Some time ago while hunting with Icare and looking for bugs in Ghostscript I found a vulnerability that allows to local file read / write. This led to CVE-2025-46646. nvd.nist.gov/vuln/detail/CV… - #infosec #bugbounty

Onetest Extension is now in free beta. Join our Discord for the download link, install guide and your API key. Tell us about any bugs and share ideas for improvements. discord.gg/tPgThJ6RAU #BugBounty #XSS #OneTest

Je termine premier dans la catégorie reverse junior au FCSC 2025 ! J'ai publié sur mon blog deux write-ups de challenges que j'ai trouvés intéressants. N'hésitez pas à aller y jeter un oeil :-) - trikkss.github.io/posts/fcsc2025… - trikkss.github.io/posts/fcsc2025…

Here's a video demonstrating the tool exploiting an XSS vulnerability in a GET parameter with a JSON value. 🚀 Join our Discord to test the extension ! discord.gg/tPgThJ6RAU

We'll share lots of examples of how to use it 👇

Happy to have been rewarded for discovering a hidden XSS vulnerability with Onetest, a new tool for discovering hidden XSS ! Curious to test it out ? Join the Discord and give it a try : discord.gg/6RFeshHV #XSS #BugBounty #WebSecurity #Onetest

lol, this works on Firefox: <object data=# codebase=javascript:alert(document.domain)//> OR <embed src=# codebase=javascript:alert(document.domain)//>

Introducing a new tool of The Manticore Project: Delegations Manage Kerberos delegations like a pro: audit, add, remove, monitor & more — all in one tool! Supports unconstrained, constrained (+protocol transition), & RBCD. 🔗 github.com/TheManticorePr…

I won the Most Valuable Hacker award for the Salesforce H1-6102 live hacking event in Sydney (my hometown)! I enjoyed working with some very talented hackers, including RyotaK, Geluchat, and Kévin GERVOT (Mizu). This is my third MVH award, and I'm grateful to be able to compete.

Congrats to these award winners for their innovation, collaboration, and relentless pursuit of impact. 🔥 Most Valuable Hacker | Top Criticality, Community, & Consistency of the event >>WINNER: shubs 🕷️ Exterminator | Best/most Impactful bug of the event >>WINNERS:

Very late this time, but here it is. Hacker House, Teaching and Gadgets aituglo.com/aituweek-47/

Aituglo that was so cool!! really happy I got to organize this with you - let’s do it again next year for sure :p (best view for hacking 👀)

⏰ It's CHALLENGE O'CLOCK! 👉 Capture the flag before Thursday the 26th of June 👉 Win €400 in SWAG prizes 👉 We'll release a tip for every 100 likes on this tweet Thanks ToG for the challenge 👇 challenge-0625.intigriti.io

Un projet de loi sur le PEA a été déposé le 24 juin 2025. J’ai dû le relire plusieurs fois pour y croire… S’il est adopté, ce serait tout simplement une révolution pour l’épargne des Français 🇫🇷 Voici ce qu’il faut savoir 👇

Today was my last day as a pentester at Bsecure, and it feels a bit surreal. After a three-year journey of hunting on the side, I’m finally ready to go all-in as a full-time bug bounty hunter. To celebrate this milestone, I've written an article sharing the full story. It’s a

Solana 🔥🔥🔥

I'm happy to release a script gadgets wiki inspired by the work of Sebastian Lekies, koto, and Eduardo Vela in their Black Hat USA 2017 talk! 🔥 The goal is to provide quick access to gadgets that help bypass HTML sanitizers and CSPs 👇 gmsgadget.com 1/4

Bug bounty is a life changer !!! Took two weeks off, didn’t touch my laptop. Now I’m flying back one bug found, vacation paid off.

Guillaume Chouquet, fondateur et directeur de l'ESNA, viré de sa propre école par l'Pôle Formation UIMM Bretagne !!! Je suis consterné et en colère. C'est affligeant de prendre une telle décision quand on sait tout ce que le bonhomme a fait pour l'école et les alternants !