS Cyber 🇬🇧 | Bugcrowd Top 100 | Overseas Pentest Trainer | Keynote Speaker | Professional Biker | 🌎 @kong_sec 🦍Youssef Sammouda (sam.. @samm0uda
32K Followers 429 Following Hacker, bug bounty hunter, guy behind https://t.co/TBAtP71Cop. 1st in Meta bug bounty program for the last 5 years. YES Team MemberGiacomo Bertoni @ParcodiGiacomo
13K Followers 943 Following Giornalista professionista e scrittore. Già la Provincia Pavese, Ossigeno per l'informazione, il Ticino, Radio Mater, iFamNews. Notturno.Don Francesco Cristof.. @CristofaroFranc
13K Followers 4K Following Le Vie di Maria - Rizzoli [email protected]Zeddy @ZeddYu_Lu
2K Followers 369 Following Web Developer | CTFer | Security Researcher. Play CTFs w/ Tea Deliverers and @Water_Paddler. Like cats. Looking for Ph.D opportunities.Ciarán Cotter @monkehack
3K Followers 420 Following 22-year-old Irish web hacker living in The Hague. Cork native. 🇮🇪 / 🇯🇵 https://t.co/7IvJ9Od3ZcS1REN OFFICIAL @TheReal_S1REN
74 Followers 8 Following Penetration Tester / Red Teamer / Application Security /Education / Streamer https://t.co/lr5MMMYbue https://t.co/W5XOUhdKeHHaxRob @haxrob
16K Followers 378 Following I enjoy breaking things. Telco / mobile and IoT security. Surfing the information super highway one keystroke at a time.I am d3d (dead, мё�.. @deadvolvo
2K Followers 152 Following Security Researcher - Founder of Malicious Group Research - Synack Red Team Operator - DoD researcher of the year 2022 - Top 10 web attacks in 2023 - CRTOPhuong Le @func25
3K Followers 78 Following A Go writer who has just moved to Twi... X, I write clickbaity content and am currently open to new opportunities.Glenn 'devalias' Gran.. @_devalias
2K Followers 647 Following Hack. Dev. Transcend. // Polyglot Developer | Ethical Hacker | Biohacker | Youth Tech Advocate | Certified Human Potential CoachJohan Carlsson @joaxcar
4K Followers 155 Following Father and developer during the day, looking for bugs at night 🐞. Using Twitter for infosec only. Also on: @[email protected]Valentina MARIA🇮�.. @Valenti63339244
7K Followers 3K Following PRENDI LA TUA VITA E FANNE UN CAPOLAVORO “La morte odora di resurrezione.” Cristiana Cattolica Figlia di Dio #RosarioSocialIvan Velichko @iximiuz
49K Followers 526 Following Software Engineer. Bootstrapping https://t.co/9b6sZ2UVQj - a place to help you learn Containers and Kubernetes 🚀 Newsletter (deep reads) → https://t.co/PE0hfGjrL3Ebrietas @Ebrietas0
4K Followers 190 Following Security @ Phantom Wallet, former TikTok & Blizzard. All tweets are my own.Mateo Hanžek @h4nsmach1ne
89 Followers 93 Following Professional hacker by day, security researcher by night.Fr. David Abernethy �.. @philokalia_min
45K Followers 645 Following Catholic Priest - Philokalia Ministries, Desert Fathers, Psychoanalytic StudiesCarla Q. Corsi @_CarlaQ_
25K Followers 8K Following Ho tre gatti, un posto preferito sul divano, molte piante e mi fa paura il rumore del vento. Leggo e a volte scrivo.Armin Ronacher @mitsuhiko
51K Followers 720 Following Creator of Flask; Now @getsentry — love API design, Python and Rust. Love my stuff? https://t.co/aVQ1KPH8jA — “more nuanced in person”hAPI_hacker @hAPI_hacker
13K Followers 656 Following { "name": "Corey J. Ball", "author": "Hacking APIs", "creator": "https://t.co/y3EHBlzHvJ", "is_admin": true }Kairo @Kairo_Anatomika
26K Followers 128 Following I ❤ anatomy, pathology, teratology and I have so many goddamn questionsRon Masas @RonMasas
1K Followers 197 Following trying to predict the next token to make you think i’m a security researcher.Matan Berson @MtnBer
955 Followers 198 Following Hacking for fun | H1-65 Eliminator award | AWC23 Best New HackerJoonas Loppi @joonas_fi
355 Followers 97 Following A computer janitor. 🪣🧹 A huge software nerd: Go, EventSourcing, software architecture and security. Entrepreneur: https://t.co/1PstTmYU62Harel @H4R3L
1K Followers 344 Following Bug Bounty hunter | CTF Player | 19/yo wannabe security researcherSoumyani1 @reveng007
1K Followers 1K Following Wannabe MalDev/RedTeam | Content absorber | CRTP | Upcoming @vulncon Trainer | @BlackHatEvents Asia Arsenal Presenter | @BSidesSG Speaker | 22 y/o | he/himJames Warner @jmswrnr
11K Followers 2K Following 👨🏻💻 Creative Web Developer 🏢 Prev at @LEGO_Group, @EAed @sprocket_ed
1K Followers 145 Following Average Pace 2024: 9:22 — Director of Technical Operations and hacker @sprocketsecTobi Weißhaar @_kun_19
799 Followers 73 Following MSc Advanced Computer Science | Pentester | OSCP | OSWE | Bug Bounty Hunter @Hacker0x01 #kaeferjaegerCoD_Segfault@infosec... @CoD_Segfault
2K Followers 221 Following Maker, hacker, tinkerer, things on my head enthusiast. Into electronics, 3D printing, Wi-Fi, and whatever else has my attention. [email protected]Tal Be'ery @TalBeerySec
9K Followers 2K Following Security Research Manager Co-Founder, CTO @ZenGo Advisor @ZeroNetworks x-VP Research Aorato, acq by @Microsoft 9 times @BlackHatEvents speakerPentest-Tools.com @pentesttoolscom
4K Followers 1K Following Get a hacker's perspective on your web apps, network & cloud 👉 We help security teams run the key steps of a pentest, easily and without expert hacking skills0xblackbird @0xblackbird
5K Followers 393 Following founder @novasecio. Securing SaaS applications. DM for early access.Leo Rac @leo__rac
2K Followers 285 Following Dad 👨👩 Believer ✝️ Self improver 💪🏻 Minimalist 👤. Software Engineer by day, Cybersec enthusiast and Bug Bounty Hunter the rest of the time𝚃𝚊𝚌𝚝𝚒�.. @OSINT_Tactical
17K Followers 3K Following 2x @Tracelabs OSINT Gold 🥇& 3x Silver Badge 🥈 | https://t.co/I4WnSSr9tV@ddǝɐuɐp @DanaEpp
3K Followers 217 Following Builder & Breaker of software. Microsoft Security MVP focused on security (de)engineering. Can also be found on https://t.co/DJMpYc1DssHac @Hac10101
5K Followers 807 Following 🇮🇳 Hacker| eJPT|HTB CBBH|Pentest+ |CTF With Team:- @5h4d0wbr0k3r5 | Views are my own and do not represent those of my employers.Alex Olsen @appSecExp
1K Followers 106 Following Cyber Security | Penetration Testing | AppSec | Content Creator | Caffeine & Code.𐰚𐰼𐰇𐱅 @ynsmroztas
4K Followers 102 Following #BugBounty #Hunter #Python #Java #Dev #CyberSecurity #Android #GALATASARAYBenjamin Pasero @BenjaminPasero
2K Followers 15 Following Developer on VS @code | Opinions are my own | he/himJayesh Madnani @Jayesh25_
11K Followers 354 Following CEO and Hacker in charge @ EIS | HackerOne Top 15 | https://t.co/JSX03WutFNlexi <img src=x on.. @1lexxi
2K Followers 4K Following i (occasionally) code stuff >w< | cs student, ctf player, occasional security researcher. or in other words, i like breaking computersxanhacks @xanhacks
1K Followers 618 Following 🎯 Web & Malware 🩸CTF with @Arn_Hack @HexagonCTF @GCC_ENSIBS 💾 Staff member of @HeroCTF @Hack2g2 @Flag4jobsDid you guy know that Linux is so Developer-Oriented that it has a special folder called /dev/ where you are suppose to develop all your projects? It's true, check it on your Distro!
SNHACK Attack: How Hackers Could Turn Your Smart Pet Feeder into an All-You-Can-Eat Buffet - @whid_ninja whid.ninja/blog/snhack-at…
Happy Easter! Today, we celebrate Jesus rising from the dead after His sacrifice for us on the cross. Jesus has such great love for us, that he gave himself up to die to cover our sin and bring us closer to God. I'm so grateful for this, especially on days like today. ❤️
Very cool and interactive blog post about micro-optimization with JavaScript, by romgrk romgrk.com/posts/optimizi…
#BugBounty #BugBountytips #infosec Deep Links & WebViews Exploitations Part I medium.com/@justmobilesec… Deep Links & WebViews Exploitations Part II medium.com/@justmobilesec…
📲 Bluetooth Security Assessment Methodology An open-source guide to security evaluation of Bluetooth devices, covering 36 controls 🛠️ BlueSpy: a PoC for eavesdropping exploiting insecure pairing github.com/TarlogicSecuri… By @Tarlogic #infosec #redteam tarlogic.com/bsam/
fun fact: while chrome URL limit is 2,083 characters the hash part of URL is not limited by this number, that's why I was able to put 100kb of code into typescript playground :)
@migtissera This is their CEO as a kid. Maybe GPT-4 is a wrapper around him?
Kubernetes & Terraform : 5 Mini Projects to get Hands on youtu.be/-h6ZcwbNdQc
Finished "100 Go Mistakes & How to Avoid Them" by Teiva Harsanyi. This made me painfully aware of how easy it is to make a concurrent mess, even in a PL designed for that purpose. If you’re already comfortable in Go, the summary will probably suffice. 100go.co
SHA-1 gets SHAttered evervault.com/blog/sha-1-get…
Dive into the Bluetooth universe with @_mattata in GreyNoise Labs' latest blog series. From lost Fitbits to sophisticated systems, join the adventure through the intricacies of BTLE, hardware challenges, and the quest for understanding the invisible tech around us. 🚀…
Lettura assolutamente attuale: "The unintended consequences of blocking IP addresses" blog.cloudflare.com/consequences-o…
Copy from Shell: MacOS: $ <stuff> | pbcopy Windows: $ <stuff> | clip Linux (newer) $ <stuff> | wl-copy Linux (older) $ <stuff> | xclip 1/2
if you guys remember, Cloudflare moved away from NGINX to build their own proxy named Pingora. Made a video on the topic a year ago. youtu.be/QbOAHkaFU6w?si… Today Cloudflare just opened source Pingora.
Pingora, our framework for building programmable and memory-safe network services, is now open source. cfl.re/42UtNzk
So I got a @Hetzner_Online box for a game server and ended up running tcpdump for troubleshooting. It turns out they not only intercept XMPP traffic for some hosts (see comment), but I can see a ton of SYN traffic for their other customers - as well as some UDP packets. WTF???
'Docker Best Practices': In this blog, you will learn some Docker best practices mainly focussed on Java applications. This is not only a theoretical exercise, but you will learn how to apply the best practices to your Dockerfiles. Enjoy! #java #docker mydeveloperplanet.com/2022/11/30/doc…
Our first Learn path for Copilot for Security is ready! Get started with Microsoft Copilot for Security - Training learn.microsoft.com/en-us/training… #CopilotforSecurity #SecurityCopilot #Cybersecurity #MicrosoftSecurity #Security