Le pire, c'est que c'est un vrai - c'est même pas un phishing La Poste il serait peut-être bien d'envisager de faire mieux? Vos emails sont tellement bourrés d'indices comme quoi ce sont des faux qu'on ne peut pas leur faire confiance. La prochaine fois, je vous prépare un

Some time ago while hunting with Icare and looking for bugs in Ghostscript I found a vulnerability that allows to local file read / write. This led to CVE-2025-46646. nvd.nist.gov/vuln/detail/CV… - #infosec #bugbounty

Daniel Le Gall (Blaklis) shares a ride through real-world bug bounty wins — from SMS token leaks and XPath exfiltration to MIME header RCEs and logic flaws that pay on coffee breaks. $2M+ earned, 15+ years of hacking. Full talk → youtu.be/4yJQz2jXV-E #BugBounty #DEFCON

Probably one of the easiest bugs in my career :) #BugBounty

Or maybe this one was the easiest? :p #bugbounty

Oops, everyone is admin! #bugbounty

Because $z->xinclude(false) doesn't prevent XInclude directives to be parsed - it actively evaluates xinclude directives :p. A few at-first-sight useless bugs that chained well to get something critical! Swisscom CSIRT even added a bonus for it, for the exploit coolness! Have a

... and we dropped 2 new vulnerabilities, bypassing the emergency patch. Might have been a threat actor dream I guess :p #BugBounty

My french team, for the world cup, and in collaboration with my wife, printed me a hoodie with a redacted payload on it. That bug was super fun, but quite hard to exploit! If encoded words, RFC2047 and so on are strange words to you, Gareth Heyes \u2028 presented at the same time their

The last bits of it took me a bit of time, as I took some very long holidays, but I'm now part of the 10k rep club 👀 #BugBounty

In a few days, I was awarded $20'000 in bounties on HackerOne, and a nice CFH 10'000 (~$12'000) bounty on Swisscom CSIRT ! Nice way to slowly get back at it hehe :) #TogetherWeHitHarder #bugbounty #SwisscomBugBounty

Built some automation and a directory for aggregating bug bounty profiles. Adding your profile isn't open to the public yet but let me know what you think. disclosedonline.com/directory #bugbounty

Another good one! :) Yay, I was awarded a $8,333 bounty on HackerOne, on a $25,000 bounty in collab with Snorlhax & doomerhunter (Victor Poucheret) 💪! hackerone.com/blaklis #bugbounty #TogetherWeHitHarder

I've been working on something behind the scenes for the past couple of months, and I'm finally ready to share it. Disclosed. A curated newsletter about the bug bounty world. getdisclosed.com/subscribe Over the last four weeks, I've been quietly publishing weekly issues and

Just finished my talk at #securityfest, you can find all the details in my latest blog post: blog.scrt.ch/2025/06/04/son…

Yay, we were awarded a $50,000 bounty on HackerOne with doomerhunter (Victor Poucheret) and Snorlhax! hackerone.com/blaklis #TogetherWeHitHarder #bugbounty

Hit some huge bounties collaborating with some of the top French bug hunters Lupin, Snorlhax, Blaklis accross campaigns and the H1-6102 LHE. Never had so many large rewards in a small timeframe 🤯 Most fun I had in a long time !

Hey the community! I feel the need to react to x.com/GodfatherOrwa/…, as it targets me specifically and is doing a clear defamation there. I guess it's useless to say that the claims of me telling that I'll block people based on the fact that they're muslim is a complete lie,