@ddǝɐuɐp @DanaEpp
Builder & Breaker of software. Microsoft Security MVP focused on security (de)engineering. Can also be found on https://t.co/DJMpYc1Dss danaepp.com Canada Joined April 2008-
Tweets7K
-
Followers3K
-
Following215
-
Likes852
A good report title is so clear and concise that anyone reading it understands the issue immediately. Learn how to write vulnerability report titles that don’t suck! danaepp.com/why-your-vulne…
0
0
1
136
2
Always be learning. Improve. Adapt. Overcome. Never doubt yourself. You've got this. Maybe just not today. Failure is nothing more than learning a new way NOT to do something in the future. Experience makes you better.
Learn how to get the most out of the reporting capabilities built into PortSwigger’s Burp Suite Professional. #apihacking #burpsuite danaepp.com/heres-how-i-ge…
Check out this curated list of FREE resources you can use to master Burp Suite for web app and API security testing. danaepp.com/the-ultimate-g…
You ever feel like you are finding the weirdest of vulns in areas you don't expect? Ya... me too. #apihacking #apisecurity #MIB
@ddǝɐuɐp retweeted
i guess it’s “explain how crime works to web3 folks o’clock” again EXTORTION 👏 IS 👏 NOT 👏 BUG 👏 BOUNTY coindesk.com/consensus-maga…
Good article by the folks @trufflesec on how they are finding thousands of leaked secrets in public Postman workspaces. trufflesecurity.com/blog/postman-c…
Learn how to write your own Burp BCheck scripts to tap into the web vulnerability scanner to automate your API security testing. #apisecurity #bcheck #burpsuite danaepp.com/improve-your-a…
@ddǝɐuɐp retweeted
Breaking APIs with naughty strings danaepp.com/breaking-apis-…
👀☠️
Me: Abusing an API that has been “hardened”:
Me: Abusing an API that has been “hardened”:
It happens to all of us. If you feel this way when learning to hack APIs, DM me. Let's talk.
Learn how to use server-side prototype pollution (SSPP) to abuse an API written in NodeJS for privilege escalation and remote code execution. #apihacking #apisecurity danaepp.com/how-to-exploit…
Whenever I see a v1 UUID being used in an API...
Are we in the only industry where burping is c00l? Asking for a friend. 🍻
OMG. 🤣🍪
Ben Sadeghipour @NahamSec
197K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷
bugcrowd @Bugcrowd
160K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™
John Hammond @_JohnHammond
239K Followers 2K Following Hacker. Cybersecurity Researcher @HuntressLabs || https://t.co/qUeDM3lSCl
Jason Haddix @Jhaddix
146K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. @arcanuminfosec 18 years hacking + sec leadership. ex:BuddoBot-Ubisoft-Bugcrowd-Fortify-HP-Redspin-Citrix.
Joseph Thacker @rez0__
49K Followers 865 Following the promptfather. christian. hacker. hobby jogger. principal ai engineer @appomnisecurity.
Katie Paxton-Fear @InsiderPhD
82K Followers 2K Following Dr, apparently. Creator @traceableai, Lecturer & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/her
hakluke @hakluke
88K Followers 2K Following Hacker, bounties, entrepreneur. I help cybersecurity companies produce amazing content for their blogs and socials. Founder of: @haksecio and @hacker_content
🇷🇴 cristi @CristiVlad25
38K Followers 151 Following
hAPI_hacker @hAPI_hacker
13K Followers 656 Following { "name": "Corey J. Ball", "author": "Hacking APIs", "creator": "https://t.co/y3EHBlzHvJ", "is_admin": true }
SwiftOnSecurity @SwiftOnSecurity
403K Followers 9K Following computer security person. former helpdesk.
InfoSec Community @InfoSecComm
38K Followers 638 Following Largest InfoSec publication with 30k+ followers and 1M+ monthly views. 3rd edition of @IWcon_ happening in December 2023!
Md Ismail Šojal @0x0SojalSec
22K Followers 4K Following Cyber_Security_Researchers || 0SINT || Digital Forensics System Analysis / incident Response II Pwn || GH0ST_3xP10iT || 0ld Accounts Suspended @0xSojalSec ||
Gunnar Andrews @G0LDEN_infosec
3K Followers 770 Following Hack Stuff | Code Stuff | Fitness | Kaizen OSCP | OSWA | OSWE https://t.co/4lgaVGZxd0 https://t.co/4JbA2DgF90 https://t.co/uY8NkPXaqA
TomNomNom @TomNomNom
69K Followers 1K Following Open-source tool maker, web security person, trainer, talker, eater. He/him. Tools: https://t.co/pVV3LH3UsU YouTube: https://t.co/03Nrl7oBZI
Rick Claus @RicksterCDN
12K Followers 891 Following A cannuck, a geek, a family man & a self-professed server hugging infrastructure guy who has moved to Azure. I lead a team of awesome worldwide Cloud Advocates.
Steve Syfuhs @SteveSyfuhs
17K Followers 2K Following Windows and Authentication at Microsoft. Developer. Mostly dog pictures. Might actually be two dogs in a trench coat. 🇺🇸 / 🇨🇦 @syfuhs.net on blue sky
Samir Gadgil @0xm4v3rick
107 Followers 144 Following Pentest | Research | OSCP | https://t.co/26IQtbX9fO
Security Talent @Securi3yTalent
327 Followers 2K Following javascript Developer And Cyber Security Experts
un1tycyb3r @un1tycyb3r
42 Followers 147 Following Chief Information Everything Officer - Best Faith Security Researcher
Brian S. Kearney @brianskearney
152 Followers 327 Following Sales @ Koyfin | 2x Podcast Production Companies | Business & History Nerd
/etc/rezdrake.conf @rezdrake
629 Followers 4K Following #Infosec guy, IAM ,PAM, Linux/Unix,RFID,NFC,Ham Radio Operator - 9W2AFZ, bike commuter, overlander,Archer, Physical security enthusiast
A. S. M. Muhiminul Ha.. @muhiminulhasan
96 Followers 5K Following
Jonathan Craig @WzrdOfGwendolyn
310 Followers 498 Following Blurr, The Wizard of Gwendolyn, Disciple of Experience, Legion Building Worldcraft: A Narrative World Building AI Copilot Nexus Arcana: Personality Test w/ AI
Eva @vero_gatita11
7 Followers 189 Following Love life, enjoy traveling, enjoy different landscapes and cultural history (hope to meet friends with common interests
saudi @op_saudi
53 Followers 1K Following
SOUFIANE DEHIRI @bylka_inj
144 Followers 295 Following J'AIME BIEN BOUFFER, MAIS J'AIME PAS LES SALADES
4Z111 @4Z1118749
6 Followers 41 Following
Harshil @0x_hollow
135 Followers 271 Following Cyber security enthusiast | Bug Bounty Hunting 🐞 | grep knowledge
Wise0WL @WisemanEmmanuel
124 Followers 433 Following the future is cybersecurity🔮 |Doveryai, no Proveryai
Sam (caffeine) @caffeinevulns
3K Followers 878 Following breaking/building web apps - https://t.co/BNH0YCpAEn
Sandro @SandroGarciaT
21 Followers 450 Following
Po 🐼 @pohacks
143 Followers 543 Following
WINDMARK @itswindmark
68 Followers 375 Following
C.Risaaq M.Abdi @AbdirsakMAbdi
353 Followers 4K Following IT Lecturer , founder & Current CEO of @HanhubPL, CyberSecurity & Interaction Designer
Azazzi @Azazzi9
9 Followers 58 Following
Groosg @groosg_
280 Followers 2K Following Every cause has its effect; every effect has its cause; everything happens according to law; chance is but a name for law not recognized...
The Hacker Guy! @IAmKingVeli
291 Followers 114 Following Penetration Tester | Bug bounty hunter | Application Security Engineer | Python Developer | DevOps | DevSecOps
Sim4n6 🐞 @sim4n6
463 Followers 708 Following A bug🐞 squasher 🗜️in spirit, much in love with #CodeQL.
Bill Ludwig 🏳️�.. @BillLudwig
1K Followers 2K Following https://t.co/MGtVjGaNNg. Not born here but I'm now a proud New Mexican (yes it's a state) Democrat. Too many hobbies to list. #NMPol (views my own, yadda yadda)
PC ⛓ @PC65049955
1K Followers 3K Following #Bitcoin not crypto, #Bitcoin not blockchain #Beef #nostr npub1rmjmalr3267nnzd6twl7m76w5xpyuvrhaxn3dyd93l8yrpxwderqmuhvsd
Priyanshu @priyanshu_xo
858 Followers 644 Following full time bug bounty hunter https://t.co/Z1PExchTcf
Abdallah Mahrous @amahrous79
34 Followers 499 Following Lucky father | part time bug hunter | german speaker
Gwatz @Gwatz5
1K Followers 1K Following
Chef. @Chef52002
30 Followers 399 Following
Sahil Ali @SahilAli108
1 Followers 70 Following
MAK @live_with_MAK
335 Followers 487 Following Ability may get you to the top, but it takes character to keep you there.
b10wf15h @b10wf15h
23 Followers 155 Following
Asif Mumtaz @GashkoriAsif
221 Followers 2K Following Explore the latest Developments, Challenges, and Opportunities in the field of AI.Follow me for more insights and updates!
Kokalagi Rushikesh(3R.. @3RaasRK
111 Followers 2K Following Cyber Security Researcher | Bug Bounty Hunter | Penetration Tester
reaperdragon @reaperdragon0
70 Followers 260 Following
Seqrity @seqrity9
2K Followers 200 Following Cyber Security Enthusiast | Bug Hunter | Network Engineer
capybara @ohcapybara
0 Followers 46 Following
Ben Sadeghipour @NahamSec
197K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷
Scott Hanselman 🌮 @shanselman
329K Followers 11K Following VP of Developer Community @ MSFT - Code, OSS, STEM, Beyoncé, 🏴🇿🇼#T1D, #DevRel YouTube+TikTok listen to the @Hanselminutes inclusive tech podcast!
John Hammond @_JohnHammond
239K Followers 2K Following Hacker. Cybersecurity Researcher @HuntressLabs || https://t.co/qUeDM3lSCl
Jason Haddix @Jhaddix
146K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. @arcanuminfosec 18 years hacking + sec leadership. ex:BuddoBot-Ubisoft-Bugcrowd-Fortify-HP-Redspin-Citrix.
STÖK ✌️ @stokfredrik
126K Followers 1K Following Hi.. im that hacker / creative that your friends told you about. Creative Director & Hacks all the things at @truesec
Sam Curry @samwcyo
77K Followers 943 Following Hacker, bug bounty hunter. Run a blog to better explain web application security.
🇷🇴 cristi @CristiVlad25
38K Followers 151 Following
hAPI_hacker @hAPI_hacker
13K Followers 656 Following { "name": "Corey J. Ball", "author": "Hacking APIs", "creator": "https://t.co/y3EHBlzHvJ", "is_admin": true }
SwiftOnSecurity @SwiftOnSecurity
403K Followers 9K Following computer security person. former helpdesk.
Jack Rhysider 🏴.. @JackRhysider
147K Followers 3K Following Creator of @DarknetDiaries. Tell me a good hacker story. 💻🔦⤵️🐰🕳️ Discord: https://t.co/qxanMuIy7u
LiveOverflow 🔴 @LiveOverflow
142K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio
TomNomNom @TomNomNom
69K Followers 1K Following Open-source tool maker, web security person, trainer, talker, eater. He/him. Tools: https://t.co/pVV3LH3UsU YouTube: https://t.co/03Nrl7oBZI
Rick Claus @RicksterCDN
12K Followers 891 Following A cannuck, a geek, a family man & a self-professed server hugging infrastructure guy who has moved to Azure. I lead a team of awesome worldwide Cloud Advocates.
Troy Hunt @troyhunt
228K Followers 1K Following Creator of @haveibeenpwned. Microsoft Regional Director. Pluralsight author. Online security, technology and “The Cloud”. Australian.
Steve Syfuhs @SteveSyfuhs
17K Followers 2K Following Windows and Authentication at Microsoft. Developer. Mostly dog pictures. Might actually be two dogs in a trench coat. 🇺🇸 / 🇨🇦 @syfuhs.net on blue sky
Web Security Academy @WebSecAcademy
108K Followers 5 Following Free web security training from @PortSwigger
Cyberkid0x1🇵🇸 @Cyberkid012
720 Followers 2K Following Cyber Security Enthusiasts, Bug hunter, Ethical Hacker, Certified Appsec Practitioner 😎👨💻👩💻👩💻💾.
Pat Flynn @PatFlynn
168K Followers 16K Following Lead by example. Be honest. Hold nothing back. Founder of SmartPassiveIncome & SwitchPod. Advisor to 8 SaaS companies. Pokémon YouTuber @ DeepPocketMonster 🤙🏼
Bruno @use_bruno
3K Followers 55 Following Opensource IDE for exploring and testing APIs | Created by @anoopcodes We are re-inventing the API client.
ghsinfosec @_ghsinfosec
66 Followers 148 Following Christian : Husband : Dad : Mediocre cybersecurity professional : Aspiring bug bounty hunter
/ XNL -н4cĸ3r (@Xnl.. @xnl_h4ck3r
7K Followers 820 Following Aspiring Bug Bounty Hunter & dev of tools: GAP, xnLinkFinder & waymore, featured in "Bug Hunter’s Methodology: Application Analysis v1" by JHaddix 🤘 RTFM🧐
Charlie Eriksen @CharlieEriksen
1K Followers 291 Following Founder @weaseljs. Previously Product Manager @SecCodeWarrior, co-founder at Adversaryio & Principal Security Engineer/Partner @thesyndis
Gergely Kalman @gergely_kalman
1K Followers 313 Following bug bounty hunter I guess @[email protected]
Matt McGarry @JMatthewMcGarry
17K Followers 735 Following The Newsletter Guy | Generated 5M+ subscribers and $15M+ in sales last year | Follow me for email growth tactics | Agency: https://t.co/u4ZAGC003s
Liran Tal @liran_tal
12K Followers 1K Following 🦄 Node.js Secure Coding: https://t.co/tK9HV9apFk 🌟 Awarded @GitHub Star 🏅 Awarded @OpenJS Pathfinder award for Security 🥑 DevRel @snyksec
Gunnar S. Holm @holmisthename
4K Followers 658 Following I grow newsletters with paid ads. Weekly newsletter: https://t.co/XrICM8lpeF
Samy Dindane @SamyDindane
8K Followers 809 Following Built a SaaS before it was cool. Went through the ups and the downs. Hit 100k MRR but not stopping there.
Clint Gibler @clintgibler
19K Followers 575 Following 🗡️ Head of Security Research @semgrep 📚 Creator of https://t.co/xwtIAI0CuJ newsletter
Burp Suite @Burp_Suite
118K Followers 13 Following Burp Suite is the leading software for web security testing.
Hypefury - Simple aud.. @hypefury
72K Followers 99 Following Simple social automation & content creation for entrepreneurs who dream big 🚀 Free Twitter growth tips in your 👉 📩 https://t.co/KWuQw0Dos8
Frank McGovern @FrankMcG
16K Followers 249 Following Cybersecurity @ Fortune 100’s ● @BlueTeamCon Founder ● @MARFORCYBER Cyber Auxiliarist ● Former USMC Intel ● Auto Enthusiast ● Real Estate Owner ● Rucker
Nathan Barry @nathanbarry
130K Followers 2K Following Founder & CEO at @ConvertKit — the leading Creator Marketing Platform. Grow your audience & earn a living with ConvertKit: https://t.co/qtBLZSqe64
Mike Ralphson @PermittedSoc
1K Followers 1K Following OpenAPI Initiative TSC member / Community Manager - https://t.co/IaYQFacIeC directory maintainer - GSoC '23 mentor - Author of 'Overcoming Fear' (2024) They/them.
ΡRΛSΞUDΟ ® @praseudo
1K Followers 942 Following AppSec Researcher, DevSecOps, Handles @bugbountydm, Web/Mobile/Thick Client App Pentester, API/Network Pentester, https://t.co/MNKHPWsIJA
Bill Doerrfeld @DoerrfeldBill
3K Followers 3K Following Editor in Chief @NordicAPIs. Tech journalist with bylines on @devopsdotcom @ContainerJrnl @CIOonline @TheLeadDev @securityblvd & other pubs. 👨he/him.
Matt Johansen @mattjay
27K Followers 2K Following Helping Secure the Internet | Long Island elder emo surviving in ATX | Expect: infosec current events, DFIR, appsec & cloudsec - and me!
Rodrigo Díaz Concha @rdiazconcha
4K Followers 2K Following 15x Microsoft MVP | Microsoft Regional Director | Veteran Solutions Architect | Driving Innovation in AI | LinkedIn Learning Author | Solliance | Global Speaker
Rob Fuller @mubix
81K Followers 26K Following Dad / Husband / Marine / Student / Teacher / IAM, Red Team, CTI Director / @Hak5 / @NoVAHackers / @SiliconHBO / @NationalCCDC / @MARFORCYBER Auxiliary
RogersHelps @RogersHelps
112K Followers 37K Following Official Rogers customer care & technical support. For more online help visit https://t.co/Db5DlCeNd2
APIsecurity.io @apisecurityio
4K Followers 110 Following API security news, standards, vulnerabilities, tools.
Microsoft BlueHat @MSFTBlueHat
3K Followers 170 Following BlueHat is where the security research community and @Microsoft security pros come together as peers, to connect, share and learn. Run by @MSFTSecResponse
t1v0 @_t1v0_
340 Followers 172 Following Pen tester, security geek. PvJ red team guy, Defcon black badge winner (IoT CTF). Founder of Loudmouth Security and co-founder of Village Idiot Labs.
API Handyman (@arnaud.. @apihandyman
6K Followers 919 Following Arnaud Lauret, doing API stuff at @getpostman, Author of The Design of Web APIs https://t.co/MARf81TPrX. 🐘 @[email protected]
Magno Logan @magnologan
3K Followers 5K Following Application Security Specialist. Secure Coding and DevSecOps Instructor. Promoted == Blocked!
Vickie Li @vickieli7
32K Followers 203 Following Infosec nerd. Hacks and secures. Creates god awful infographics. Author of #BugBountyBootcamp. Security @instacart.
Andrew Hoffman @and1hof
155 Followers 44 Following Software Engineer & Security Researcher. Author of Web Application Security: Exploitation and Countermeasures (O'Reilly, 2020).
Azeria @Fox0x01
125K Followers 571 Following Sneaky bit flipper | CEO of @azeria_labs | Arm Assembly Princess | Trainer | Author of @BlueFoxBook |
frycos @frycos
3K Followers 514 Following Private account! Red teamer @codewhitesec. @[email protected]
Zero Day Initiative @thezdi
77K Followers 17 Following Trend Micro’s Zero Day Initiative (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
Zerodium @Zerodium
26K Followers 0 Following Zerodium is the world-leading acquisition platform for premium zero-days exploits and advanced cybersecurity research. We pay BIG bounties, not bug bounties!
Rado RC1 @RabbitPro
5K Followers 662 Following Exploitation, hardware, embedded, reverse engineering, automotive security. Pwn2Own Master of Pwn Flashback team (@FlashbackPwn).
Pedro Ribeiro @pedrib1337
8K Followers 309 Following Reverse Engineer | Director @ https://t.co/KuU3tiG1Om | Exploit Chef @FlashbackPwn
Dr. Nestori Syynimaa @DrAzureAD
17K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
Daniel Dale @ddale8
1.1M Followers 2K Following Senior reporter at CNN. Fact-checking the president, 2024 candidates and others.
Cryillic @Real_Cryillic
911 Followers 1K Following Content Engineer @RealTryHackMe • Will hack for Pcaps • Your moms favorite hacker • Allegedly found near RIT
DC604 @Defcon604
420 Followers 74 Following Official Twitter of DC604 | Local Vancouver/Lower Mainland #Hacker community | Come find us at VancitySec and 2600. https://t.co/0DLI6e2i9C
Mike Felch (Stay Read.. @ustayready
15K Followers 2K Following Pentester / Red Team | Hacking since Renegade BBS backdoors | Dev since vb3 | Content since '99-'03 ezines | Prior CrowdStrike / BHIS | In Christ's grip
@DanaEpp That's a great question. I need more of those in my life soon.
i guess it’s “explain how crime works to web3 folks o’clock” again EXTORTION 👏 IS 👏 NOT 👏 BUG 👏 BOUNTY coindesk.com/consensus-maga…
fyi: ESX, PanOS, and many other devices have gdb installed by default. There are always sneakier ways to stage..
Breaking APIs with naughty strings danaepp.com/breaking-apis-…
Impostor syndrome evaporates quickly when you meet actual impostors.
me: carefully crafting features for users users:
Love this mindset! What about you?
How I feel when someone tells me it's not possible to exploit a vuln in "that" area of the app... #apihacking #apisecurity
One day I'm going to design a TryHackMe room with a few minor vulns and a practically impossible to find (without source code) RCE to get the flag. The entire point of the box is to teach people it's OK to stop looking and give up. As pentesters, we have a limited amount of…
@djchateau @DanaEpp IMO if you've found a potential vuln using OSINT techniques, it's fine to reach out and let the company know, ask if you can poke it a little further. If they are friendly, you can ask if they'd consider a bounty for your help. What I'm not a fan of is people complaining when…
Starting last week, security researchers can report vulnerabilities and claim rewards for nearly all @amazon subdomains and top-level domains through their expanding public #bugbounty program! 💪🏼 Check out their program page for the latest details! bit.ly/4dbf9Zk
😈 Backdooring .NET Applications Walk through of adding a backdoor to an open source CMS that captures and sends valid login credentials to a remote server Using tools like: ilasm, ildasm, and Dotpeek starkeblog.com/backdooring/do…
Did you know ... you can now scan APIs by uploading a definition in Burp Suite Pro! #BurpSuiteShorts
Trends for United States
56,4 B posts
16,1 B posts
8.007 posts
10,2 B posts
28,3 B posts
30,2 B posts
35,6 B posts
6.678 posts
211 B posts
1.946 posts
21,5 B posts
68,7 B posts
1.140 posts
5.379 posts
11,7 B posts
21,4 B posts
6.281 posts
1.990 posts
2.152 posts
You might like
v_me_50
@ynjhgfddrafsz
997 Followers
MsftTechNews
@MsftTechNews
889 Followers
Shockwave - Attack Su..
@shockwave_sec
2K Followers
Robert Crane
@directorcia
1K Followers
Brad Heath
@bradheath
120K Followers
ITPro Today
@ITProToday
17K Followers
Burp Bounty
@BurpBounty
19K Followers
Travis Austin
@TravisGadsden
487 Followers
@WiredCanuck
@wiredcanuck
2K Followers
Dave Sobel
@djdaveet
2K Followers
Rick Claus
@RicksterCDN
12K Followers
Vid Micevic
@VidMicevic
627 Followers
Susan Bradley
@SBSDiva
1K Followers
Tim Barrett
@timbarrett
699 Followers
Bytecafe Consulting, ..
@bytecafe
588 Followers