doomerhunter @DoomerOutrun
Victor Poucheret | Hacker Co-founded @BZHunt and bootstrapped the company to 7 figures. Multiple LHE #1/Best-team (H1-407, FIC2021,FIC2022,FIC2023, leHack...) blog.doomer.fr Joined August 2019-
Tweets162
-
Followers2K
-
Following936
-
Likes762
@rafabyte_ Thanks to @rafabyte_ for this amazing research! Go and give him a follow and then read his full write up here: rafa.hashnode.dev/exploiting-htt…
Yay, I was awarded a $15,000 bounty on @Hacker0x01! hackerone.com/doomerhunter #TogetherWeHitHarder Public target, main app, core feature. Really emphasises that everyone can find bugs on public progs with a lot of reports :)
Read how I used a custom scanner to discover a GitHub Actions vulnerability hiding in plain sight for 3 years in a Google OSS repository and earned a $7,500 💰 #bugbounty! adnanthekhan.com/2024/04/15/an-…
I've created a web application for people to try out complex session management and Macros in Burp Suite. github.com/Hipapheralkus/… It comes with a recording of live video explanations and how-to youtube.com/watch?v=mM3LR9… @MasteringBurp @PortSwigger
Updated Docker-OSX this weekend to include Sonoma. You can now perform security research on macOS, on Linux & WSL; High-Sierra, Mojave, Catalina, Big-Sur, Ventura, and now Sonoma. Thanks @DhiruKholia & @thenickdude1 for the upstream adjustments! --> 35,000 stars, 640,000…
after a little poc, this bug/crash isn't self ! you can simply add a status to the vocal chat, and as soon as someone clicks on it, he'll crash too :) it's funny because everyone can add a status on a vc :p
after a little poc, this bug/crash isn't self ! you can simply add a status to the vocal chat, and as soon as someone clicks on it, he'll crash too :) it's funny because everyone can add a status on a vc :p https://t.co/XXoZyQRJiX
Mr SaxX. @_SaxX_
25K Followers 445 Following Gentil Hacker ¦¦ Mentor @Guardia_School ¦¦ Speaker ¦¦ Hacker Ethique N°1 en Afrique ¦¦ Classé ds le TOP25 personnes cyber influentes en Afrique ¦¦ Épicurien🍷YesWeHack ⠵ @yeswehack
34K Followers 4K Following Global Bug Bounty & VDP Platform - #YesWeRHackers 🎯 https://t.co/57gODBq2WZ 👾 https://t.co/ICc6RyhJTp 💡 https://t.co/KNYxhkKuztHisxo @adrien_jeanneau
9K Followers 1K Following 📍 @yeswehack (aka Hisxo) - I love to break things (and I'm paid for that) - Bug Hunter 🔗 Check my Github repository https://t.co/Sj3prhiZyu #BugBountyshubs @infosec_au
50K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnoteRémi GASCOU (Podalir.. @podalirius_
7K Followers 557 Following Security Researcher & Speaker | Microsoft Security MVP | Developer of security tools | Coach of the CTF team @OteriHack 🎬 https://t.co/QaAENc4NcYKévin - Mizu @kevin_mizu
3K Followers 652 Following Vulnerability researcher 🐛 | CTF with @HexagonCTF, @rhackgondins 🦦 | Team FR 2023 🇫🇷 | https://t.co/sEBb6VnMrmLupin @0xLupin
14K Followers 548 Following Roni Carta alias Lupin. Co-Founder of Lupin & Holmes. R&D. Red Teamer. Bug Hunter. Musician 🤘Icare @Icare1337
1K Followers 566 Following Pentester at Thales DIS | OSCP | Bug Bounty Hunter | Researcher | Ethical Hacker | " Be creative, live a fun life, and don't be an asshole." - Ken Block |Worty @_Worty
2K Followers 515 Following Organizer of @HeroCTF || @FlatNetworkOrg || TeamFR 2021 & 2022 🇫🇷 || 🥷 @SynacktivYassine Aboukir 🐐 @Yassineaboukir
26K Followers 338 Following HackerOne Top 20, Pentest Lead, Ambassador, MVH Title and Hacker Advisory Board • Digital Nomad • Aspiring Athlete.Nicolas Grégoire @Agarri_FR
26K Followers 607 Following Web hacker and Burp Suite Pro trainer Refer to https://t.co/D5tRH7U2hg for trainings Follow @MasteringBurp for free tips and tricksEuz | Matthieu 🐙 @_Euzebius
2K Followers 2K Following Gamer, hacker. Purple teamer at 💜. Infosec swiss army knife. Love pentest, threat hunting, IR. HTB 🇫🇷 ambassador : euz. I didn't choose InfoSec, it chose me.Noobosaurus R3x 🦖 @NoobosaurusR3x
2K Followers 580 Following L3 H4ck3r L3 Plu5 n00b Du w3b https://t.co/9Ey8TAzkLT https://t.co/jCTWg1DAPeBaptiste Robert @fs0c131y
245K Followers 5K Following CEO @PredictaLabOff | French Security Researcher, Ethical Hacking, OSINTChackal (Esdras DAGO) @Chackal__
1K Followers 815 Following "Security researcher" doing BB on free time (https://t.co/j46EMrTT5T) Also doing some Reverse on many targets but find no vuln 😒Akita 🇦🇷 who Am.. @akita_zen
25K Followers 1K Following Hacker / Zen Monk / Energy Master / Bugbounty Hunter Founder of Nothing - Being Nothing - Silence - NoTime - only SpaceHippie @hiippiiie
323 Followers 573 Following Infosec Student📚 OSINT, SE, Lockpick, Car hacking 👾 @Rhackgondins🚩 @cogitosint🔍Guillaume Assier 🌤.. @GuillaumeAssier
2K Followers 1K Following Ex @clever_cloud ⛅ I write articles on @50nuancesoctets 🚀 • #Cyber, #Tech, #Cloud̋ @tiersigma
498 Followers 5K Following defenders think in lists.attackers think in graphs. as long as this is true, attackers win. ---sanity through retrowave™--- ---wannabe schwachstellenjaeger---Shardul Umap @Shardul_Umap
1 Followers 280 Following There are only two types of companies: those that have been hacked, and those that will be.zer0farad @zer0farad
1 Followers 133 FollowingNEXIZ @NEXIZ0
17 Followers 128 Following With all due respect to everyone, I'm just here for my own...Ahmed Mabark Raiaed M.. @raiaed22150
43 Followers 1K FollowingMohammad rasool @MrG2000
267 Followers 864 Following 🕵️ Bug Hunter in Training 🪲 | Web Security Enthusiast 💻 | Code Breaker🧑💻🧩ivan huertas @ivanhuertas
49 Followers 658 FollowingAleks 🇭🇷🇭�.. @696e746c6f6c
1K Followers 71 Following 18 years old junior software developer & security vulnerability researcher. https://t.co/0L2NdBWSuBresearcher Gpt LLM @researchGptllm
235 Followers 4K FollowingRareHills 🏔️⛰�.. @RAREHILLZ
2K Followers 5K Following 🏔@Rarehills 🚫 Just a Brand We Ä Defi Lyfestyle! •#WEB3 Ärtist Ädvocate •@Solana #NFT Änalyst's 🔝Tier 💎DMNDHÄNZIN -Merch: Get Ur🔻HÄNDZ ÖN @HÄNZÖNLucien Doustaly « Wl.. @Wlayzz
481 Followers 742 Following 🏴☠️ Searching bugs on @yeswehack, @hacker0x01 🇫🇷Han Solo 🇫🇷 @MilleniumCondor
240 Followers 300 FollowingFavour .A👨🏾�.. @codertjay
255 Followers 1K Following Python Developer -- Golang Developer -- Rust Developer Blockchain Developer 🚀 Smart contract researcher 🚀 Backend developer🚀 https://t.co/b2kJYWAzcYPrashikshit Saini @PrashikshitS
7 Followers 32 Followingannumeena @annumeena19
64 Followers 4K FollowingBimpoo Com @bimpooc
0 Followers 9 Following0Glitchx @0Glitchx
7 Followers 66 Following 0glitchx: Ethical Hacker & Researcher by day, defender by tweet. Making the digital world safer, one exploit at a time. #ethicalhacking #securityresearchismail._.chendeb @chendeb_ismail
0 Followers 26 Following penetration tester 💻 Bug bounty Hunter 👾Lebanon Tripoli 🇱🇧muraliakkina @0xma99
16 Followers 394 FollowingIrsath Ahamed @Irsathz
406 Followers 3K Following Hacker | Developer | Security Researcher Digital Forensic InvestigatorNikhil 🇮🇳 @Myth4ckz0x
274 Followers 2K Following Security Researcher | Bug Hunter | Infosec & Specifically Web guylocolocosec @locolocosec
34 Followers 133 Following Securing Web3 & Web2 Kindness and Compassion will gift us a better world.ahmed ashraf @ahmedas06856471
20 Followers 315 Followingzyad (waleed) elzyat @0xZyadElzyat
2 Followers 19 Following SOC Analyst 🛡️ | Junior Malware Analyst 👾 | Linux GeeK 🐧zero @zero9021000
7 Followers 87 FollowingChocapikk 🇨🇵 @Chocapikk_
1K Followers 740 Following Pentesting Enthusiast, Hunter/Moderator at @leak_ix, Student at @OteriaCS, x18 CVEs - https://t.co/Ezbt3w1g3v Views are my ownTharaka Nandasena @__tharaka
29 Followers 173 FollowingAshbi @ashbi_sec
90 Followers 604 Following0x59901R @0x59901R
47 Followers 511 Followingnu11 @nul1sec
0 Followers 5 FollowingAkash P @akash_p1989
48 Followers 2K FollowingHamaza5555 @hamaza5555
14 Followers 201 Followingaymen zerrouki @aymenazer1
83 Followers 635 FollowingIntigriti @intigriti
155K Followers 644 Following Global Bug Bounty & VDP Platform. 🌐: https://t.co/fgCupJckrW ▶️: https://t.co/lRfCzZBgb7 👾: https://t.co/Inf7N9VQIlBen Sadeghipour @NahamSec
197K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷Mr SaxX. @_SaxX_
25K Followers 445 Following Gentil Hacker ¦¦ Mentor @Guardia_School ¦¦ Speaker ¦¦ Hacker Ethique N°1 en Afrique ¦¦ Classé ds le TOP25 personnes cyber influentes en Afrique ¦¦ Épicurien🍷PentesterLab @PentesterLab
153K Followers 0 Following We make learning web hacking and security easier. Online systems, code review, videos & courses that can be used to understand, test and exploit bugs!YesWeHack ⠵ @yeswehack
34K Followers 4K Following Global Bug Bounty & VDP Platform - #YesWeRHackers 🎯 https://t.co/57gODBq2WZ 👾 https://t.co/ICc6RyhJTp 💡 https://t.co/KNYxhkKuztNicolas Krassas @Dinosn
122K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3Sam Curry @samwcyo
77K Followers 950 Following Hacker, bug bounty hunter. Run a blog to better explain web application security.Hisxo @adrien_jeanneau
9K Followers 1K Following 📍 @yeswehack (aka Hisxo) - I love to break things (and I'm paid for that) - Bug Hunter 🔗 Check my Github repository https://t.co/Sj3prhiZyu #BugBountyHussein Daher @HusseiN98D
43K Followers 151 Following Entrepreneur, Hacker 🇱🇧🇨🇮 @WebImmunify 27th/270000 BugCrowd Hacking Platformbugcrowd @Bugcrowd
161K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™STÖK ✌️ @stokfredrik
127K Followers 1K Following Hi.. im that hacker / creative that your friends told you about. Creative Director & Hacks all the things at @truesec🇷🇴 cristi @CristiVlad25
38K Followers 151 FollowingJason Haddix @Jhaddix
147K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. @arcanuminfosec 18 years hacking + sec leadership. ex:BuddoBot-Ubisoft-Bugcrowd-Fortify-HP-Redspin-Citrix.TryHackMe @RealTryHackMe
234K Followers 103 Following An online platform that makes it easy to break into and upskill in cyber security, all through your browser.Farah Hawa @Farah_Hawaa
44K Followers 843 Following security analyst @fbsecurity | part-time bug hunter | content creator | she/her | views = mineJulien | MrTuxracer �.. @MrTuxracer
30K Followers 418 Following Freelancer | Full-time #BugBounty | @Hacker0x01 H1-Elite & $1,500,000 Hacker | ❤️ IDA ProBreizhCTF 2024 @BreizhCTF
3K Followers 308 Following #CTF 100% beurre salé. Ouvert à tous, mais les places sont très prisées ! #BreizhCTF2024 Discord ➡️ https://t.co/MAZ16Vd6kgRémi GASCOU (Podalir.. @podalirius_
7K Followers 557 Following Security Researcher & Speaker | Microsoft Security MVP | Developer of security tools | Coach of the CTF team @OteriHack 🎬 https://t.co/QaAENc4NcYNikhil 🇮🇳 @Myth4ckz0x
274 Followers 2K Following Security Researcher | Bug Hunter | Infosec & Specifically Web guyAleks 🇭🇷🇭�.. @696e746c6f6c
1K Followers 71 Following 18 years old junior software developer & security vulnerability researcher. https://t.co/0L2NdBWSuBAdnan Khan @adnanthekhan
438 Followers 109 Following Red Team Security Engineer. All thoughts and opinions are my own. OSCE3 | OSCPenergiufukbarat @energiufukbarat
266 Followers 25 FollowingEldar @PikuHaku
961 Followers 162 Following Ex-developer| Cybersecurity analyst currently based in Sweden| Bug bounty hunter @Yeswehack, @Intigriti, @Bugcrowd.| CTF player @KalmarunionenDManimesh @4n1mesh
211 Followers 733 Following Security Consultant @TantoSecurity 🥷 | Nerd=Cool, but im just a noob 🐥 🇳🇵 🇦🇺haksec.io @haksecio
12K Followers 17 Following 👨💻 Penetration testing 🧑💼 Cybersecurity consulting 🎓Appsec training 🌏 Born in Australia, serving customers globally Founded by @haklukeDreyAnd @dreyand_
879 Followers 748 Followingpwnii @pwnwithlove
943 Followers 234 Following bug bounty lover, breaking stuff on yeswehack || https://t.co/GDTUdCAIbMSecurr @Securrtech
4K Followers 248 Following Pioneering Web3 Bug Bounty Platform - Your Gateway to Solid Security | https://t.co/lC7oPwJmH1Intrudir @intrudir
246 Followers 369 Following Security Consultant @NetSPI - Is your refrigerator running? Because I can’t login to it anymore.truff @truffzor
188 Followers 468 Followingjswzl @WeaselJs
836 Followers 1 Following jswzl helps make web application testing easier with static analysis, making it easier to audit JS code and do your recon/mappingCiarán Cotter @monkehack
3K Followers 421 Following 22-year-old Irish web hacker living in The Hague. Cork native. 🇮🇪 / 🇯🇵. Newsletter every Monday. https://t.co/7IvJ9Od3ZcCritical Thinking - B.. @ctbbpodcast
13K Followers 50 Following A 'by Hackers for Hackers' podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest exploitation techniques.Root Moksha @RootMoksha
5K Followers 1 Following Crowdsourcing web3 native cybersecurity - coming soonCaido @CaidoIO
6K Followers 29 FollowingHackingHub @hackinghub_io
6K Followers 3 FollowingNagli @galnagli
33K Followers 556 Following Hacker, Bug Bounty Hunter - Top 5 All Time @Hacker0x01, Top 20 @BugCrowd. Live Hacking Events Winner & Founder of @shockwave_sec - Attack Surface ManagementDenis Werner @NOBBD
3K Followers 167 Following Interested in IT security, CTFs, penetration testing, adversarial simulation and digital forensics. Once created https://t.co/JfBzrBNxu5 and wrote poems for @ENOFLAGAnirudh Anand @a0xnirudh
4K Followers 660 Following Head of Product Security & DevSecOps at @CRED_club | Application Security ♥ | CTF lover - @teambi0s | Security Trainer - @7asecurity | certs: eWDP, OSCP, OSWEAaron Costello @ConspiracyProof
2K Followers 298 Following Irish 🇮🇪 SaaS Security. Opinions may be that of James Joyce or Samuel Beckett who occasionally channel their spirits through me.Sublime Security @sublime_sec
2K Followers 18 Following The free and open platform for preventing email attacks like BEC, malware, and phishing using AI and a transparent detection engine.JeanSylvain Chavanne @jean_sylvain
1K Followers 1K Following #RSSI #santé | Mes tweets n'engagent que moi 👨🏻💻 | #Cyber #ThreatIntel #OSINT | Brestois ⚓Saad AHLA @d1rkmtr
7K Followers 370 Following d1rkmtr, Security researcher @AlteredSecurity, malware dev, kickboxerYoustin @iustinBB
4K Followers 299 Following Bug Bounty https://t.co/zHVPVuGKCf https://t.co/yOdrIW1G71Karsten Hahn @struppigel
22K Followers 702 Following Malware Researcher at G DATA. Ransomware hunter. he/him 🦔🌈🏳️⚧️Olivier Dumons @olivierdumons
264 Followers 1K FollowingEnzyro @EnZyRo
66 Followers 606 Following infosec | Cloud Security Engineer | CTF Player | Sometimes Bug Bounty HunterFlorian @agixid
743 Followers 563 Following Security engineer @SliteHQ - Dreamer at https://t.co/7uFCSKKGZX - Tchin tchin https://t.co/oNdyqhCl6X - O+Kostya Kortchinsky @crypt0ad
8K Followers 141 Following 🇫🇷 grep'ing for memcpy() since 2002AD. Currently @ Databricks. Formerly GOOG, MSFT. Tweets are my own, and sometimes attempts at being funny.Jakub Sajniak @kubolos231
188 Followers 278 Following Pentesting at @stm_cyber. Playing CTFs with @p4_team.Jack Skellington @JackSk3ll
75 Followers 497 Following Security Auditor - OSCP - CTF player - InfosecWhen you are fuzzing API Endpoints worth you add XMLHttpRequest headers, some frameworks filter requests that don't was called by Frontend Applications. - "X-requested-with: XMLHttpRequest" * Found in some PHP frameworks. #BugBounty #BugBountyTips #Pentesting
This may have #bugbounty implications🤔
So apparently if someone knows / guesses the name of your S3 bucket - even if it's private (!) - they can just bankrupt you by sending infinite PUT requests and there is nothing you can do about it. > requests get rejected > but AWS still counts it as a write operation against…
👀
As expected, two variations of the so far known mXSS attacks have been spotted and new DOMPurify releases are ready to fix those. github.com/cure53/DOMPuri… github.com/cure53/DOMPuri… Many thanks to @kevin_mizu and @hash_kitten for spotting and reporting those 🙇
@DoomerOutrun @Hacker0x01 Damn! 🔥💪 Chaining of several vulns?
@DoomerOutrun @Hacker0x01 N'importe qui peut trouver des bugs... Mais tu n'es pas n'importe qui m'sieur ! GG en tout cas.
CaidoReflector v1.0 is out! :D github.com/bebiksior/Caid… Automatically look for paramater reflections in the HTTP response. Currently it supports GET and POST requests with query string body (json is not supported yet).
Read my new blog here:- manasharsh.medium.com/exploiting-pos…
Quand les sales te présentent leur nouveau bouclier 🛡 cyber à base d'IA avec le dernier LLM basé sur du RAG te protégeant à 101% de toutes les cyberattaques
@terjanq 🧵[6/9] This means that if we have, for example, a request containing more than 1000 GET parameters, a warning will be sent, and the CSP header won't! Trying this solution (gist.github.com/pilvar222/300c…) on remote, we can pop an alert!