I've made $500k+ from SSRF vulnerabilities. Here are my tricks:

the very 1st time u take down the network feels like

Awhile back we heard rumors of a Telegram RCE 0day. We brushed it off as silly memes. Turns out the 0day was 100% real and you're all probably pwned. It was unveiled on XSS. Nerds celebrated (joking about pwned part... kind of) More information: bleepingcomputer.com/news/security/…

Used a "?" before "@" to terminate an OAuth flow redirect URI, control the redirect location, and leak the oauth code.

Hacking devices are great. Here are hacker tools you should know. They are awesome.

In April, CNN journalists were led to the 'home' of Haitian gang lord Vitel’homme Innocent and interviewed him. He is on FBI Most Wanted's Top 10, with a bounty of up to $2 million. I mapped their drive and found his home here: 18.5278, -72.2314. Here's how👇🧵

This was a super fun project and a reminder about the lasting effects of security problems long after they're patched. youtube.com/watch?v=o5IySp…

Working with APIs can be a bit awkward. Wouldn’t it be nice if there was a tool that did all of the API calls for you, and integrated nicely with your existing tools? 🤔 Yes it would! That’s what haktrails does. Here's what it can do 👇 loom.ly/xxf2-cs

INTRODUCING: Agentic Security - LLM Security Scanner! 🔍 🔑 Features: Scans for prompt injections, jailbreaking & more. Provides detailed reports & options to customize attack rules. 🔗access the GitHub Link ↓

If your SSRF attempts don’t work on the first try, try using hostnames that resolve to the same IP address. nip.io allows you to map any IP address to a hostname! Check this out 👇

Match and replace doesn’t get the love it deserves and is often forgotten about. Here are 8 things to match and replace in you’re next hunt:

ooh, this works on Chrome Canary :D <input type="hidden" oncontentvisibilityautostatechange="alert(/ChromeCanary/)" style="content-visibility:auto">

Incredible.

After a really long time only focused on manual web security stuff, almost everything has started to feel like a QA checklist. There are definitely people doing novel research and dropping crazy bugs, but I think a lot of the big stepping stones require people to build really

Be careful with information from OpenAI ! Today I was trying to write a bump bot for pump.fun and asked ChatGPT to help me with the code. I got what I asked but I didn't expect that chatGPT would recommend me a scam Solana API website. I lost around $2.5k 🧵

How to find the manifest.json file of any Chrome extension: 1. Go to chrome://extensions 2. Turn on Developer mode 3. Copy the extension ID 4. Go to ~/Library/Application Support/Google/Chrome/Default/Extensions 5. Find the matching ID then find the manifest.json file!

Yo, big thing: Shift. AI seamlessly integrated into your HTTP proxy. Use cases: "Take this JS and build the JSON request body" "Fill in these IDs from my notes - UserA" "Create a match and replace rule to turn on this feature flag" "Generate a wordlist with all HTTP Verbs"

me, when cybersecurity was the center of my life: exhausted, burnt-out, struggling to balance my friends and family, mental health was poor me, when cybersecurity is just my *job* and not *who i am*: more sleep, less anxiety, happier, calmer, a more balanced life filled with

We've discovered yet another MCP attack technique! Attackers can hide malicious payloads using ANSI terminal escape codes. When your AI agent processes these invisible instructions, it can leak data or compromise your supply chain without you seeing anything suspicious.

== a websec thread == Inspired by Tib3rius I wanted to post my taxonomy of the different types of web scanning as i think it's important for people getting into web security to know. I'll frame some of these in their context as it pertains to PortSwigger 's Burp Suite and