Mikael @1leakim - Twitter Profile

While playing a challenge by @salvatoreabello, I found a pretty interesting way to exploit Dangling Markup with a strict CSP. All you need is an <iframe>, <object> or <embed> set to about:blank, with a dangling name= attribute. This vulnerable page should be iframable.

J0R1AN's tweet photo. While playing a challenge by @salvatoreabello, I found a pretty interesting way to exploit Dangling Markup with a strict CSP.
All you need is an <iframe>, <object> or <embed> set to about:blank, with a dangling name= attribute. This vulnerable page should be iframable. https://t.co/M8aOnNmY7f

1

244

38

172

28K

Mikael @1leakim

10 months ago

In May, me and @vitobotta found an unauthenticated sql injection in OneLogin. I made a short blogpost about it https://t.co/apfiQHcKm9

0

22

8

25

3K

Mikael @1leakim

11 months ago

@NahamSec Wish the best for you ❤️

0

219

Mikael @1leakim

12 months ago

After mostly working on HackerOne and getting some crits there, today I got my first P1 and overall bounty on bugcrowd! Very funny ato hahah

1leakim's tweet photo. After mostly working on HackerOne and getting some crits there, today I got my first P1 and overall bounty on bugcrowd! Very funny ato hahah https://t.co/agw7RokgWl

0

1

0

436

Mikael @1leakim

about 1 year ago

@MrTuxracer I'm talking about a private hackerone program that starts with the letter S and ends in Y. Is yours similar?

1

0

439

Mikael @1leakim

about 1 year ago

@emil_lerner Thank you for providing the gif image sir! I have 1 more question. In the video you also upload a postscript file with the png file extension. Are these just normal postscript files, or are they also somehow modified to pass some mime type checks for example?

1

0

62

Mikael @1leakim

about 1 year ago

@emil_lerner Thank you very much sir, I appreciate it! Have a nice rest of your week :-)

0

39

Mikael @1leakim

about 1 year ago

@emil_lerner Great talk sir! 1 question though. In the beginning you talk about using gif-images that do not have any palettes. I have been reading through the gif-format specification but having hard time understanding it. How can I create a gif-image that does not have a palette?

1

0

65

Mikael @1leakim

over 1 year ago

@gregxsunday Are you also going to make youtube videos about the 4 upcoming case studies?

1

0

182

Mikael @1leakim

over 1 year ago

If you ignore the $25 I got as a bonus on a duplicate report about 1 week ago, I was recently awarded with my first bounty on hackerone and 3rd bounty overall. I'm pretty happy about this one!

1leakim's tweet photo. If you ignore the $25 I got as a bonus on a duplicate report about 1 week ago, I was recently awarded with my first bounty on hackerone and 3rd bounty overall. I'm pretty happy about this one! https://t.co/sEFccUYhAU

0

9

0

1

552

Mikael @1leakim

over 1 year ago

@NahamSec 🎅🏼

0

24

1leakim retweeted

Ben Sadeghipour

@NahamSec

over 1 year ago

🎯With the holidays coming up, I'm going to host a week of giveaways starting with my Hands-On Web Hacking course which includes: ✅ 100+ lessons ✅ 15+ hours of video content ✅ Dedicated community 👉🏼https://t.co/yZGD6JgBO3 🎁To enter: retweet and reply with a 🎅🏼

298

404

263

83

51K

Mikael

@1leakim

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users