Omar

@0x0ld

Joined February 2022

103 Following

1.3K Followers

54 Posts

13 days ago

@birdabo If your claim is true and Mythos was able to build a macOS clone, there's no way the entire project consists of only 3k lines of code and 50k tokens That number simply isn't believable. Even building a basic browser from can easily take hundreds of thousands of lines of codes lol

1

1

0

0

861

about 1 month ago

@elonmusk Happy Mother’s Day to all the amazing mothers out there and to my mom in heaven, until we meet again ❤️

0

0

0

0

102

about 1 month ago

Piquo is an OG hacker I’ve been trying to drag into bug bounty for a while, and he just got a High severity on HackerOne with his first report… in the Claude app welcome to the party man!!

about 1 month ago

My first public CVE! This allowed a malicious actor to leverage Claude Code to cause a local privilege escalation. Please update to Version 1.3834.0 or higher. CVE-2026-44470 https://t.co/3Uy2XAKOVL

1

17

6

4

134K

1

3

1

1

2K

about 1 month ago

Honestly I haven’t even hacked in a week. Feels demotivating seeing where things are heading and I’m already thinking about quitting.

0

0

0

0

379

about 1 month ago

Is anyone else feeling this? AI is advancing so fast that I’m starting to question bug bounty long term. Seeing people find 0days with barely any technical experience makes me think it’s only a matter of time before companies realize it’s cheaper to run AI agents nonstop instead

1

5

0

2

769

3 months ago

@claudeai @simsalacrypto 😬

0

0

0

0

63

4 months ago

@thedawgyg According to a member of the HackerOne staff, this is not currently being done, and they will provide more detailed information in the coming weeks.

0x0ld's tweet photo. @thedawgyg According to a member of the HackerOne staff, this is not currently being done, and they will provide more detailed information in the coming weeks. https://t.co/hCS6Jm461y

0

3

0

1

1K

4 months ago

@adeolRxxxx @simsalacrypto

0

0

0

0

167

5 months ago

@fahadkhan__101 through trial and error while exploiting the SQL injection, the backend began returning “file not found” responses. I then injected /passwd into the second column, which resulted in the contents of that file being returned.

0

1

0

0

239

5 months ago

Sexy

0x0ld's tweet photo. Sexy https://t.co/OsYaEoFNh9

20

305

8

114

20K

5 months ago

@trial_36545191 already escalated that and popped a shell on this host :p

0

0

0

0

146

5 months ago

@userarceus @grok This issue originated as a SQL injection and was escalated to a local file disclosure due to improper sanitization of database values. These values were later passed to a file read function, allowing an attacker to manipulate the query results and alter the file’s source path.

0

1

0

0

111

5 months ago

@wareeq_shile https://t.co/6LVQI68XFM a result, the application reads the attacker-supplied path rather than the intended PDF location, leading to a Local File Disclosure vulnerability. here is an example of the code generated by chatGPT

0x0ld's tweet photo. @wareeq_shile https://t.co/6LVQI68XFM a result, the application reads the attacker-supplied path rather than the intended PDF location, leading to a Local File Disclosure vulnerability. here is an example of the code generated by chatGPT https://t.co/dtNSlM2DxS

1

1

0

0

178

5 months ago

@wareeq_shile 2.Due to insufficient input validation, the id parameter is vulnerable to a UNION-based SQL injection. By exploiting this flaw, an attacker can manipulate the query result and inject an arbitrary file path instead of the legitimate database value.

0

0

0

0

136

5 months ago

@wareeq_shile 1.The affected endpoint accepts a hashed id parameter, which is used in a database query to retrieve the file path of a PDF document. Once a matching record is found, the application reads the file directly from the filesystem using a function such as file_get_contents().

0

6

0

1

1K

6 months ago

@marcaslevel1 @Hacker0x01 @marcaslevel1 Hi! Thanks a lot for the kind words. I’m completely self-taught, and the best resource I recommend is portswigger academy it’s free and very hands-on. bestof luck on your journey, and feel free to ask anytime!

1

1

0

0

93

10 months ago

Just hit 10k! Let’s make it to the Top 100 on @Hacker0x01

0x0ld's tweet photo. Just hit 10k! Let’s make it to the Top 100 on @Hacker0x01 https://t.co/MqAIc6zD32

9

192

1

12

9K

12 months ago

@arshiyaiha right!

0

1

0

0

236

12 months ago

@0xmedex @Hacker0x01 My dms are open you should be able to dm me

0

0

0

0

86

about 1 year ago

Yay, I was awarded a $7,500 bounty on @Hacker0x01! https://t.co/XEt6KtYE80 #TogetherWeHitHarder

6

154

5

18

8K

12 months ago

@MiniMjStar @Hacker0x01 it should be open now

0

1

0

0

129

Last Seen Users on Sotwe

Trends for you

Most Popular Users