-
Tweets57
-
Followers157
-
Following2K
-
Likes516
Sometimes a stupid idea get stuck in your head. And will not disappear after a while. Anyway, here is a new blogpost, just a little hoax this time. badoption.eu/blog/2026/02/2…
incredibly excited to share that my research 'Playing with HTTP/2 CONNECT' made the final @PortSwigger Top 10 Web Hacking Techniques of 2025! A huge thank you to everyone who voted. It’s a privilege to be featured alongside such talented researchers. portswigger.net/research/top-1…
👼GatewayToHeaven (CVE-2025-13292). I discovered a cross-tenant vulnerability in @googlecloud's #Apigee, allowing me to access other organizations' data (and sometimes even plaintext JWTs of end users). Below is the full breakdown of the exploit chain⛓️
You like technical deep dives into binary exploitation and crazy heap wizardry? Then you'll like our blog post by @0xor_solo about unauth'ed RCE in NetSupport Manager aka CVE-2025-34164 & CVE-2025-34165 code-white.com/blog/2026-01-n…
Honored to be nominated for the @PortSwigger Top 10 Web Hacking Techniques 2025 with my research "Playing with HTTP/2 CONNECT". Make sure to check out the full list and cast your vote! portswigger.net/polls/top-10-w…
Our 2024 applicants challenge is officially #roasted: the full BeanBeat × Maultaschenfabrikle walkthrough is now online. Unwrap the write-up at apply-if-you-can.com/walkthrough/20… and revisit the hacks that escalated from cold brew to full breach.
Latest ≠ Greatest? A Retrospective Analysis of CVE-2025-59287 in Microsoft WSUS from our very own @mwulftange who loves converting n-days to 0-days code-white.com/blog/wsus-cve-…
Did you encounter the Supabase? Might wanna try my newest tooling or have a read about quickwins? There you go: blog.m1tz.com/posts/2025/10/…
CODE WHITE proudly presents #ULMageddon which is our newest applicants challenge at apply-if-you-can.com packaged as a metal festival. Have fun 🤘 and #applyIfYouCan
Just out of stealth mode last week, @TeamCyata reports on their "deliberate, weeks-long effort [...] to uncover logic-level vulnerabilities" in HashiCorp Vault and CyberArk Conjur. And uncover they did. cyata.ai/blog/cracking-… cyata.ai/blog/exploitin…
Vaults are trusted by default. We found 14 zero-days that challenge that trust. RCEs. Auth bypass. Root token theft. 🔎Read the disclosure: cyata.ai 🎙️ See us at #BlackHat2025 Booth 6316 #VaultFault #Cybersecurity #ZeroDay #CISO #HashiCorpVault #CyberArk
New writeup: Early last month, @samwcyo, @sshell_, and I found a Django ORM injection in an online shooter game that let us steal cryptocurrency from the game's wallet. Read the blog post here: blog.p1.gs/writeup/2025/0…
Here is a really cool blog post by wasamasa whos is a past student of our FSWA class: emacsninja.com/posts/cve-2025…. You can find them on Mastodon: lonely.town/@wasamasa/
"Funky chunks: abusing ambiguous chunk line terminators for request smuggling" - quality research by @__w4ke! Also thankfully it doesn't overlap with my upcoming presentation 😅 w4ke.info/2025/06/18/fun…
A quick-and-dirty late night blog post on discovering an nday variant in Zyxel NWA50AX Pro devices frycos.github.io/vulns4free/202…
Three unexpected attack scenarios: 1. Marshaling private data with misconfigured tags 2. Parser differentials in a microservices architecture 3. Cross-format confusion attacks (JSON→XML) blog.trailofbits.com/2025/06/17/une…
One-Click RCE in ASUS’s Preinstalled Driver Software mrbruh.com/asusdriverhub/
Here is a short writeup for my recently discovered CVE: hesec.de/posts/cve-2025…
Yes, we're beating a dead horse. But that horse still runs in corporate networks - and quietly gives attackers the keys to the kingdom. We're publishing what’s long been exploitable. Time to talk about it. #DSM #Ivanti code-white.com/blog/ivanti-de…
My blog post on some vulns in GFI MailEssentials frycos.github.io/vulns4free/202…
Houssam Miliani @N0rmalizer_
38 Followers 625 Following
. @HAbdullah55817
7 Followers 637 Following
soutag @soutagx86
103 Followers 674 Following aaaaaaaaaaaaaaaaaabbbbbbbbv mostly websec blog : https://t.co/orahW4iR1r
m411k @m411k_
547 Followers 430 Following I profit from people's mistakes, ctfs, browsers, 6cves, poetry, public pgp in my blog, free palestine until its backwards
isenhu @isenhu
33 Followers 3K Following
who3ver_momo @m01e_exp
151 Followers 1K Following
Élégie de Ganymède @elegie2Ganymede
43 Followers 224 Following just a regular guy with a computer and a dream
segsmasher @knwldgd1gger
3 Followers 534 Following Pentester @ CVBB, part-time BBH, passionate about WAF bypassing
Felix Hans @pyrranet
0 Followers 11 Following
Mostafa Elhalag @MustaaFa_22
10 Followers 331 Following
Markus Wulftange @mwulftange
3K Followers 207 Following Principal Security Researcher and Pâtissier at @codewhitesec
intrd @intrd
12K Followers 3K Following InfoSec Specialist | Breaking stuff since the '90s | 8a+ Rock Climber
Gamal @_abdelnasser_
411 Followers 3K Following
Cogn1tron, PhD @Cogn1tron
179 Followers 3K Following
Aseem Yash 🇮🇳 @aseemyash01
157 Followers 5K Following Cybersecurity student not a pro yet (A lone fighter, carving my own path)
Mahmoud Sherif @Mahmoudp90
338 Followers 2K Following Penetration Tester💻 | Don’t tell people your plans. Show them your results.
Tom Stacey @t0xodile
692 Followers 264 Following Penetration tester trying to perform novel research. You can find all of my write-ups and research at https://t.co/2chUIHKb4n.
Zaw Min Oo @OoZaw2777
2 Followers 368 Following
kixe @kixe_0
1 Followers 269 Following
w0ltage @w0ltage_
4 Followers 50 Following
Mian @MianHIZB
19 Followers 291 Following BUg Hunter__ {{7*7}} OR -`confirm()`- Discord : mian_.0 Let me know if there is something to talk about.
Dung Duong @dungdd3832
28 Followers 855 Following
모래 @morae_tech
8 Followers 627 Following
caioluders @caioluders
2K Followers 689 Following generative art; noobish hacking and portuguese poetry. player of @eltctfbr @duph0use @tramoia_sh
9MF @n1neMF
81 Followers 5K Following
mdondd @mdondd_sec
26 Followers 991 Following Hardware and embedded security researcher / Working on my PhD
sterling rehman @re83356
9 Followers 288 Following
CorSch @sch_cor
181 Followers 1K Following
sudi @sudhanshur705
6K Followers 801 Following If there's non zero chance, the effort is infinite, anything is possible
吾日三瓶茅台 @hyper2junior
23 Followers 1K Following
mcloving @mclovin55224801
485 Followers 5K Following
Timo Lo(n)gin @timolongin
380 Followers 34 Following Currently pwning elderly Internet protocols Mastodon: @[email protected]
T1nt1n @t1nt1nsn0wy
679 Followers 5K Following Noobie H4CK3R and researcher at @qualys. Prev @pwc. Views are my own :)
Khangal Enkhsaikhan @khangal_
5 Followers 834 Following
four0four @f0ur0four
122 Followers 975 Following Student | Security Researcher | CTFs with @ARESxCTF, @malta_ctf
Zion Leonahenahe Basq... @mahal0z
3K Followers 278 Following Native Hawaiian Hacker | Prev Co-captain of @Shellphish | Incoming Assistant Professor at University of Georgia
soutag @soutagx86
103 Followers 674 Following aaaaaaaaaaaaaaaaaabbbbbbbbv mostly websec blog : https://t.co/orahW4iR1r
Manuel Caballero @magicmac2000
4K Followers 76 Following Independent Security Researcher. Perpetual Student of Life :)
Kabir Acharya @Kabir4charya
239 Followers 1K Following #1 Player @SecDim https://t.co/c05WbjSF8H Senior Pentest & CTI @Transgrid_AU @thehackerscrew1 CTF Player https://t.co/jjo3voyn8F Pro Team Player
Yuu @anzuukino2802
491 Followers 256 Following Intern @Verichains | CTF player (Web) for @Infobahn_ctf / AFK
ggwhyp @ggwhyp
860 Followers 146 Following
Xchg Labs @xchglabs
947 Followers 29 Following Vulnerability research and reverse engineering lab tackling the hardest problems in government and commercial security.
[email protected] @r3tr074
2K Followers 584 Following Security research | https://t.co/SFZNGja5pn | CTF pwn/rev @eltctfbr + @r3kapig | yes, I'm the browser guy
OSTIF Official @OSTIFofficial
2K Followers 801 Following Non-profit org that connects open-source projects with security resources. We are the Open Source Technology Improvement Fund.
m411k @m411k_
547 Followers 430 Following I profit from people's mistakes, ctfs, browsers, 6cves, poetry, public pgp in my blog, free palestine until its backwards
who3ver_momo @m01e_exp
151 Followers 1K Following
Leon J. Bergmann @LeonJBergmann
1K Followers 101 Following taxes, tech, and too many opinions. 🍷 | 📸 | 🎵 | 🍳
intrd @intrd
12K Followers 3K Following InfoSec Specialist | Breaking stuff since the '90s | 8a+ Rock Climber
Mahmoud Sherif @Mahmoudp90
338 Followers 2K Following Penetration Tester💻 | Don’t tell people your plans. Show them your results.
Boschko @olivier_boschko
4K Followers 2K Following just a french canadien | ai red team @HiddenLayerSec | research @pwnoio | CISSP BSCP CRTL CRTO OSCP eWPTX eCPPT
notveg @notnotnotveg
21 Followers 720 Following
Perri Adams @perribus
7K Followers 987 Following @Dartmouth ISTS Fellow & @SAISHopkins Adjunct Prof., inter alia. Former @DARPA, @DEFCON CTF, etc. @DistrictCon, @hexacon_fr, @LABScon_io CFP Review Boards
Ivan Krstić @radian
12K Followers 869 Following Head of Security Engineering+Architecture (SEAR) at Apple. I don’t speak for my employer.
Vitaly Nikolenko @vnik5287
6K Followers 94 Following Security researcher @ DUASYNT. Kernels, browsers. PGP: 77B1 FBAC E0FD 2E94 F8AC 2D91 9566 2314 344F 85E8
Jonathan Bar Or (JBO)... @yo_yo_yo_jbo
4K Followers 1K Following Hacker, security researcher at @Crowdstrike. Ex @Microsoft Defender. Linux, Windows, Android, MacOS, iOS, ChromeOS, bare metal. 日本語オーケーです👌
Atsika @_atsika
723 Followers 510 Following Red Team enthusiast | Malware development enjoyer | Adversary Simulation at @quarkslab
_leon_jacobs(💥) @leonjza
5K Followers 507 Following ⟦ 'cto @sensepost', '@orangecyberdef', 'caffeine fueled', '(╯°□°)╯︵ ┻━┻', 'security guy', 'metalhead', 'i saw your password', 'KOOBo+KXleKAv+KXlSnjgaM=' ⟧
BrendanEich @BrendanEich
204K Followers 2K Following Co-founder & CEO @Brave Software (https://t.co/NV4bmd6vxq) and @attentiontoken (https://t.co/XhGIrdBJWu). Co-founded Mozilla & Firefox. Created JavaScript.
Fatih Çelik @fatihclk01
473 Followers 294 Following Mostly finding bugs, rarely turning them into vulnerabilities
Feisty Duck @feistyduck
2K Followers 28 Following The place for TLS and PKI education. Publishers of Bulletproof TLS and PKI. Authors of Practical TLS and PKI training. Cryptography & Security Newsletter.
caioluders @caioluders
2K Followers 689 Following generative art; noobish hacking and portuguese poetry. player of @eltctfbr @duph0use @tramoia_sh
9MF @n1neMF
81 Followers 5K Following
CorSch @sch_cor
181 Followers 1K Following
T1nt1n @t1nt1nsn0wy
679 Followers 5K Following Noobie H4CK3R and researcher at @qualys. Prev @pwc. Views are my own :)
four0four @f0ur0four
122 Followers 975 Following Student | Security Researcher | CTFs with @ARESxCTF, @malta_ctf
You might like
