If you're learning about vibe hacking, here's a cool article demonstrating how Matt Keeley used AI to create a working exploit for CVE-2025-32433 before any public PoCs existed! Worth a read 👇 platformsecurity.com/blog/CVE-2025-…

It's nearly time... 👀 http1mustdie.com #HTTP1MustDie

We'll be at DEF CON. Will you? #DEFCON #DEFCON33 #hackwithautomation #hacking #cybersecurity

Learn together. Hack together. Join us on Discord: discord.gg/portswigger

Think you need a tech background to work in cybersecurity? Wrong. Your current job might already have what cyber teams need. 5 ways to apply your non-cyber skills in cybersecurity👇 1️⃣ Every skill is transferable (with context) It’s not what you did, it’s how you frame it:

You’re great at breaking into systems, but breaking into feeds? Different skill set. HackerContent helps solo hackers and indie builders turn experience into content. Find out more 👇 hackercontent.com

Tomorrow. Are you ready? ☠️ http1mustdie.com #HTTP1MustDie

Finally got to meet JS0N Haddix !! #blackhat

If you're still running Nuclei with just the basic templates… Hit CTRL + C, book a flight to Vegas, and get to DEF CON. This Saturday, @nahamsec & Adam Langley are dropping: "Nuclei: Beyond The Basic Templates" 🔥 You in? #DEFCON #BugBounty #Nuclei

ONLY 6 DAYS TO GO! 🧨 The countdown continues: 6 days until my book lands in your mailbox from Amazon! "From Day Zero to Zero Day" is almost here and I’m beyond thrilled to share it with you all! Pre-orders open now - link in comments! 🚀

5 hours until the desync endgame begins. http1mustdie.com #HTTP1MustDie

🚨New Black Hat research released: Over $200k in bounties earned in just two weeks. Join the movement to kill HTTP/1.1 today ⬇️ 🔍PortSwigger’s James Kettle (James Kettle) introduces two new classes of HTTP desync attacks capable of compromising credentials on tens of millions of

🕵️‍♂️ 🎩 The desync endgame has just begun. New expert lab has just dropped. Straight from James Kettle’s #BHUSA talk: Understand the latest request smuggling techniques, sharpen your skills, unlock new bounties, and solidify your organization’s defenses with the new expert lab ⬇️

The whitepaper is live! Learn how to win the HTTP desync endgame... and why HTTP/1.1 needs to die: http1mustdie.com

Hackbots can be prone to hallucinations. The AI team at Ethiack was able to achieve a very low false positive rate through a specialized sub-agent known as the verifier. If you are interested about hackbot development👇

🚨 NEW FEATURE - Live CT Log Streaming in tlsx! 🚨 With tlsx, you can now stream and store live certificate transparency logs with the -ctl flag. This lets anyone build their own crt.sh or power threat hunting based on cert data!  Perfect for OSINT, detection,

Is your ffuf output too noisy? Try using this option! The -ac option in ffuf stands for "Auto Calibration". When enabled, -ac instructs ffuf to automatically detect and filter out responses that might otherwise pollute your result set. More in thread 👇 1/4

Not every XSS leads to alert(1). Some almost work, but don’t. Instead of discarding them, save them. Here’s how weak XSS vectors can be powerful when chained creatively👇 1️⃣ HTML Injection Sometimes you can inject HTML but not script. Don’t dismiss it as low impact. This

Can YOU complete this lab before James Kettle provides the solution on August 15? This ✨NEW✨ Expert Lab is based on real-world vulnerabilities discovered by PortSwigger Research! To learn more about 0 .CL request smuggling, check out James' whitepaper "HTTP/1.1 Must Die":

“From Day Zero to Zero Day” is available for sale at the DEF CON No Starch Press booth at the vendor hall! Or order it online with the DEFCON33 discount code for 33% off!