WEB / BUG BOUNTY - APIs Resource API endpoints (gist.github.com/yassineaboukir…) - API Security part 1 (medium.com/datadriveninve…) - 31 Tips for pentesting APIs (medium.com/bugbountywrite…) - 31 Tips (drive document) (docs.google.com/spreadsheets/d…)

Must-have checklists I use in my #pentesting assessments. (thread)

Mega-thread on IDORs

Video Recon++: A collection (updated frequently 😎) of Youtube’s videos of #bugbounty #recon for beginners 😅 with my notes. strongcourage.notion.site/Video-Recon-2c… #BugBounty #bugbountytip #bugbountytips #cybersecurity #infosec

Thanks bro Stefan. Thanks BINSEC Team @ Université Paris-Saclay, CEA, List and anh Thuận for support and collaboration. 🥰🥰🥰

Time for another giveaway! We are going to send a t-shirt and a few goodies to one person who follows PentesterLab and retweets this tweet!! And we are going to give a 12-month voucher to someone who follows PentesterLab and likes this tweet!!

We (Toby Murray, Ben Rubinstein and me in collab. with Oliver Chang, @Alan32Liu & GOSST team at Google) have 1 open (postdoctoral) RF position for #fuzzing lovers to improve its effectiveness and efficiency with data-flow analysis. Pls DM/email me if you're interested. RTs are appreciated!

It has been a pleasure to be hosted by Telefónica Scientific Research in this #SPATIALConsortiumMeeting in Barcelona! Walking together to the activities already performed and the next steps have been great. We have to thank also the advisory board for attending. Aaron Ding

Want to know how to find bugs through fuzzing others miss? 10 insights from practical experience 👇

Just completed my final PR for AFLSmart++ (a "smarter" AFLSmart ;) to join the SBFT23 #fuzzing competition. Hope it will do well; anyway I have lots of fun. In addition to the great support from the organizers, I also got help & great discussions with other participants. (1/n)

This tweet is for FUZZING enthusiasts !! Our research group at NUS (abhikrc.com/projects/Fuzz/) is looking for practitioners and researchers to take this survey about software testing: lnkd.in/g6f_2ftd We'll donate $5 USD to Doctors Without Borders (up to 100 responses)!

Free Black Hat GraphQL book giveaway! Retweet for your chance to win! #hacking #book #blackhatgraphql #giveaway

🚨 New GIVEAWAY 🚨 It's been a year since the announcement of our first certification, #CBBH, and we're celebrating! Want to be the one to win a Silver Annual subscription? 1️⃣ Follow HTB and HackerOne  2️⃣ Like & RT this post Good luck 🍀 #BugBountyHunting #HTB #Hacking

✅ Today, SPATIAL Project had its first review meeting with the PO, Giorgos Kaiafas (European Commission), and the reviewers José Francisco Ruíz and George Athanasiou. We are very grateful for their constructive and valuable insights. spatial-h2020.eu Aaron Ding @tudelftTBM

📢Announcement 📢 Earn a 90% discount on our Certified Cloud Security Practitioner - AWS (CCSP - AWS) for a limited time 💪 🙏 . ***Retweet this on your wall, 5 lucky winners will get a 100% discount!*** Follow the instructions below to obtain & redeem your code before the

Looking for a job (postdoc, phd, intern) in software security and code analysis? 🤔 ▶️Check out our fresh offers @ binsec.github.io/jobs Join a stimulating, open-minded and anglophone lab in the world's most magic city and enjoy the French "art de vivre" and welfare state!🙂

[JEU CONCOURS] Vous l'avez attendue, la voilààà ! On vous fait gagner une PlayStation 5 🎮😮 Pour participer ➡️ RT + FOLLOW 🤞 #PS5 Le gagnant sera tiré au sort le 05/06 🍀

I’m looking for 2 PhD students working on #fuzzing in but not limited to parallel fuzzing (AFLTeam), directed fuzzing (next gen. of #aflgo), and expanding the reach of fuzzing to test diff. types of systems (having domain expertise is a big plus). DM is open & RTs are appreciated

🥁🥁🥁 I am looking for a PhD student to work on fuzzing for software vulnerability detection! The position is fully-funded and based in our BINSEC Team @ Université Paris-Saclay, CEA, List team in Paris-Saclay, France. Details 👉 binsec.github.io/jobs/open/2023… Sharing this offer is highly welcome! 🙂

I’m hiring a 2-year fixed-term postdoc to work with me in the Cybersecurity group Computing & Information Systems UniMelb to improve the effectiveness & efficiency of #fuzzing for security testing. Job post & application guideline is available at jobs.unimelb.edu.au/en/job/914337/…. DM is open. RTs are appreciated!!