Olivia
Online
Perce
@PerceSecu
CTF player | Bug Hunter | Ex infosec student at @EsnaBretagne
Joined September 2021
326 Following
443 Followers
93 Posts
Just got a reward for a critical vulnerability submitted on
@yeswehack
-- Improper Authentication (CWE-287)
#YesWeRHackers
I'm happy to release the first version of my DOMLogger++ plugin for @CaidoIO! 🔎
It improves the browser extension in several ways:
• Persistent, per-project storage
• Temporary session recording
• AI support
• Stack trace reconstitution
• ...
👉 https://t.co/tj72KXjAN9
Our new website is live 🎉
Check out https://t.co/1XhBsTS8Gs and let us know what you think:
https://t.co/Vt2UVM1oNY
Linux running in a PDF file via a RISC-V emulator compiled to JS
@assetnote @SLCyberSec My work on the novel SSRF technique that landed a critical payout at a Live Hacking Event: https://t.co/CTSTEtKiD1
Big update: Subdomain enumeration now uses separate quotas for each plan!
This means MORE data for the same price. Plus, our free tier still lets you discover hundreds of subdomains monthly - no payment required.
Check out the documentation https://t.co/ga1cJcupLK
#bugbounty
Guillaume Chouquet, fondateur et directeur de l'ESNA, viré de sa propre école par l'@Formation_bzh !!!
Je suis consterné et en colère.
C'est affligeant de prendre une telle décision quand on sait tout ce que le bonhomme a fait pour l'école et les alternants !
This is still v1, there's lots to improve and many gadgets to add.
If you'd like to contribute or have any feedback, please don't hesitate to reach out 😁
4/4
Each library page includes:
* Affected versions
* A short description
* Root cause of the gadget
* Related links
* Credit to the discoverer
* And even a preview button to play with the gadget live!
3/4
The wiki lets you filter gadgets by browser, tags, attributes, CSP, and timing, making it as easy as possible to find interesting vectors (at least I hope so!) 🔎
2/4
I'm happy to release a script gadgets wiki inspired by the work of @slekies, @kkotowicz, and @sirdarckcat in their Black Hat USA 2017 talk! 🔥
The goal is to provide quick access to gadgets that help bypass HTML sanitizers and CSPs 👇
https://t.co/SgsSyxoEMR
1/4
Today was my last day as a pentester at Bsecure, and it feels a bit surreal. After a three-year journey of hunting on the side, I’m finally ready to go all-in as a full-time bug bounty hunter.
To celebrate this milestone, I've written an article sharing the full story. It’s a transparent look at the path that got me here: the wins, the lessons, the real financial numbers, and my honest advice for anyone considering this adventure.
You can read all about my journey from pentester to full-time hunter here: https://t.co/g7yRBJDs1Y
There we go, after 3 years of work, endless nights of dev and a truckload of coffee. We are finally releasing the biggest project we've done in our entire life.
I hope you will like it !
DOMLogger++ v1.0.8 is now out and available! 🎉
This update includes several UX improvements, such as syntax highlighting and new shortcuts. Major changes have been made to custom types and several annoying bugs have been fixed 🚀
👉 https://t.co/sPjJmtdDeZ
I'm very happy to finally share the second part of my DOMPurify security research 🔥
This article mostly focuses on DOMPurify misconfigurations, especially hooks, that downgrade the sanitizer's protection (even in the latest version)!
Link 👇
https://t.co/Hg1MkqVuGw
1/2
I'm thrilled to finally share my research on HTML parsing and DOMPurify at @GreHack 2024 📜
The research article is available here: https://t.co/GIqy0hTCdR
The slides are available here: https://t.co/97iiZgoJqb
1/3
🚀 Exciting News
I just released a (dirty) Chrome extension that lets you load all chunks of a React app in seconds. Perfect for finding hidden features using Chrome's inspector or parsing .map files using your browser !
https://t.co/htrG7tsSUM
#bugbountytips #Pentesting
DOMLogger++ v1.0.5 is now out and available! It comes with new features, including the ability to remove response headers, a PwnFox integration, and much more 🔥
A new config file is also available for CSPT hunting 👀
More details can be found here 👇
https://t.co/ByfEnAUOk8
Pétition pour la fin du mouvement "NO DORMIRÁN"
https://t.co/5OmQdV5khi
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers