Proud to have djurado and Niemand representing XBOW at DEF CON Bug Bounty Village 🎯 XBOW finds vulns, our team shares the insights. See you in Vegas! #DEFCON

ICYMI, on HackerOne's Q3 leaderboard, an AI system is currently leading the world in reputation for real-life vulnerability disclosures. And it's not just hammering a single type of vulnerability--XBOW takes the podium in 4 of 8 vulnerability categories. What a time to be alive

Mick Douglas 🇺🇦🌻 Tib3rius That’s fine! You don’t have to believe it if you don’t want. Their researchers are top bug hunters with loads of trust and critical vulns under their belt. We interviewed one of them (djurado) for Critical Thinking - Bug Bounty Podcast and the episode should air in the next couple weeks. He talks about

I'm even more excited about the 2nd TiTiler vuln XBOW found because the exploit/exfiltration it came up with is so so clever – but that'll have to wait for next week :)

Check this RCE affecting TiTiler’s expression parser affecting some well known bug bounty programs. Great bugs lead to great bounties! Soon we will be sharing a crazy arbitrary file read that I bet a great % of bug hunters would have missed. Stay tuned!

Some of my colleagues and friends assume that an AI agent would only find low-hanging fruit. I used to think the same until about last year, when I saw a couple of vuln chains that blew my mind. Seeing those vulns made me join XBOW. We'll share one of them shortly. Hang tight :)

XBOW pulled off the perfect digital heist: stealing files by hiding them in plain sight. Disguised arbitrary file content as satellite imagery pixels. TiTiler processed the "images" while XBOW extracted secrets from the compression data. Mission details: bit.ly/3TX1o89

This might be one of the most exciting things XBOW has exploited recently in a Bug Bounty program. Not just because of its impact, but because of the steps required to uncover and exploit the vulnerability. #bugbounty #hacking #ai

I was going to write a thread about my latest XBOW blog post but Brendan Dolan-Gavitt wrote a perfect one. Go check it out! xbow.com/blog/xbow-titi…

Proud to have been part of the Salesforce security team triaging and analyzing the #XSS vulnerability discovered by XBOW in Aura components. Kudos to the XBOW and djurado for their persistence, and to my Salesforce's security team! xbow.com/blog/xbow-sale…

I still see a lot of people who think anything involving AI is just marketing hype. Over the past few weeks, I’ve seen XBOW exploit RCEs (among other critical bugs) in core production apps across many top-tier bug bounty programs. And I’m not talking about random targets,

I don’t understand why everyone in the bug bounty community is attacking XBOW for their success! I’m sure that AI and Xbow will make a significant impact / change in cybersecurity. Keep building XBOW! 👏

New episode is out! — youtu.be/rvA8IbyogJ0 Releasing the episode on Monday so you have something to listen to during your travel to DEFCON =) Diego Djurado joins us to discuss XBOW's architecture, hunting approach, hallucination challenges, and AI's future in bug bounty. He

Everyone has been waiting on this episode 😊 If you want to know: - How does @xbow work? - Is it all hype? - Will it replace hackers? Check out this incredible episode with xbow researcher (and top bug hunter AND our friend): djurado

We dropped an AWESOME episode of the pod a bit early for y'all this week so you can enjoy listening on your way to DEFCON. This time we brought on djurado from XBOW and asked the hard questions! One of my fav episodes so far.

The new episode of Critical Thinking - Bug Bounty Podcast is out! Huge thanks to Justin Gardner and Joseph Thacker for having me. I had a great time chatting with you about XBOW and HackerOne’s Ambassador World Cup. It was a blast! 🫶🏼

It's a so-called hackbot, leading some to believe that AI-driven hackers now have the edge over real people. HackerOne Michiel Prins XBOW cnews.link/top-hacker-is-…

Tomorrow, 10:00 AM @ #defcon33 djurado & Niemand break down how we built XBOW. Hear about the journey, the challenges, and the most impressive bugs we've found, straight from our top researchers.

To build a top hacker, it takes top hackers. The inside story of @XBOW by Niemand and djurado. We are so lucky to have them on the team!

Check out the full Critical Thinking episode (Critical Thinking - Bug Bounty Podcast) to hear about XBOW’s internals from one of our elite researchers, djurado.