Roberto Suggi @malerisch
I am not sure why but when I hack something I feel like Tony Montana. blog.malerisch.net Joined December 2010-
Tweets2K
-
Followers1K
-
Following376
-
Likes1K
🔔 New topic alert: Web LLM attacks 🔔 Stay ahead in application security - dive into the world of LLMs to discover their weaknesses and understand how to exploit them. Read our latest learning materials and try your hand at the new interactive labs. portswigger.net/web-security/l…
Here’s the slides of the talk I gave yesterday at NorthSec 2023 "Tips and tricks for Burp Suite Pro, ten years later" #nsec23 @NorthSec_io agarri.fr/docs/nsec23-bu…
CVE-2023-21716 Python PoC (take 2) open("t3zt.rtf","wb").write(("{\\rtf1{\n{\\fonttbl" + "".join([ ("{\\f%dA;}\n" % i) for i in range(0,32761) ]) + "}\n{\\rtlch no crash??}\n}}\n").encode('utf-8'))
My @rapid7 technical analysis of CVE-2022-21587 for Oracle E-business Suite is out. An arbitrary file upload vuln can be used to drop malicious JSP payloads, and we now have a @metasploit exploit for this in the pull queue too: attackerkb.com/topics/Bkij5kK…
Learn how we discovered 5 distinct vulnerabilities on @watchguard #Firebox/#XTM firewalls, and obtained a pre-auth Remote Code Execution as root #0day (CVE-2022-31789, CVE-2022-31790). ambionics.io/blog/hacking-w…
As promised! Here is the blog post detailing the Hekate full chain RCE I discussed yesterday at @BlackHatEvents! #BHUSA
IAM Whoever I Say IAM :: Infiltrating VMWare Workspace ONE Access Using a 0-Click Exploit: srcincite.io/blog/2022/08/1… PoC Exploit: github.com/sourceincite/h…
From open redirect to RCE in one week medium.com/@byq/from-open… #hackerone #BugBounty #BugBountytips #hackeronereport #writeups #BugBountywriteupspublished
Exploiting Arbitrary Object Instantiations in PHP without Custom Classes swarm.ptsecurity.com/exploiting-arb…
With the intent to be more transparent, I decided to release the source code of my C2 framework. Don't be evil :) github.com/enkomio/AlanFr…
☢️ I'm so excited - just issued my first blog post☢️ As promised - sharing my @WarConPL slides deck on: mgeeky.tech/warcon-2022-mo… Power of positive feedback made me publish them during my first day of holidays (●'◡'●) Let me know if you like it 🔥
Full disclosure for CVE-2021-21042 + CVE-2019-7040 is ready right here. github.com/j00sean/SecBug…
Dotnet's default AES encryption options are vulnerable to padding oracles. @0x446f49 wrote an article about it here: pulsesecurity.co.nz/articles/dotne…
"Abusing HTTP hop-by-hop request headers" by @nj_dav was nominated as a top web hacking technique back in 2019, and has just blossomed into an F5 BIG-IP unauth RCE! nathandavison.com/blog/abusing-h… portswigger.net/research/top-1… github.com/horizon3ai/CVE…
Top 10 web hacking techniques of 2021: 🥇 @alxbrsn 🥈 @albinowax 🥉 @orange_8361 portswigger.net/research/top-1…
"Your adversary does not wait for you to finish patching." - The Art of Cyber War
An attack worthy of a Hollywood movie hacking scene! Our analysts Philipp and Felix identified a Padding Oracle vulnerability in the #SAML login of ArcGIS. Read the blog post to see what happened behind the scenes: blog.compass-security.com/2021/09/saml-p…
I'm too late at CVE-2021-40444 party. But i just wanted to take a look at MSIE exploitation. Awesome to see a full exploit (RCE w/ sandbox escape) only using 6 lines of javascript code. Cool no doubt.
Some of you asked for a part 2, so here you go! 🔥 From RpcView to #PetitPotam 🔥 👉 itm4n.github.io/from-rpcview-t… In this post I explain how you can reproduce the #PetitPotam trick using RpcView, but the same principle can be applied to any Windows RPC interface. 🙂
AppSec Ezine - 392nd Edition pathonproject.com/zb/?99b8642a3b… #AppSec #Security
Auditor's logs, 16th of August. I found a critical vulnerability in SushiSwap's MISO platform paradigm.xyz/2021/08/two-ri…
Gareth Heyes \u2028 @garethheyes
38K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5
ϻг_ϻε @steventseeley
23K Followers 557 Following Artist disguised as a logician. Pwn2Own Winner. Spiritual Alchemy. An adept in the making.
Luca Carettoni @lucacarettoni
4K Followers 793 Following Application Security @Doyensec | Build with Security
Nicolas Grégoire @Agarri_FR
28K Followers 628 Following Web hacker and Burp Suite Pro trainer Refer to https://t.co/D5tRH7U2hg for trainings Follow @MasteringBurp for free tips and tricks
Richard Johnson @richinseattle
19K Followers 3K Following Computer Security, Reverse Engineering, and Fuzzing; Training & Publications @ https://t.co/mloVP6rPB7; hacking the planet since 1995; Undercurrents BOFH
Marius Avram @securityshell
16K Followers 1K Following Web Application Security Consultant. Two sons' proud dad! https://t.co/uEjJ0UQkhV
Simone Margaritelli @evilsocket
48K Followers 2K Following Music, cybersecurity, open source and AI • Author of bettercap, pwnagotchi, opensnitch, bleah, legba and a few other things. Chief Architect @ 🥷
randomdross @randomdross
2K Followers 452 Following
Willa Yundt @willa18418
155 Followers 5K Following
Flavie Wolff @FlavieWolf38143
151 Followers 5K Following
Lindsay Larkin @larkin_lin36086
2 Followers 167 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/ThSyWBP2l9
Crait @complikaytedd
110 Followers 989 Following Security Researcher. Levitating dreams into reality
Teytho @Teytho5ZiM
48 Followers 907 Following
nader @nader_brandi
448 Followers 536 Following Security pentester / App security h1 : https://t.co/qyEWExqlWi
hhhkb @HarryFeng4
28 Followers 369 Following Beg the flag deep in the rabbit hole. Started learning security since 2024. #CPTS
Ayadim @ayadim_
2K Followers 1K Following 🇲🇦.{Farmer, Developer background , bug bounty hunter N00b , PUBG mobile player...}
Marcello Ferri @webdomotica
30 Followers 559 Following Non c'è nessun inferno e neanche il paradiso. La vita è qui. La ricompensa è qui. il dolore è qui. Edward Bunker
Naman Devnani @naman_devnani
264 Followers 7K Following CyberOps | Security R&D | IT/OT Security | Bug Hunter | CTF Player | Cyber Warfare | AI | All-Source Intelligence | STEAM & Emerging Technologies
Abdallah Yasser @Hackerinja
47 Followers 2K Following Cyber Security Researcher | Bug Bounty Hunter | Penetration Taster i Love HACKING
Panitheth @panitheth77651
9 Followers 218 Following
Youssef Sammouda (sam... @samm0uda
41K Followers 590 Following Security Researcher/Hacker 1st in Meta bug bounty program for 6 years Opinions are my own and not my employer's.
gw @hgk0x
154 Followers 3K Following
Redboy Ranking @RankingRedboy
34 Followers 340 Following
Anıl @WhiteHatAnil
3 Followers 367 Following
RF_ReadOnly @ReadonlyRf
2 Followers 535 Following
Chackal (Esdras DAGO) @Chackal__
1K Followers 974 Following "Vulnerability researcher" doing Bug Bounty on free time (https://t.co/j46EMrTT5T) Also doing some Reverse on many targets but find no vuln 😒
SinSinology @SinSinology
13K Followers 735 Following Pwn2Own 20{22,23,24*2,25*3,26*2}, i look for 0-Days but i find N-Days & i chase oranges 🍊
Uncle Schwab 🌐 @ReliusMarcusau
24 Followers 172 Following do you vant some of my bugz? 🐛🐞 🦗 🦟 No? You vill eat ze bugz 😈
ganchu @z_ganchu
32 Followers 422 Following
Mirofle Marvin @MirofleM
19 Followers 226 Following
../ @jmhuguet4
25 Followers 392 Following
Bikash Dash @Memport
164 Followers 2K Following गते शोको न कर्तव्यो भविष्यं नैव चिंतयेत्। वर्तमानेन कालेन वर्तयंति विचक्षणाः॥ Vuln Research♧Exploitation♧Fuzzing♧PenTest
infosec_guy @inf0s3c_guy
9 Followers 484 Following A guy interested in infosec, pentest & bug bounty. I'm just starting this path. Please text me if you have any tips! I would appreciate it a lot!
o_pi @o_piuu
25 Followers 2K Following
sherif @0xCOD3
72 Followers 1K Following ”I have seen everything that is done under the sun, and behold, all is vanity and a striving after wind“
nad1832465 @blueuni75728581
1 Followers 13 Following
L̷a̷d̷y̷ ̷O̷f̷... @LadyOfYato
14 Followers 437 Following
Innzs @MFfLinnd
0 Followers 5K Following
3isenHeiM @3isenHeiM
114 Followers 711 Following Proud dad, PurpleTeamer, N3ur0div3rg3nt & Offshore Sailor ⛵️, 🇧🇪 #GreatDanes #TibetanMastiffs 🐕. Tweets are my dog's
Nikita Tarakanov @NikitaTarakanov
743 Followers 345 Following 0day analysis. Previous account @NTarakanov
Unique @UniqueTS17
5 Followers 297 Following
Muhammad osama @rajaosama105
3 Followers 282 Following
Muhammad Waqas @Muhamma75899057
21 Followers 219 Following Amazon and Google Publisher. Affiliate at Amazon. SEO at Google. Freelancer and Blogger. Web Developer. Calisthenics. Cross fit. Law Student
Nicolas Krassas @Dinosn
157K Followers 768 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKZLB Posting content that I find interesting.
Gareth Heyes \u2028 @garethheyes
38K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5
ϻг_ϻε @steventseeley
23K Followers 557 Following Artist disguised as a logician. Pwn2Own Winner. Spiritual Alchemy. An adept in the making.
Luca Carettoni @lucacarettoni
4K Followers 793 Following Application Security @Doyensec | Build with Security
Binni Shah @binitamshah
141K Followers 165 Following Linux Evangelist, Malwares, Security enthusiast ,Investor,World Economy, Finance,Contrarian , Philanthropist , Reformist , Sigma female [email protected]
LiveOverflow 🔴 @LiveOverflow
160K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio
@[email protected]... @SecurityMB
11K Followers 284 Following Improving the world’s security at Google. Opinions are mine.
Sam Curry @samwcyo
101K Followers 1K Following
b33f | 🇺🇦✊ @FuzzySec
33K Followers 1K Following 意志 / mobile research @ ▓▓▓▓▓ / Team 501 / ex IBM Capability Lead & FireEye TORE / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
/r/netsec @_r_netsec
33K Followers 0 Following Follow for new posts submitted to the netsec subreddit. Unofficial.
Nicolas Grégoire @Agarri_FR
28K Followers 628 Following Web hacker and Burp Suite Pro trainer Refer to https://t.co/D5tRH7U2hg for trainings Follow @MasteringBurp for free tips and tricks
James Kettle @albinowax
83K Followers 102 Following Director of Research at @PortSwigger aka @Burp_Suite. Find my research, tools & contact details at https://t.co/vP6UbGmvl3
briankrebs @briankrebs
331K Followers 2K Following Independent investigative journalist. Author of 'Spam Nation,' a NYT bestseller. Former Washington Post reporter. Mastodon: https://t.co/fTKNavlMwp
Marius Avram @securityshell
16K Followers 1K Following Web Application Security Consultant. Two sons' proud dad! https://t.co/uEjJ0UQkhV
Alex Ionescu @aionescu
47K Followers 2K Following Chief Technical Innovation Officer @crowdstrike. Windows Internals author and trainer. He/Him. RTs are not endorsements, opinions are my own.
JS0N Haddix @Jhaddix
176K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. Cybersecurity + Hacking + AI + Sec Leadership @arcanuminfosec
Frans Rosén @fransrosen
43K Followers 907 Following Co-founder of @centrahq/@detectify/@poweredbyingrid. I do not advertise doing hacking services, do not trust the ones telling you I do.
Source Incite @sourceincite
3K Followers 4 Following We are Incite Team. Providing high quality Vulnerability Research & Training Services.
André Baptista @0xacb
19K Followers 838 Following Hacker grinding for L1gh7 and Fr33dφm, straight outta the cosmic realm. Co-founder @ethiack
TheZDIBugs @TheZDIBugs
6K Followers 2 Following Checks for high severity, 0day, or Pwn2Own related advisories published by @thezdi
Piotr Bazydło @chudyPB
5K Followers 318 Following Principal Vulnerability Researcher at watchTowr | Previously: Zero Day Initiative | @[email protected]
Youssef Sammouda (sam... @samm0uda
41K Followers 590 Following Security Researcher/Hacker 1st in Meta bug bounty program for 6 years Opinions are my own and not my employer's.
ZachXBT @zachxbt
1.0M Followers 2K Following Scam survivor turned 2D investigator, Advisor @paradigm
IntelWalrus @IntelWalrus
27K Followers 827 Following A pinniped doing open source research. Will geolocate things for fish.
Assetnote @assetnote
10K Followers 0 Following Assetnote combines advanced reconnaissance and high-signal continuous security analysis to help enterprises gain insight and control of their evolving exposure.
pashov @pashov
42K Followers 2K Following Telegram https://t.co/qOHEkyaNYl Security audits @PashovAuditGrp Angel investing @PashovCapital
bleedingedge.ai @bleedingedgeai
9K Followers 6 Following
FalconFeeds.io @FalconFeedsio
69K Followers 872 Following Threat intelligence platform - Data from Deep Web, Dark Web, Open Web || For data API integration : [email protected] Democratizing Cyber Security.
Jenish Sojitra @_jensec
25K Followers 588 Following $2M in bug bounty. Cyber Security researcher. Product developer who likes Building in Public. Creator of https://t.co/0N9TViCzQ4
VCSLab @vcslab
3K Followers 27 Following This is the Twitter channel of VCSLab - the research team of Viettel Cyber Security
nad1832465 @blueuni75728581
1 Followers 13 Following
Daniel Von Fange @danielvf
12K Followers 1K Following Skilled Professional (most days). Defends against the bad guys.
ch @chybeta
14K Followers 5K Following open to bug bounty collaboration @HackenProof Security Researcher Just dm https://t.co/VVU1OV5yz6
Gerhard Wagner @g3rh4rdw4gn3r
2K Followers 147 Following I like crypto, playing tennis, gardening and drinking beers P: Bounty hunter | DeFi Flashboy | C-Dili auditor & MythX https://t.co/oqtMg2nlXJ
Pulse Security NZ @PulseSecurityNZ
130 Followers 10 Following
Tuan Anh Nguyen⚡️... @haxor31337
16K Followers 2K Following 29 y/o Bug Bounty Hunter and Red Teamer at Viettel Cyber Security. Brand Ambassador @Hacker0x01 - Researcher Spotlight @Bugcrowd
JackCrash @jackcrash2016
1 Followers 1 Following
Command Line Magic @climagic
186K Followers 10K Following Cool Unix/Linux Command Line tricks you can use in $TWITTER_CHAR_LIMIT characters or less. Here mostly to inspire. Also on https://t.co/YYJE9JpVnF
Fusion Intelligence C... @stealthmole_int
125K Followers 11K Following StealthMole : #Criminal #Intelligence #Profiling #Investigation Platform, #OSINT #DarkWeb #DeepWeb #Leaked #DataBreach #Terror #Drugs #Cryptoassets #Ransomware
Forrest Orr @_ForrestOrr
5K Followers 529 Following Red Teamer, low level coding extremist and malware researcher. Windows exploit writer and bug hunter
Ambionics Security @ambionics
2K Followers 92 Following A @LexfoSecurite solution. Ambionics is a native Continuous Threat Exposure Management (CTEM) solution that helps organizations reduce cyber exposure.
Mastering Burp Suite ... @MasteringBurp
16K Followers 0 Following Tips and tricks for Burp Suite Pro Managed by @Agarri_FR | Not affiliated with @Portswigger More free resources at https://t.co/MWqXmV66lr
InfoCon @infoconorg
4K Followers 127 Following InfoCon is a community supported, non-commercial archive of all the past hacking related convention material that can be found. FB page https://t.co/OzNGvj7gGb
BUG BOUNTY FORUM @bugbountyforum
13K Followers 25 Following The largest bug bounty community aiming to raise awareness for both hackers and companies.
Eduardo Nuri @eduardo_nuri
6K Followers 3K Following Entrepreneur, 10+ failed SaaS but - @octatech_io +20k MRR - @PropLabApp +5k MRR and sometimes.. Bug Bounty Hunter/Security Researcher.
Hack3rScr0lls @hackerscrolls
9K Followers 57 Following for hackers by hackers Contact: [email protected]
@techbrunchfr@infosec... @BugBountyWeekly
4K Followers 298 Following Weekly #BugBounty realated news and tips - Curated by @TechbrunchFR
Incredity @Incredity_Intel
717 Followers 1 Following Setting the standard for trust and integrity in zero-day vulnerability and exploit intelligence exchange. 📅 Book a meeting https://t.co/rwZuhUuZ7V
Dawid Czarnecki @dawiddczarnecki
81 Followers 148 Following
Guido Vranken @GuidoVranken
6K Followers 552 Following
hackintheclass @hackintheclass
389 Followers 17 Following Stichting Hack In The Class, bevordering van de educatie rondom technologie, privacy en security bij tieners en scholieren.
LSL @bluemanda1
2 Followers 43 Following Student. Taking pictures at microscopic levels to show new aspects of life.
Clément Labro @itm4n
7K Followers 164 Following Pentest & Windows security research (I stopped using this account in December 2022) ➡ Mastodon: @[email protected]
RandoriSec @RandoriSec
2K Followers 152 Following Cybersecurity company founded by security experts providing the following services: Security audits, Vulnerability research, SecOps, SecArch and Trainings
itszn @itszn13
11K Followers 733 Following Amy | Security researcher @ OpenAI | https://t.co/W1SE7NmCx8 | bsky: https://t.co/JBmOGE4YKO | LLM ART: https://t.co/7FtQ8O8nAW
PortSwigger Research @PortSwiggerRes
120K Followers 7 Following Web security research from the team at @PortSwigger
Chetan Nayak (Brute R... @NinjaParanoid
32K Followers 0 Following Dark Vortex Founder/Brute Ratel Author
publiclyDisclosed @disclosedh1
68K Followers 2 Following This is an unofficial HackerOne public disclosure watcher who keeps you up to date about the recently disclosed bugs. By @NOBBD
clem @clavoillotte
1K Followers 762 FollowingYou might like
