Getting Started with Exploit Development - Updated version from 11 July 2024 - 🔗 dayzerosec.com/blog/2024/07/1…

Work hard, be patient Setbacks are temporary. Keep coding. Keep learning. Keep building. Your future is worth the grind.

Isn't it magical? Logic gates -> Computer -> AI How about Neurons -> Brain -> Consciousness

Literally a "crowd strike"

Security is a myth

One takeaway from this weekend : MacOS isn't used for anything important. 😂

Making my way through pwn.college these days. Man, ChatGPT is really bad at assembly 😂

WHERE ARE THE BUGS? WHERE ARE THE BUGS? WHERE ARE THE BUGS? WHERE ARE THE BUGS? WHERE ARE THE BUGS?

Sometimes programs run a "private program" and state so publicly. Here is a google dork to find some of them: 🪄 site:hackerone[.]com "private program" -docs.hackerone.com -inurl:/reports -"Profile" 🪄

Ben Sadeghipour Pick a niche, become an expert, find bugs maybe even 0days or reverse n-days, and write blogs. Even if you don’t hit those $100k bounties, it’ll be a stepping stone toward a $100k job. What niche? How to pick? Examples? infosec being so vast from web3 sec to web2, mobile,

Really digging pwn.college for the past few months! Highly recommend checking it out! I am learning a lot, the resources are great, discord community is nice and it's all free. 👍

🐚Let’s pop more shells than fireworks this year! 🐚 May it rain bugs (and big bounties 💸) in 2025. May your fuzzers be sharp, your payloads precise, and your reports always accepted on the first try. Thank you for making 2024 legendary. Let’s level up together. 🐛🔥

🎉✨ 4 YEARS of Bug Hunter Labs! ✨🎉 Can't believe that it has been 4 years already. To everyone who has followed, or engaged, Bug Hunter Labs, THANK YOU. 🙏 It means a lot! #MyXAnniversary

If you ever need a shellcode smaller than 24 bytes to read a file: 1️⃣ Link your file to f: ln -s /flag f 2️⃣ Use this minimal shellcode: global _start section .text _start: ; int chmod(const char *path, mode_t mode); mov rax, 90 ; syscall number for

If we would rethink tooling for penetration testing & bug hunting, especially proxies (e.g. Burp, Caido) how would they look like? My thought is that the proxy/tooling should be directly integrated in the browser. - No switching windows -> Less workflow friction

I found a bug without AI is the new I found an SQLi without sqlmap

Man, pwn.college is so nice! I really love how the challenges are getting gradually more difficult.

Just do it - Adidas 🤣🤣🤣