Ed @EdOverflow
Web developer & security researcher. Senior Pentester @cure53berlin. Author of @securitytxt. ➡️ https://t.co/BOy1tiLLBr edoverflow.com Joined October 2016-
Tweets1K
-
Followers21K
-
Following165
-
Likes3K
The Swiss Federal Government has adopted a report on ethical hacking referencing two @swisscyberstorm 2023 speakers: @EdOverflow and @_oakgul. Read the report here (in German and French): lnkd.in/dye5-qkY Watch all SCS talks here: youtube.com/@swisscybersto… #SCS23 #bugbounty
I will be giving a talk on Coordinated Vulnerability Disclosure (CVD) at Swiss Cyber Storm. If you are interested in attending, please find additional information below.
I will be giving a talk on Coordinated Vulnerability Disclosure (CVD) at Swiss Cyber Storm. If you are interested in attending, please find additional information below.
👋 I'm graduating (Spring 2024), and I am looking for a security role in the US. My interests include web app security, CI/CD security, and open-source security. Email - [email protected] LinkedIn - linkedin.com/in/karimrahal/ Any RT for reach would be appreciated ❤️
I have set up a LinkedIn profile if people want to stay connected: linkedin.com/in/edoverflow/.
Where did you first hear about security.txt?
How do you pronounce "security.txt"?
I am working on something fun with @KarimPwnz to address the challenge of repetitive security questionnaires: @BlueMagnetIO (bluemagnet.io).
I have been playing around with SvelteKit a lot recently. I wrote a short blog post on adding security headers to SvelteKit applications: edoverflow.com/2023/sveltekit…. I might do a more long-form one on the security pitfalls of SvelteKit applications at some point.
Reminder: if you would like to follow my blog via RSS, I have a feed at edoverflow.com/index.xml. :)
Nice blog post by @KarimPwnz on the security implications of command injection in GitHub Actions.
Nice blog post by @KarimPwnz on the security implications of command injection in GitHub Actions.
Retweeting this because I know BSides London tickets are hard to come by. :)
I love that the Dutch government is actively promoting security.txt and encouraging companies to establish a route for reporting security incidents 😊 /cc @EdOverflow digitaltrustcenter.nl/nieuws/interne…
Where can ethical hackers report vulnerabilities at your organization? Publish a security.txt file and test it with Internet․nl. Check the new @securitytxt test: en.internet.nl/article/securi… @DTC_NL @AlertOnline #cybersecuritymonth
Intigriti @intigriti
155K Followers 644 Following Global Bug Bounty & VDP Platform. 🌐: https://t.co/fgCupJckrW ▶️: https://t.co/lRfCzZBgb7 👾: https://t.co/Inf7N9VQIlBen Sadeghipour @NahamSec
197K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷Sam Curry @samwcyo
77K Followers 944 Following Hacker, bug bounty hunter. Run a blog to better explain web application security.Jason Haddix @Jhaddix
146K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. @arcanuminfosec 18 years hacking + sec leadership. ex:BuddoBot-Ubisoft-Bugcrowd-Fortify-HP-Redspin-Citrix.Joseph Thacker @rez0__
49K Followers 866 Following the promptfather. christian. hacker. hobby jogger. principal ai engineer @appomnisecurity.STÖK ✌️ @stokfredrik
126K Followers 1K Following Hi.. im that hacker / creative that your friends told you about. Creative Director & Hacks all the things at @truesechakluke @hakluke
88K Followers 2K Following Hacker, bounties, entrepreneur. I help cybersecurity companies produce amazing content for their blogs and socials. Founder of: @haksecio and @hacker_contentKatie Paxton-Fear @InsiderPhD
82K Followers 2K Following Dr, apparently. Creator @traceableai, Lecturer & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/herCorben Leo @hacker_
68K Followers 659 Following I hack stuff (legally) | Jesus follower | Co-founder @boringmattressshubs @infosec_au
50K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnoteJulien | MrTuxracer �.. @MrTuxracer
30K Followers 417 Following Freelancer | Full-time #BugBounty | @Hacker0x01 H1-Elite & $1,500,000 Hacker | ❤️ IDA ProInfoSec Community @InfoSecComm
38K Followers 637 Following Largest InfoSec publication with 30k+ followers and 1M+ monthly views. 3rd edition of @IWcon_ happening in December 2023!Yassine Aboukir 🐐 @Yassineaboukir
26K Followers 338 Following HackerOne Top 20, Pentest Lead, Ambassador, MVH Title and Hacker Advisory Board • Digital Nomad • Aspiring Athlete.Gareth Heyes \u2028 @garethheyes
32K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5Farah Hawa @Farah_Hawaa
44K Followers 840 Following security analyst @fbsecurity | part-time bug hunter | content creator | she/her | views = mineBug Bounty Reports Ex.. @gregxsunday
38K Followers 555 Following Grzegorz Niedziela - a hacker who documents his hacking journey by creating and curating the best content about bug bounty and offensive security.PwnFunction @PwnFunction
38K Followers 981 Following I make animated computer science videos • product & ai @pdiscoveryio • blog at https://t.co/RLiSNOVQ0WMohammad rasool @MrG2000
263 Followers 863 Following 🕵️ Bug Hunter in Training 🪲 | Web Security Enthusiast 💻 | Code Breaker🧑💻🧩Truong Le Van @HSw_109
0 Followers 46 FollowingDeen @itxDeeni
3K Followers 3K Following Backend/ API Engineer | Technical Writer 👨💻 ⚡️Typescript 🐍Python ☕️Java 🐙Git 🐧Linux ⚓️Scrum ☁️AWS 🐳Docker 🌟GitHub 🏆Agile 📊SEO 🤖AIAhmed Ahmed @rwxguru
1 Followers 39 Followingpele cop @cop_pele72902
11 Followers 213 Followinghamid.sheibani @hamid__sheibani
426 Followers 448 Following کتاب راستگوترین، بی توقع ترین، مفید ترین و همیشگی ترین رفیق برای هر انسان است.CamilleWoolley @y458PCo8HD1F2r
1 Followers 185 Followingroldan santos @dan000317
1 Followers 167 FollowingKhangal Enkhsaikhan @khangal_
20 Followers 116 FollowingMd Akter Hossen Noyon @akter_noyon_on
4 Followers 56 Following I am a Junior FullStack Developer & Currently working with react or Next.Đỗ Quang Huy B18DC.. @huyxoina
1 Followers 12 Followingmahmoud gamal @mahmouddgamal2
7 Followers 202 FollowingCharley ☠ @charleytonge
7 Followers 768 Following Red Team | Vulnerability Research & Exploit Dev | Mal Dev & RE 🗡️highjack @hiighjack
35 Followers 409 Following 決して降伏しない I like to hack websites, mobile apps, compiled apps and computers. #OSCP / #OSCE / #OSWE / #BSCP #CRTO in progress...PandyaMayur @pandyaMayur11
442 Followers 736 Following 👨💻Security Researcher | 🐞Bug Hunter | 💻Learner | ✨Grateful | IG:-cyber_talk_Runningman @runmanrunning
9 Followers 20 FollowingCazuri @0xCazurii
1 Followers 57 FollowingLXT8ldqVwqX2 @X2Vwq29931
33 Followers 248 FollowingSasha Cejas @SCejas25808
1 Followers 38 FollowingATOMIC @atomic0x01
19 Followers 487 FollowingMark Christian Deduyo @MarkDeduyo_
24 Followers 87 Following Hacking Vibes Only | Learning something new everyday is a blessingmohamed ali @mhmmd_aliiii
10 Followers 1K Followingb1nary_gl1tch @b1nary_gl1tch
189 Followers 259 Following #OSCP #OSWE #MalwareAnalyst #ThreatResearcher #InfoSecYounes Soudani @YounesSoud48220
0 Followers 20 FollowingSprappsec90 @sprappsec90
3 Followers 51 Followingpimporca @pimporca
17 Followers 89 Following I'm interested in Cybersecurity, looking to make friends and share my journeyAbdullah @Abdullah1332005
0 Followers 37 Followingnathan s @DeliciousBounty
8 Followers 84 Following Love to find Security Bugs and ride old Motorcycles. RUST enthusiast. https://t.co/R9rLTirFdhBashir Abdelmagid @BashirAbdelmag2
15 Followers 35 Followingّ @0xSenSei__
25 Followers 502 FollowingKhaled Abdo @KhaledAbdo33960
1 Followers 55 FollowingMohsen Mohamed @MohsenM73801014
1 Followers 94 FollowingMohamed baiomy @Mohamed15100746
0 Followers 21 FollowingBen Sadeghipour @NahamSec
197K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷Sam Curry @samwcyo
77K Followers 944 Following Hacker, bug bounty hunter. Run a blog to better explain web application security.Jason Haddix @Jhaddix
146K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. @arcanuminfosec 18 years hacking + sec leadership. ex:BuddoBot-Ubisoft-Bugcrowd-Fortify-HP-Redspin-Citrix.LiveOverflow 🔴 @LiveOverflow
142K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeioSTÖK ✌️ @stokfredrik
126K Followers 1K Following Hi.. im that hacker / creative that your friends told you about. Creative Director & Hacks all the things at @truesechakluke @hakluke
88K Followers 2K Following Hacker, bounties, entrepreneur. I help cybersecurity companies produce amazing content for their blogs and socials. Founder of: @haksecio and @hacker_contentKatie Paxton-Fear @InsiderPhD
82K Followers 2K Following Dr, apparently. Creator @traceableai, Lecturer & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/herCorben Leo @hacker_
68K Followers 659 Following I hack stuff (legally) | Jesus follower | Co-founder @boringmattressshubs @infosec_au
50K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnoteYassine Aboukir 🐐 @Yassineaboukir
26K Followers 338 Following HackerOne Top 20, Pentest Lead, Ambassador, MVH Title and Hacker Advisory Board • Digital Nomad • Aspiring Athlete.Gareth Heyes \u2028 @garethheyes
32K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5James Kettle @albinowax
70K Followers 83 Following Director of Research at PortSwigger Burp Suite Check out my website for published research, other social platforms & contact detailsAkita 🇦🇷 who Am.. @akita_zen
25K Followers 1K Following Hacker / Zen Monk / Energy Master / Bugbounty Hunter Founder of Nothing - Being Nothing - Silence - NoTime - only SpaceJustin Gardner @Rhynorater
27K Followers 2K Following Christian | Full-time Bug Bounty Hunter | Host of @ctbbpodcast | Advisor @CaidoIO | 2x HackerOne MVH | 🗣️ English, 日本語 | ♥️ @mariahchan_ ♥️Jobert Abma @jobertabma
42K Followers 752 Following I tweet about security and my experience as a hacker. Co-founder of HackerOne (@Hacker0x01).spaceraccoon | Eugene.. @spaceraccoonsec
21K Followers 293 Following Here to learn! Infosec@Open Government Products | White Hat && SecOpsInti De Ceukelaire @securinti
29K Followers 387 Following Hacker | @intidc (Dutch) | Chief Hacker Officer @intigritiFrans Rosén @fransrosen
39K Followers 899 Following Dev/Security/Founder at @centrahq/@detectify/@poweredbyingrid. I do not advertise doing hacking services, do not trust the ones telling you I do.BlueMagnet @BlueMagnetIO
16 Followers 2 Following 📣 Amplify your security posture 👀 Monitor sub-processor compliance 🌐 Build network of trust 👋 Say goodbye to security questionnaires 👉 https://t.co/AWMriLH2uiTeddy Katz @not_an_aardvark
1K Followers 147 Following PL design/API hardening/software correctness enthusiast. Not on Twitter anymore, for obvious reasons. https://t.co/V50tTiqv1i[email protected].. @IAmMandatory
12K Followers 487 Following Red Teamer, meme archivist, XSS Hunter author, DNS/TLD/web security researcher.Liran Tal @liran_tal
12K Followers 997 Following 🦄 Node.js Secure Coding: https://t.co/tK9HV9apFk 🌟 Awarded @GitHub Star 🏅 Awarded @OpenJS Pathfinder award for Security 🥑 DevRel @snyksecChrissy Morgan @5w0rdFish
12K Followers 3K Following Mother | Hacker | Pagan | DIY Hobbyist & Gardener | Operational Technology - Cyber Security R&D Views are my ownJenny @Jenny_Mcc_
43 Followers 204 Following Co-Founder & Director CyberWomen Groups C.I.C. | Cyber Security EngineerJosh @joshspunner
29 Followers 236 FollowingWickedCyber @WickedCyber
91 Followers 177 Following We're a team of University of Warwick Cyber Security students, competing in various competitions nationally. @Mr_EdwinP @Sophie_L_P @joshspunner @Jenny_Mcc_ElSec_ @ElSec_
133 Followers 40 Following Cyber Security student working on security research. Areas of interest: web-application security, OSINT, and supply-chain attacks.Sophie P @Sophie_L_P
307 Followers 528 Following Co-Founder of CyberWomen Groups C.I.C | Cyber Security ProfessionalBug Bounty Switzerlan.. @bugbounty_ch
2K Followers 201 Following Together with Hackers we prevent Cyber Attacks and build Digital Trust for a better World.Florian Badertscher @Mr__Flo
287 Followers 860 Following Bug bounty, vulnerabilities, innovation, entrepreneurship - CTO @bugbounty_ch | mountaineering, paragliding, climbing, running | tweets are my ownLukas Weichselbaum @we1x
2K Followers 513 Following Leading @Google's web security team. Opinions are my own.Artur Janc @arturjanc
2K Followers 359 Following Making the web platform more secure and private, and managing part of @Google's Information Security Engineering team in my spare time.Ange @angealbertini
24K Followers 941 Following File Formats for ever! Corkami, CPS2Shock, PoC||GTFO, Sha1tered. Security engineer @ Google/Mandiant/Flare. He/him.Vickie Li @vickieli7
32K Followers 202 Following Infosec nerd. Hacks and secures. Creates god awful infographics. Author of #BugBountyBootcamp. Security @instacart.Victoria Drake @victoriadotdev
3K Followers 62 Following Engineering leader bridging strategy & tech. Big on cybersecurity, @OWASP co-author. Leading leaders to build standout software: https://t.co/RVTXI4tYheTCM Security @TCMSecurity
185K Followers 328 Following Disrupting the education and hacking industry. Come learn to hack at TCM Security Academy! Veteran owned. Quality results.HttpOnly @ant0inet
3K Followers 2K Following Technical Lead Bug Bounty @swisscom_csirt // @[email protected] // *.cust.swisscom.ch is out of scopeOnur Mutlu @_onurmutlu_
7K Followers 198 Following Professor at ETH Zurich and Carnegie Mellon University; Educator, Researcher and Computer Architect @ETH_en @ETH @CarnegieMellon My group: @SAFARI_ETH_CMUQuikke @quintenvi
680 Followers 816 FollowingMichael Skelton @codingo_
31K Followers 677 Following VP of Operations @bugcrowd, Hacking Content @ https://t.co/Ov3ZXfNg5P tools @ https://t.co/4X3ot71JLf @SecTalks_GC & @BSidesGC co-organiserGynvael Coldwind @gynvael
38K Followers 1K Following security researcher/programmer/director @ HexArcana Cybersecurity GmbH ⁂ @pagedout_zine ⁂ @DragonSectorCTF ⁂ https://t.co/ShG2c5As1K ⁂ ex-Google ⁂ he/himFisher @Regala_
10K Followers 470 Following Half hacker, half daydreamer. Mercenary for hire. Casabranca. Snarky tweets only. Opinions my ownNadim Kobeissi @kaepora
23K Followers 640 Following Senior applied cryptography auditor @Cure53Berlin • Director @SymbolicSoft • Mastodon: https://t.co/kmlXy019OlBaptiste Robert @fs0c131y
245K Followers 5K Following CEO @PredictaLabOff | French Security Researcher, Ethical Hacking, OSINTAndré @0xacb
14K Followers 701 Following Hacker grinding for L1gh7 and Fr33dφm, straight outta the cosmic realm. Co-founder @ethiackGlenn Pegden @GlennPegden
5K Followers 2K Following Good Guy Hacker, Vuln/AppSec/Bug Bounty Mgr. - @[email protected]Fermat's Library @fermatslibrary
748K Followers 4 Following A platform for illuminating academic papers. We annotate and share a paper every week. Save, annotate and share papers with anyone: https://t.co/0o2Pls3jmostreaak @streaak
7K Followers 775 Following BBAC kidnapped me | I hack things, play video games and occasionally take photographsMathias Bynens @mathias
69K Followers 1K Following ♥ JavaScript, HTML, CSS, HTTP, performance, security, Bash, Unicode, i18n.Jann Horn - jann@info.. @tehjh
17K Followers 235 Following occasional human borrow checker; works at Google Project Zero; personal account; mastodon: [email protected]svbl 🇺🇦 @svblxyz
12K Followers 2K Following 🇺🇦🌻 - My tweets represent your employers opinions. Most of this is false. I am making this up. I always tell the truth. Verified.Kevin @rohk_infosec
5K Followers 195 Following staff application security engineer at @Okta - all tweets are my own🎉 Congrats to the #GOHack23 #BugBountyChallenge winners and #EthicalHackers for making IT systems safer against cybercrime. 🏆 Leaderboard Top 3: simioni, hakupiku, maurik Best Submission: xel Most Valid Submissions: simioni RaiseNow Top 3: edoverflow, hansluz, xdl
The Swiss Federal Government has adopted a report on ethical hacking referencing two @swisscyberstorm 2023 speakers: @EdOverflow and @_oakgul. Read the report here (in German and French): lnkd.in/dye5-qkY Watch all SCS talks here: youtube.com/@swisscybersto… #SCS23 #bugbounty
@fransrosen Bruh you used my Frans / zombie land meme!!!!!
👋 I'm graduating (Spring 2024), and I am looking for a security role in the US. My interests include web app security, CI/CD security, and open-source security. Email - [email protected] LinkedIn - linkedin.com/in/karimrahal/ Any RT for reach would be appreciated ❤️
New advisory! @viktorot provides details on a CSRF protection bypass he discovered in Sveltekit. Ensure your apps are up-to-date. #doyensec #appsec #javascript #DevSecOps doyensec.com/resources/Doye…
I really enjoyed participating in this CTF! Friendly staff were always around to answer any queries. I loved the collaboration between players, it built a great atmosphere around the tables. Looking forward to attending more events in the future!
Congrats to Eleanor Shaw from the University of Warwick for 2nd place in the #WiCyS2023 Student CTF
Congrats to Eleanor Shaw from the University of Warwick for 2nd place in the #WiCyS2023 Student CTF!
Congrats to Eleanor Shaw from the University of Warwick for 2nd place in the #WiCyS2023 Student CTF
Congratulations to the #WiCyS2023 Student CTF winners!
Just in time for Valentine's Day, Electrovolt and Cure53 are thrilled to announce their romantic relationship, we have joined forces! 💞 volt.cure53.de 💞 Also, pssst, don't forget to surprise your loved ones today, maybe with a new piano?
At long last, my latest blog post is out: "Fearless #CORS: a design philosophy for CORS middleware libraries (and a #golang implementation)" jub0bs.com/posts/2023-02-…
You have command injection in a GitHub Actions workflow. Now what? Read my blogpost on leaking secrets from GitHub Actions workflows: karimrahal.com/2023/01/05/git…
Very excited to speak today #sbom and other BOMs at #cybernextdc 2022! Check it live youtu.be/p8Pzw6r7DKg 1:25 ET/10:25 PT, we had a wonderful day of speakers! #cybersecurity #sbom #cybernextdc @IntelSecurity @IntelPolicy #iamintel Full schedule cybernextdc2022.sched.com
Some pictures of us at the event: @EdOverflow, @ElSec_, @rub003, @_zulln x.com/edoverflow/sta…
I had an amazing time collaborating with @xdavidhu, @ElSec_, @rub003, and @_zulln during @fbsecurity's BountyConEdu live hacking event as Team BBAC. So stoked on the #1 finish. Thank you @fbsecurity for hosting the wonderful event. :)
A hidden parameter in @facebook's Bath GraphQL APIs allowed an attacker to spoof some potentially sensitive HTTP headers, such as the Host header. This bug contributed to our team 'BBAC' winning @fbsecurity's BountyConEDU event in Madrid. feed.bugs.xdavidhu.me/bugs/0017
I found a vulnerability that allowed me to unlock any @Google Pixel phone without knowing the passcode. This may be my most impactful bug so far. Google fixed the issue in the November 5, 2022 security patch. Update your devices! bugs.xdavidhu.me/google/2022/11…
Voor @digitalesector op de @OneConferenceNL met @DTC_NL en @EdOverflow om security.txt te promoten. Zo is het makkelijker om informatie over digitale kwetsbaarheden met juiste persoon te delen, en kunnen we iedereen sneller veilig houden. Lees meer op: digitaltrustcenter.nl/nieuws/brede-s…