🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

ICYMI, on HackerOne's Q3 leaderboard, an AI system is currently leading the world in reputation for real-life vulnerability disclosures. And it's not just hammering a single type of vulnerability--XBOW takes the podium in 4 of 8 vulnerability categories. What a time to be alive

Come and meet XBOW! Apart from the thing itself, also chat with some of the humans that are building it: Nico Waisman, Brendan Dolan-Gavitt, Alvaro Muñoz 🇺🇦, Niemand, djurado, Nicolas Trippar, Cami Osorio. I'd love to talk too!

⚡️XBOW found LFI where most tools would have given up. Photo download endpoint blocked all path traversal attempts. But JavaScript analysis revealed /photo/proxy?url= - vulnerable to file:// scheme access. Successfully read a password file via proxy endpoint. Technical

Some of my colleagues and friends assume that an AI agent would only find low-hanging fruit. I used to think the same until about last year, when I saw a couple of vuln chains that blew my mind. Seeing those vulns made me join XBOW. We'll share one of them shortly. Hang tight :)

This is going to be an amazing presentation on how to properly do bug discovery with AI. The real trick, divide the needles from the haystack.

I love being proved wrong, and XBOW is showing that agent-based systems are already more efficient than I expected a year ago This is an exciting time for automated bug finding

Undoubtedly, one of the top-notch security teams in the industry!

We are sooooo lucky to have you on the team!

Went hunting for geo-bypass. Found blind SQLi instead. /redacted/ + 'SLEEP' infused cookie = 15s nap. Logs don’t lie. Technical breakdown -> xbow.com/blog/xbow-geol…

An amazing achievement, from one of the best team I ever working with!!

If you have some time today, check out Brendan Dolan-Gavitt highlights or Alvaro Muñoz 🇺🇦 full blogpot on this amazing vulnerability and how it was exploited by XBOW. See you all in BH/Defcon next week!

🚀 Excited to announce our partnership with Vanta ! With XBOW’s autonomous penetration testing now in Vanta, startups can meet the highest security standards with speed and confidence—finding and validating real vulnerabilities in hours, not weeks. Learn more:

the old startup pen test playbook: go through a sales process, wait weeks, pay huge bills, get surface-level results or sacrifice speed for quality. we've worked with XBOW to change this: thorough pen tests from the world's #1 hacker that are done in a day and priced for

“A great CISO has a good understanding of how to attack their own network” - General Paul Nakasone

First vulnerability of the day! We’re at Black Hat, come meet the team. 📍 Booth 3257

Yesterday, we found 112 vulnerabilities live at Black Hat. This is what it looks like when we find one. Come check it out. Booth 3257.

Shout-out to @XBOW for being a Platinum Sponsor. Thank you for your trust and support! XBOW recently climbed to the #1 spot on the H1 leaderboard! Their team will be at DEF CON and BBV, so don’t miss the chance to stop by and learn more about their AI-powered offensive security.

Wandering through DEFCON someone yelled at me “hey it’s Mr False Positives!!”. Sadly, I was slightly too slow on the uptake to reply “That’s right, first name ‘Zero’”

Love the maritime hacking village! Definitely a highlight of DEF CON this year, but a bit disappointing that you need to be a US citizen to play the autonomous vessel CTF