🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Went hunting for geo-bypass. Found blind SQLi instead. /redacted/ + 'SLEEP' infused cookie = 15s nap. Logs don’t lie. Technical breakdown -> xbow.com/blog/xbow-geol…

Last month, XBOW made history by becoming the #1 hacker in the United States. Today, it became #1 in the world! Big moment for AI x Security. Hit up Oege de Moor Nico Waisman Brendan Dolan-Gavitt and team if you'd like to see it live in action at Blackhat!

Pretty insane results from the XBOW team. It's still just the beginning..!

The number one hacker in the world is now an AI agent.

I still see a lot of people who think anything involving AI is just marketing hype. Over the past few weeks, I’ve seen XBOW exploit RCEs (among other critical bugs) in core production apps across many top-tier bug bounty programs. And I’m not talking about random targets,

I don’t understand why everyone in the bug bounty community is attacking XBOW for their success! I’m sure that AI and Xbow will make a significant impact / change in cybersecurity. Keep building XBOW! 👏

If you have some time today, check out Brendan Dolan-Gavitt highlights or Alvaro Muñoz 🇺🇦 full blogpot on this amazing vulnerability and how it was exploited by XBOW. See you all in BH/Defcon next week!

Now I finally get time to read XBOW ‘s MANY technical blog posts. 😅 The XBOW team not doing pure PR stunt but with sharing details how they did it that’s what I really like and enjoy.

Julien | MrTuxracer 🇪🇺 XBOW Some examples from recent findings, but there are many more: •Code execution via WebSocket endpoints •SpEL injection & sandbox escapes •SSTI-based payload execution •SOAP abuse to RCE •Auth bypass → code execution •JS-based injection •Hidden upload endpoints + extension

Everyone has been waiting on this episode 😊 If you want to know: - How does @xbow work? - Is it all hype? - Will it replace hackers? Check out this incredible episode with xbow researcher (and top bug hunter AND our friend): djurado

🚀 Excited to announce our partnership with Vanta ! With XBOW’s autonomous penetration testing now in Vanta, startups can meet the highest security standards with speed and confidence—finding and validating real vulnerabilities in hours, not weeks. Learn more:

the old startup pen test playbook: go through a sales process, wait weeks, pay huge bills, get surface-level results or sacrifice speed for quality. we've worked with XBOW to change this: thorough pen tests from the world's #1 hacker that are done in a day and priced for

XBOW is attacking — you just enjoy the breeze. 🔥 🧊 Come see our autonomous pentester in action. 📍Black Hat, booth 3257

The #1 question we get: “Aren’t there a ton of false positives?” 🤔 Today in Vegas, Brendan Dolan-Gavitt is showing how XBOW tackles that—and more. 🧠 11:20 AM – AI Agents for Offsec w/ Zero False Positives 🔎 5:00 PM – Mining Docker Hub for 0-days & Offsec Benchmarks Join us to see how

Last day at #BlackHat! Swing by, catch a demo—and grab a t-shirt before the floor closes.

I am in customer meetings, but if I wasn't I'd be watching it all day!

XBOW has changed the bug bounty game tbh.. shits gonna get wild over the next few years! i can see lots of people having their own AI agents (I bet people are building one right now). kudos to them for being transparent on everything :)

If you want to know more about how we got into the top leaderboard of HackerOne , we wait for you tomorrow at the creator stage!

To build a top hacker, it takes top hackers. The inside story of @XBOW by Niemand and djurado. We are so lucky to have them on the team!

Ladies and gentlemen, Our next gen pew pew map just dropped