They pay me to break into systems for a living, But Security Bsides Mussoorie just silently hacked my entire wardrobe with this hoodie.😎 0day comfort. No patch needed.🔥 Thank you Security Bsides Mussoorie ❤️ #CyberSec #hoodie #BugBounty

Slides for "ToolShell Patch Bypass and the AI That Might Have Seen It Coming" at NDC Conferences {Manchester} 2025. github.com/irsdl/sharepoi… Bonus: WAF & workarounds bypass! #AppSec #SharePoint #TolShell

Final Black Friday Giveaway! Win FREE access to: • 1 CRTP seat • 1 CRTE seat How to participate: 1. Like 2. Comment which course you’re interested in and why 3. Repost If you've already availed the Black Friday offer, you're still eligible. Winners will be announced on Dec

Only 5 days left until NahamCon Winter Edition ❄️ Workshops, deep dives, live Q&A, and fresh research coming your way 🚀 📆 December 17 to 18 ℹ️ Check out what’s happening 👉🏼 nahamcon.com

Going Live Soon! Stay Tuned🔥

This is really cool writeup. Self-XSS + Login CSRF + SSO gadget to ATO Nice find Lauritz! security.lauritz-holtmann.de/post/xss-ato-g…

One of the ways that I am going to get myself back into bug hunting, is to start actually automating some things. Simple things like the content discovery, subdomain discovery, testing for xss, mapping sites out etc. All of this is time consuming, and I plan to use scripts,

How I turned a single leaked JS file on a dev server into a CVSS 10.0 Critical Account Takeover on a live production backend. Full technical breakdown here: medium.com/p/1912857037dc #bugbountytips #api_security #sanity

Sharing my Burp Extension that earned me $200k in 2025 while API testing heavy JS-rich targets. github.com/jenish-sojitra… The tool helps find endpoints, files, internal emails, and some secrets from minified JS. Its goal is to achieve maximum efficiency with reduced noise in

I'm excited to join Security BSides Mussoorie happening on April 9th, 2026, organized through KonfHub. Don't miss your chance to attend! konfhub.com/bsidesmussoorie Security Bsides Mussoorie

Yay, I was awarded another $10,000 bounty on HackerOne ! hackerone.com/one33se7en #TogetherWeHitHarder 2026 is off to a great start, Let’s go!.

Day TWO of FIVE days of celebrating our 2 year ARCANUM-VERSARY! Arcanum Information Security 3rd Giveaway = FOUR seats to our new course by the_IDORminator "Zero to [BAC] Hero" ! 👍 1 Like = 1 Entry! ♻️ 1 Share = 2 Entries! Winners announced 1/21! Syllabus link below 👇

I just published 🔐 Access Control Vulnerability Leading to Unauthorized Role Removal medium.com/p/access-contr…