@ddǝɐuɐp @DanaEpp
Builder & Breaker of software. Microsoft Security MVP focused on security (de)engineering. Can also be found on https://t.co/DJMpYc1Dss danaepp.com Canada Joined April 2008-
Tweets7K
-
Followers3K
-
Following215
-
Likes852
A good report title is so clear and concise that anyone reading it understands the issue immediately. Learn how to write vulnerability report titles that don’t suck! danaepp.com/why-your-vulne…
Always be learning. Improve. Adapt. Overcome. Never doubt yourself. You've got this. Maybe just not today. Failure is nothing more than learning a new way NOT to do something in the future. Experience makes you better.
Learn how to get the most out of the reporting capabilities built into PortSwigger’s Burp Suite Professional. #apihacking #burpsuite danaepp.com/heres-how-i-ge…
Check out this curated list of FREE resources you can use to master Burp Suite for web app and API security testing. danaepp.com/the-ultimate-g…
You ever feel like you are finding the weirdest of vulns in areas you don't expect? Ya... me too. #apihacking #apisecurity #MIB
i guess it’s “explain how crime works to web3 folks o’clock” again EXTORTION 👏 IS 👏 NOT 👏 BUG 👏 BOUNTY coindesk.com/consensus-maga…
Good article by the folks @trufflesec on how they are finding thousands of leaked secrets in public Postman workspaces. trufflesecurity.com/blog/postman-c…
Learn how to write your own Burp BCheck scripts to tap into the web vulnerability scanner to automate your API security testing. #apisecurity #bcheck #burpsuite danaepp.com/improve-your-a…
Breaking APIs with naughty strings danaepp.com/breaking-apis-…
👀☠️
Me: Abusing an API that has been “hardened”:
Me: Abusing an API that has been “hardened”:
Learn how to use server-side prototype pollution (SSPP) to abuse an API written in NodeJS for privilege escalation and remote code execution. #apihacking #apisecurity danaepp.com/how-to-exploit…
OMG. 🤣🍪
Ben Sadeghipour @NahamSec
197K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷bugcrowd @Bugcrowd
160K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™John Hammond @_JohnHammond
239K Followers 2K Following Hacker. Cybersecurity Researcher @HuntressLabs || https://t.co/qUeDM3lSClJason Haddix @Jhaddix
146K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. @arcanuminfosec 18 years hacking + sec leadership. ex:BuddoBot-Ubisoft-Bugcrowd-Fortify-HP-Redspin-Citrix.Joseph Thacker @rez0__
49K Followers 865 Following the promptfather. christian. hacker. hobby jogger. principal ai engineer @appomnisecurity.Katie Paxton-Fear @InsiderPhD
82K Followers 2K Following Dr, apparently. Creator @traceableai, Lecturer & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/herhakluke @hakluke
88K Followers 2K Following Hacker, bounties, entrepreneur. I help cybersecurity companies produce amazing content for their blogs and socials. Founder of: @haksecio and @hacker_content🇷🇴 cristi @CristiVlad25
38K Followers 151 FollowinghAPI_hacker @hAPI_hacker
13K Followers 656 Following { "name": "Corey J. Ball", "author": "Hacking APIs", "creator": "https://t.co/y3EHBlzHvJ", "is_admin": true }SwiftOnSecurity @SwiftOnSecurity
403K Followers 9K Following computer security person. former helpdesk.InfoSec Community @InfoSecComm
38K Followers 638 Following Largest InfoSec publication with 30k+ followers and 1M+ monthly views. 3rd edition of @IWcon_ happening in December 2023!Md Ismail Šojal @0x0SojalSec
22K Followers 4K Following Cyber_Security_Researchers || 0SINT || Digital Forensics System Analysis / incident Response II Pwn || GH0ST_3xP10iT || 0ld Accounts Suspended @0xSojalSec ||Gunnar Andrews @G0LDEN_infosec
3K Followers 770 Following Hack Stuff | Code Stuff | Fitness | Kaizen OSCP | OSWA | OSWE https://t.co/4lgaVGZxd0 https://t.co/4JbA2DgF90 https://t.co/uY8NkPXaqATomNomNom @TomNomNom
69K Followers 1K Following Open-source tool maker, web security person, trainer, talker, eater. He/him. Tools: https://t.co/pVV3LH3UsU YouTube: https://t.co/03Nrl7oBZIRick Claus @RicksterCDN
12K Followers 891 Following A cannuck, a geek, a family man & a self-professed server hugging infrastructure guy who has moved to Azure. I lead a team of awesome worldwide Cloud Advocates.Steve Syfuhs @SteveSyfuhs
17K Followers 2K Following Windows and Authentication at Microsoft. Developer. Mostly dog pictures. Might actually be two dogs in a trench coat. 🇺🇸 / 🇨🇦 @syfuhs.net on blue skySamir Gadgil @0xm4v3rick
107 Followers 144 Following Pentest | Research | OSCP | https://t.co/26IQtbX9fOSecurity Talent @Securi3yTalent
327 Followers 2K Following javascript Developer And Cyber Security Expertsun1tycyb3r @un1tycyb3r
42 Followers 147 Following Chief Information Everything Officer - Best Faith Security ResearcherBrian S. Kearney @brianskearney
152 Followers 327 Following Sales @ Koyfin | 2x Podcast Production Companies | Business & History Nerd/etc/rezdrake.conf @rezdrake
629 Followers 4K Following #Infosec guy, IAM ,PAM, Linux/Unix,RFID,NFC,Ham Radio Operator - 9W2AFZ, bike commuter, overlander,Archer, Physical security enthusiastA. S. M. Muhiminul Ha.. @muhiminulhasan
96 Followers 5K FollowingJonathan Craig @WzrdOfGwendolyn
310 Followers 498 Following Blurr, The Wizard of Gwendolyn, Disciple of Experience, Legion Building Worldcraft: A Narrative World Building AI Copilot Nexus Arcana: Personality Test w/ AIEva @vero_gatita11
7 Followers 189 Following Love life, enjoy traveling, enjoy different landscapes and cultural history (hope to meet friends with common interestssaudi @op_saudi
53 Followers 1K FollowingSOUFIANE DEHIRI @bylka_inj
144 Followers 295 Following J'AIME BIEN BOUFFER, MAIS J'AIME PAS LES SALADES4Z111 @4Z1118749
6 Followers 41 FollowingHarshil @0x_hollow
135 Followers 271 Following Cyber security enthusiast | Bug Bounty Hunting 🐞 | grep knowledgeWise0WL @WisemanEmmanuel
124 Followers 433 Following the future is cybersecurity🔮 |Doveryai, no ProveryaiSam (caffeine) @caffeinevulns
3K Followers 878 Following breaking/building web apps - https://t.co/BNH0YCpAEnSandro @SandroGarciaT
21 Followers 450 FollowingPo 🐼 @pohacks
143 Followers 543 FollowingWINDMARK @itswindmark
68 Followers 375 FollowingC.Risaaq M.Abdi @AbdirsakMAbdi
353 Followers 4K Following IT Lecturer , founder & Current CEO of @HanhubPL, CyberSecurity & Interaction DesignerAzazzi @Azazzi9
9 Followers 58 FollowingGroosg @groosg_
280 Followers 2K Following Every cause has its effect; every effect has its cause; everything happens according to law; chance is but a name for law not recognized...The Hacker Guy! @IAmKingVeli
291 Followers 114 Following Penetration Tester | Bug bounty hunter | Application Security Engineer | Python Developer | DevOps | DevSecOpsSim4n6 🐞 @sim4n6
463 Followers 708 Following A bug🐞 squasher 🗜️in spirit, much in love with #CodeQL.Bill Ludwig 🏳️�.. @BillLudwig
1K Followers 2K Following https://t.co/MGtVjGaNNg. Not born here but I'm now a proud New Mexican (yes it's a state) Democrat. Too many hobbies to list. #NMPol (views my own, yadda yadda)PC ⛓ @PC65049955
1K Followers 3K Following #Bitcoin not crypto, #Bitcoin not blockchain #Beef #nostr npub1rmjmalr3267nnzd6twl7m76w5xpyuvrhaxn3dyd93l8yrpxwderqmuhvsdPriyanshu @priyanshu_xo
858 Followers 644 Following full time bug bounty hunter https://t.co/Z1PExchTcfAbdallah Mahrous @amahrous79
34 Followers 499 Following Lucky father | part time bug hunter | german speakerGwatz @Gwatz5
1K Followers 1K FollowingChef. @Chef52002
30 Followers 399 FollowingSahil Ali @SahilAli108
1 Followers 70 FollowingMAK @live_with_MAK
335 Followers 487 Following Ability may get you to the top, but it takes character to keep you there.b10wf15h @b10wf15h
23 Followers 155 FollowingAsif Mumtaz @GashkoriAsif
221 Followers 2K Following Explore the latest Developments, Challenges, and Opportunities in the field of AI.Follow me for more insights and updates!Kokalagi Rushikesh(3R.. @3RaasRK
111 Followers 2K Following Cyber Security Researcher | Bug Bounty Hunter | Penetration Testerreaperdragon @reaperdragon0
70 Followers 260 FollowingSeqrity @seqrity9
2K Followers 200 Following Cyber Security Enthusiast | Bug Hunter | Network Engineercapybara @ohcapybara
0 Followers 46 FollowingBen Sadeghipour @NahamSec
197K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷Scott Hanselman 🌮 @shanselman
329K Followers 11K Following VP of Developer Community @ MSFT - Code, OSS, STEM, Beyoncé, 🏴🇿🇼#T1D, #DevRel YouTube+TikTok listen to the @Hanselminutes inclusive tech podcast!John Hammond @_JohnHammond
239K Followers 2K Following Hacker. Cybersecurity Researcher @HuntressLabs || https://t.co/qUeDM3lSClJason Haddix @Jhaddix
146K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. @arcanuminfosec 18 years hacking + sec leadership. ex:BuddoBot-Ubisoft-Bugcrowd-Fortify-HP-Redspin-Citrix.STÖK ✌️ @stokfredrik
126K Followers 1K Following Hi.. im that hacker / creative that your friends told you about. Creative Director & Hacks all the things at @truesecSam Curry @samwcyo
77K Followers 943 Following Hacker, bug bounty hunter. Run a blog to better explain web application security.🇷🇴 cristi @CristiVlad25
38K Followers 151 FollowinghAPI_hacker @hAPI_hacker
13K Followers 656 Following { "name": "Corey J. Ball", "author": "Hacking APIs", "creator": "https://t.co/y3EHBlzHvJ", "is_admin": true }SwiftOnSecurity @SwiftOnSecurity
403K Followers 9K Following computer security person. former helpdesk.Jack Rhysider 🏴.. @JackRhysider
147K Followers 3K Following Creator of @DarknetDiaries. Tell me a good hacker story. 💻🔦⤵️🐰🕳️ Discord: https://t.co/qxanMuIy7uLiveOverflow 🔴 @LiveOverflow
142K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeioTomNomNom @TomNomNom
69K Followers 1K Following Open-source tool maker, web security person, trainer, talker, eater. He/him. Tools: https://t.co/pVV3LH3UsU YouTube: https://t.co/03Nrl7oBZIRick Claus @RicksterCDN
12K Followers 891 Following A cannuck, a geek, a family man & a self-professed server hugging infrastructure guy who has moved to Azure. I lead a team of awesome worldwide Cloud Advocates.Troy Hunt @troyhunt
228K Followers 1K Following Creator of @haveibeenpwned. Microsoft Regional Director. Pluralsight author. Online security, technology and “The Cloud”. Australian.Steve Syfuhs @SteveSyfuhs
17K Followers 2K Following Windows and Authentication at Microsoft. Developer. Mostly dog pictures. Might actually be two dogs in a trench coat. 🇺🇸 / 🇨🇦 @syfuhs.net on blue skyWeb Security Academy @WebSecAcademy
108K Followers 5 Following Free web security training from @PortSwiggerCyberkid0x1🇵🇸 @Cyberkid012
720 Followers 2K Following Cyber Security Enthusiasts, Bug hunter, Ethical Hacker, Certified Appsec Practitioner 😎👨💻👩💻👩💻💾.Pat Flynn @PatFlynn
168K Followers 16K Following Lead by example. Be honest. Hold nothing back. Founder of SmartPassiveIncome & SwitchPod. Advisor to 8 SaaS companies. Pokémon YouTuber @ DeepPocketMonster 🤙🏼Bruno @use_bruno
3K Followers 55 Following Opensource IDE for exploring and testing APIs | Created by @anoopcodes We are re-inventing the API client.ghsinfosec @_ghsinfosec
66 Followers 148 Following Christian : Husband : Dad : Mediocre cybersecurity professional : Aspiring bug bounty hunter/ XNL -н4cĸ3r (@Xnl.. @xnl_h4ck3r
7K Followers 820 Following Aspiring Bug Bounty Hunter & dev of tools: GAP, xnLinkFinder & waymore, featured in "Bug Hunter’s Methodology: Application Analysis v1" by JHaddix 🤘 RTFM🧐Charlie Eriksen @CharlieEriksen
1K Followers 291 Following Founder @weaseljs. Previously Product Manager @SecCodeWarrior, co-founder at Adversaryio & Principal Security Engineer/Partner @thesyndisGergely Kalman @gergely_kalman
1K Followers 313 Following bug bounty hunter I guess @[email protected]Matt McGarry @JMatthewMcGarry
17K Followers 735 Following The Newsletter Guy | Generated 5M+ subscribers and $15M+ in sales last year | Follow me for email growth tactics | Agency: https://t.co/u4ZAGC003sLiran Tal @liran_tal
12K Followers 1K Following 🦄 Node.js Secure Coding: https://t.co/tK9HV9apFk 🌟 Awarded @GitHub Star 🏅 Awarded @OpenJS Pathfinder award for Security 🥑 DevRel @snyksecGunnar S. Holm @holmisthename
4K Followers 658 Following I grow newsletters with paid ads. Weekly newsletter: https://t.co/XrICM8lpeFSamy Dindane @SamyDindane
8K Followers 809 Following Built a SaaS before it was cool. Went through the ups and the downs. Hit 100k MRR but not stopping there.Clint Gibler @clintgibler
19K Followers 575 Following 🗡️ Head of Security Research @semgrep 📚 Creator of https://t.co/xwtIAI0CuJ newsletterBurp Suite @Burp_Suite
118K Followers 13 Following Burp Suite is the leading software for web security testing.Hypefury - Simple aud.. @hypefury
72K Followers 99 Following Simple social automation & content creation for entrepreneurs who dream big 🚀 Free Twitter growth tips in your 👉 📩 https://t.co/KWuQw0Dos8Frank McGovern @FrankMcG
16K Followers 249 Following Cybersecurity @ Fortune 100’s ● @BlueTeamCon Founder ● @MARFORCYBER Cyber Auxiliarist ● Former USMC Intel ● Auto Enthusiast ● Real Estate Owner ● RuckerNathan Barry @nathanbarry
130K Followers 2K Following Founder & CEO at @ConvertKit — the leading Creator Marketing Platform. Grow your audience & earn a living with ConvertKit: https://t.co/qtBLZSqe64Mike Ralphson @PermittedSoc
1K Followers 1K Following OpenAPI Initiative TSC member / Community Manager - https://t.co/IaYQFacIeC directory maintainer - GSoC '23 mentor - Author of 'Overcoming Fear' (2024) They/them.ΡRΛSΞUDΟ ® @praseudo
1K Followers 942 Following AppSec Researcher, DevSecOps, Handles @bugbountydm, Web/Mobile/Thick Client App Pentester, API/Network Pentester, https://t.co/MNKHPWsIJABill Doerrfeld @DoerrfeldBill
3K Followers 3K Following Editor in Chief @NordicAPIs. Tech journalist with bylines on @devopsdotcom @ContainerJrnl @CIOonline @TheLeadDev @securityblvd & other pubs. 👨he/him.Matt Johansen @mattjay
27K Followers 2K Following Helping Secure the Internet | Long Island elder emo surviving in ATX | Expect: infosec current events, DFIR, appsec & cloudsec - and me!Rodrigo Díaz Concha @rdiazconcha
4K Followers 2K Following 15x Microsoft MVP | Microsoft Regional Director | Veteran Solutions Architect | Driving Innovation in AI | LinkedIn Learning Author | Solliance | Global SpeakerRob Fuller @mubix
81K Followers 26K Following Dad / Husband / Marine / Student / Teacher / IAM, Red Team, CTI Director / @Hak5 / @NoVAHackers / @SiliconHBO / @NationalCCDC / @MARFORCYBER AuxiliaryRogersHelps @RogersHelps
112K Followers 37K Following Official Rogers customer care & technical support. For more online help visit https://t.co/Db5DlCeNd2APIsecurity.io @apisecurityio
4K Followers 110 Following API security news, standards, vulnerabilities, tools.Microsoft BlueHat @MSFTBlueHat
3K Followers 170 Following BlueHat is where the security research community and @Microsoft security pros come together as peers, to connect, share and learn. Run by @MSFTSecResponset1v0 @_t1v0_
340 Followers 172 Following Pen tester, security geek. PvJ red team guy, Defcon black badge winner (IoT CTF). Founder of Loudmouth Security and co-founder of Village Idiot Labs.API Handyman (@arnaud.. @apihandyman
6K Followers 919 Following Arnaud Lauret, doing API stuff at @getpostman, Author of The Design of Web APIs https://t.co/MARf81TPrX. 🐘 @[email protected]Magno Logan @magnologan
3K Followers 5K Following Application Security Specialist. Secure Coding and DevSecOps Instructor. Promoted == Blocked!Vickie Li @vickieli7
32K Followers 203 Following Infosec nerd. Hacks and secures. Creates god awful infographics. Author of #BugBountyBootcamp. Security @instacart.Andrew Hoffman @and1hof
155 Followers 44 Following Software Engineer & Security Researcher. Author of Web Application Security: Exploitation and Countermeasures (O'Reilly, 2020).Azeria @Fox0x01
125K Followers 571 Following Sneaky bit flipper | CEO of @azeria_labs | Arm Assembly Princess | Trainer | Author of @BlueFoxBook |frycos @frycos
3K Followers 514 Following Private account! Red teamer @codewhitesec. @[email protected]Zero Day Initiative @thezdi
77K Followers 17 Following Trend Micro’s Zero Day Initiative (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.Zerodium @Zerodium
26K Followers 0 Following Zerodium is the world-leading acquisition platform for premium zero-days exploits and advanced cybersecurity research. We pay BIG bounties, not bug bounties!Rado RC1 @RabbitPro
5K Followers 662 Following Exploitation, hardware, embedded, reverse engineering, automotive security. Pwn2Own Master of Pwn Flashback team (@FlashbackPwn).Pedro Ribeiro @pedrib1337
8K Followers 309 Following Reverse Engineer | Director @ https://t.co/KuU3tiG1Om | Exploit Chef @FlashbackPwnDr. Nestori Syynimaa @DrAzureAD
17K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)Daniel Dale @ddale8
1.1M Followers 2K Following Senior reporter at CNN. Fact-checking the president, 2024 candidates and others.Cryillic @Real_Cryillic
911 Followers 1K Following Content Engineer @RealTryHackMe • Will hack for Pcaps • Your moms favorite hacker • Allegedly found near RITDC604 @Defcon604
420 Followers 74 Following Official Twitter of DC604 | Local Vancouver/Lower Mainland #Hacker community | Come find us at VancitySec and 2600. https://t.co/0DLI6e2i9CMike Felch (Stay Read.. @ustayready
15K Followers 2K Following Pentester / Red Team | Hacking since Renegade BBS backdoors | Dev since vb3 | Content since '99-'03 ezines | Prior CrowdStrike / BHIS | In Christ's grip@DanaEpp That's a great question. I need more of those in my life soon.
i guess it’s “explain how crime works to web3 folks o’clock” again EXTORTION 👏 IS 👏 NOT 👏 BUG 👏 BOUNTY coindesk.com/consensus-maga…
fyi: ESX, PanOS, and many other devices have gdb installed by default. There are always sneakier ways to stage..
Breaking APIs with naughty strings danaepp.com/breaking-apis-…
Impostor syndrome evaporates quickly when you meet actual impostors.
me: carefully crafting features for users users:
Love this mindset! What about you?
How I feel when someone tells me it's not possible to exploit a vuln in "that" area of the app... #apihacking #apisecurity
One day I'm going to design a TryHackMe room with a few minor vulns and a practically impossible to find (without source code) RCE to get the flag. The entire point of the box is to teach people it's OK to stop looking and give up. As pentesters, we have a limited amount of…
@djchateau @DanaEpp IMO if you've found a potential vuln using OSINT techniques, it's fine to reach out and let the company know, ask if you can poke it a little further. If they are friendly, you can ask if they'd consider a bounty for your help. What I'm not a fan of is people complaining when…
Starting last week, security researchers can report vulnerabilities and claim rewards for nearly all @amazon subdomains and top-level domains through their expanding public #bugbounty program! 💪🏼 Check out their program page for the latest details! bit.ly/4dbf9Zk
😈 Backdooring .NET Applications Walk through of adding a backdoor to an open source CMS that captures and sends valid login credentials to a remote server Using tools like: ilasm, ildasm, and Dotpeek starkeblog.com/backdooring/do…
Did you know ... you can now scan APIs by uploading a definition in Burp Suite Pro! #BurpSuiteShorts