You’re about to see the world’s first show & tell from a hackbot. Enjoy!

🚨BBOT Security Advisory🚨 4 fresh CVEs (2 CRITICAL RCE) can give a clever defender RCE on your attack box if you’re on BBOT <2.7.0. Hat tip to xchg justin,justin of Tanto Security for the catch. 🙌 Details 👉BLS Blog blog.blacklanternsecurity.com/p/bbot-securit… #infosec #CVE

Episode 144 is out! - youtu.be/Y8OUVGm9lss In this episode, rez0 brings Monke and Busfactor to discuss their success at the recent Google LHE in Mexico, as well as their journey and routines in full-time hacking.

mom, I'm on the ctbb podcast

AI Hacking - "feels like if I report this to the company I'm scamming them" Vitor Falcão "busfactor" 🤣

Find the full article here ⤵️ yeswehack.com/learn-bug-boun…

Holy moly! Recently, I had the incredible opportunity to participate in my very first HackerOne Live Hacking Event! During the event, on top of some bugs submitted, I gave 2 Show & Tell, won Most Impactful Team (together with Ads Dawson) and Best Meme 😂 The final ranking

When I say this is a crazy episode of CTBB...

Manifesting LHE's and MVH's in near future

Alright, I've got something for you all! Keeping a shared Google Sheet wasn't the best option, so try this Vibe Coded app. I hope it doesn't break because it's 100% AI code lol Link: bb.vitorfalcao.com

Unironically, Pewdiepie is doing more hands-on AI practice than most bug hunters are right now. High agency people aren't limited to one field. youtube.com/watch?v=qw4fDU…

This may be the perfect podcast episode. It has everything: hacking tips, crazy stories, amazing music and 3 buddies having a great time. Great job Critical Thinking - Bug Bounty Podcast Justin Gardner gr3pme Joseph Thacker youtu.be/FdByZdhlSlU?si…

Mantas Sabeckis Eib Check Vitor Falcão "busfactor"'s list out! It's INSANE! bb.vitorfalcao.com

I do testing on some programs over and over then I move on. But then I go back and test again. I always think the sec team behind that application is like "wtf is this guy doing" 😂 The only reason I go back is because I discovered something new on another program which I test

I earned $2,500 for my submission on @bugcrowd bugcrowd.com/an1msh #ItTakesACrowd This was a fun one. I had identified a self stored XSS where the vulnerability was in the user’s cart. I did have a login CSRF chain, but was a bit lazy and could not find myself writing yet

Unfortunately my workshop for exploiting asp .net viewstate in most scenarios didn't make it to BSides London due to other better workshops perhaps! Damn it AI categories 🤭 Please comment if you would like to read a blog post in a lab like style about it. You will need to have

When your intense research pays off. Tip: ignore the noise, focus on yourself and skills, build the tool, update the tool, read, read, hack, update tool, hack, update tool, read, update tool, hack, report😀 Alhamdulillah

> Be me, age 13 > Dad has implemented time limit restrictions on wifi > discover that you can reset the restrictions by turning the TP-Link device off and on again a few times > Play Pokémon a lot, and curiosity to learn game dev kicks off > Flight to Japan with mom and little

Coming to Hackvertor soon... Big thanks to Corey for the suggestion!

Just released a blog post "Deanonymizing Users at Scale: When Blocking Becomes an Oracle". In it, I describe an attack that made it possible to reveal the phone number of almost any user on one of the world’s largest social platforms: zere.es/posts/deanonym…