New blogpost! @[email protected] shares his latest research on bypassing HTML sanitizers via prototype pollution. Sanitizers covered are: DOMPurify, sanitize-html, Closure and xss: research.securitum.com/prototype-poll…

I released an article talking about my bug bounty journey, how I ranked 1st in U.S. DoD and how I reached top 100 hackers on HackerOne. Sharing also resources, tips and advices to become a better bug bounty hunter. medium.com/@ahmdhalabi/my…

#ESETresearch discovered a trojanized IDA Pro installer, distributed by the #Lazarus APT group. Attackers bundled the original IDA Pro 7.5 software developed by Hex-Rays SA with two malicious components. Anton Cherepanov 1/5

Cache Poisoning at Scale: Identifying and Exploiting over 70 Cache Poisoning Vulnerabilities youst.in/posts/cache-po…

Bug bounty konusunda bana çok yardımı olan tüm Tr Bug Hunters ekibine teşekkürlerimi sunarım. İyiki varsınız. Umarım 10. 20. Yılı da hep beraber kutlamak nasip olur :)

Her biri harika işler yapan dostlar var olasınız 😎

I wrote an Article explaining one of my interesting Vulnerabilities that I found in Apple. ahmdhalabi.medium.com/pii-disclosure… #bugbountytips #bugbountytip #cybersecuritytips #hacker

I am excited and proud to announce our alliance with Resecurity® through Cybit Sec’s Acquisition. And to hold the Managing Director position for Resecurity® in UAE. Full news: prnewswire.co.uk/news-releases/… #cybersecurity #threatintelligence #uae #penetrationtesting #nationalsecurity

Improper Handling of Length Parameter Inconsistency in github.com/francoisjacque… reported by Ahmad Halabi - Patch: github.com/francoisjacque… huntr.dev/bounties/430ae… #bugbounty #infosec #opensource

Google Bug Bounty - Cloud Shell Command Injection I hope you like it! :) #bugbounty bugra.ninja/posts/cloudshe…

Değerlendirdiğim Türkiye ve yurtdışındaki burslar sonucunda, Varşova Management Üniversitesinden kabul aldım🎉

boğaziçi siber güvenlik 🤠 BUSİBER Boğaziçi Üniv. YBS Siber Güvenlik Merkezi

I was invited as a speaker to the OWASP 2023 Global AppSec Washington DC Conference. I will be in Washington D.C., USA from October 30-31 and then in New York, USA from November 1-4. As an @OWASP Project Leader, we all look forward to meeting you :-) owasp2023globalappsecwashin.sched.com/speaker/lutfu.…

I am pleased to announce that my cybersecurity articles, along with my name, photo and biography, will be published worldwide in the book 97 Things Every Application Security Professional Should Know, one of O'Reilly Media’s series. The book will be published in early 2024 and I

O’Reilly yayınevinin serilerinden biri olan 97 Things Every Application Security Professional Should Know kitabında adım, fotoğrafım ve biyografimin yanı sıra siber güvenlik makalelerimin dünya çapında yayınlanacağını duyurmaktan mutluluk duyuyorum. Kitap 2024 yılının başında

I am pleased to attend the first International Threat Modeling conference in the industry to meet, interact, and connect with top TM practitioners, ThreatModcon 2023, as an audience and meet valuable people, which will be held in Washington, D.C on October 29th. Thanks to the

It was an excellent experience to be a speaker at @OWASP Foundation Global AppSec Washington D.C 2023, the international cybersecurity conference for the 19th anniversary of my life.🏛️ 🇺🇸 I learned too many things that I had the opportunity to experience for the first time in my

Bu haftasonu TEDxHacettepeUniversity sahnesinde "Güvenli Kod Geliştirmenin Şirketler ve Bireyler Üzerindeki Etkisi: Bireylerin Dijital Güvenlikteki Rolü" üzerine konuştum. HacettepeMEC topluluğuna bu güzel organizasyon için teşekkür ederim.

I am pleased to share that I received a Letter of Appreciation from NASA - National Aeronautics and Space Administration after discovering a vulnerability in their systems. #bugbounty #vdp #NASA #cybersecurity

Aşağıda belirtmiş olduğumuz süreç, daha önce de ifade ettiğimiz gibi OWASP ile iletişime geçilerek tüm tarafların barışçıl bir çözüm yolu bulması amacıyla sonuçlandırılmıştır. OWASP yetkilileri tarafından tarafımıza gönderilen referans mektubuyla birlikte, konuşmacı olarak