🥹❤️

Top 200 on bugcrowd 🧡 alhamdulillah, always.

UNRWA has enough food for the entire population of #Gaza for over three months stockpiled in warehouses–including this one in Al Arish, Egypt–awaiting entry. The supplies are available. The systems are in place. Open the gates, lift the siege, allow UNRWA to do its work and

#غزة_تُجوع #غزه_تموت_جوعاً

blog.malicious.group/the-quiet-side… This is a living document at the moment, but here it is for now. 😅As mentioned in the paper, if you are a researcher and have questions after reading, just reach out to me and I will answer everything I can.

Fascinating comment I received since a while ago, thanks bugcrowd for the awesome customers!

Whoever Kirk is, this man instantly gave off an AURA!🔥

O Allah, occupy me with You instead of myself, for I crumble in sorrow, falter in trials, am weak in endurance, and possess little strength.

Donate for Gaza.

How old were you when you realized Burp shows HTTP/2 requests in HTTP/1 format and all this time you were testing smuggling on converted traffic? Me: 😶 portswigger.net/burp/documenta…

Productivity is a spectrum

TOOL RELEASE🔥🚀 Clear reports and good communication with the teams can make the difference in the outcome of your report, including the final bounty/bonus. To assist you in the reporting and communication, here is CrowdAssist ✨. bugcrowd compatible. 🧵👇 #BugBounty #AI

I don’t usually share stories, but desync attacks are trending nowadays. From day one of my security journey, I’ve been ambitious to learn them but every time I tried, I failed and gave up. If you read d3d aka dead (dead, мёртв, 死了)'s blogs on, I promise you’ll be on your way to top-tier on them.

🚨New Black Hat research released: Over $200k in bounties earned in just two weeks. Join the movement to kill HTTP/1.1 today ⬇️ 🔍PortSwigger’s James Kettle (James Kettle) introduces two new classes of HTTP desync attacks capable of compromising credentials on tens of millions of

It was around 1am while I waited for the paper to drop. I couldn’t wait to dive into the read, thanks James for the energy boost, this really charged us up.

Hey Grok, why do people think they need to achieve in 1–2 years what others took decades to accomplish? Is that a fair comparison? And if comparisons are necessary, how can we make them healthier?

Today, we're releasing the new Searchlight Cyber (Searchlight Cyber) tools website, which allows you to use several of our open-source tools for free via a web interface. You can self-register at tools.slcyber.io (+ all our wordlists will be released there from now on!)