Olivia
Online
Wood Pixels Art
@PixelsWood
Joined September 2021
345 Following
18 Followers
300 Posts
@HackenProof worst feeling ever
Winners of the giveaway for a month of Claude Pro/GPT Plus subscription. DM @0xFireFist on X to get the reward and congratulations🥳
AI is a wildly powerful tool that you can use to take on great challenges. Use the full month wisely🫡
@georgi91757
@faruukku
@0xbube
@heavyw8t_
@soligxbt
@0xJason__
@Harvesto12
@Oxvexor
@stoyan_penchev
@atharv_181
@EGOi1STA
@0xgo4ko
@hsnmughal_
@oladoteth
@darmawanggg
@chain_linkd
@s1lent_sta1ker
@JayShugito
@crypt_jeff1
@0xfl3x
@acetaminofenol
@raihanmddd
@alxstai
@0xSyv
@SolidityDev
@s1lent_sta1ker
@h4ckl07d
@dvrvsimi
@flexwrapp
@SahilKaush33125
@leroooyjankins
@cosminm53
@geeceemmy
@AIRMALIEL
@R4Y4N3___
@MKryptoDev
@j4ycked
@xxiv_eth
@kalyan__tr
@cryptomv3
@jsmaxi666
@PixelsWood
@kingoooooX1
@paspe0111
@Albertfd1999
@satyaorz
@onehundredgees
@ozochukwucc
@dimobugs
Most people's security strategy is wrong. Speak to me on Telegram @ pashovkrum about yours.
Btw, we are giving away 50 (yes, 50) monthly Claude Pro/GPT Plus plans to people who RT the main post and tag a fellow web3 developer below. Good luck, results on Monday🫡
🤯An AI security tool has 1st-place performance on security contests from just 1yr ago. Solidity-auditor v3 is out, FREE & Open Source.
Thousands of Solidity developers are using the tool already. Upgrade your security baseline, use the tool🫡
https://t.co/SfxjuQ17gA
@p_tsanev can not wait to try it with Codex CLI
@Bugcrowd The filter uses urlparse(url).hostname.endswith(...), which can be bypassed because different libraries interpret "authority" differently.
The Payload
To hit a local service while bypassing the check: http://127.0.0.1#@internal.company.com
@intigriti The red flag is here:
format.json { render json: @users }
That returns all users as raw JSON, which can expose sensitive fields depending on the User model.
And the authorization is also badly designed:
unless current_user.admin? && request.format.html?
@0xcastle_chain can you share the protocol's source code to check from my side how many findings I can find with the help of AI?
@p_tsanev any plans to make codex version?
@p_tsanev does it support codex?
@Achraf_03_ excellent
@Achraf_03_ مفيد جدًا. شكرًا لك أشرف
@Achraf_03_ PYR, ARB, GMX
@pashov Learned a lot from you. Thank you
Since its launch a year ago, my web3 security company has both paid out to security researchers & profited >$1,000,000 USD. Secured Aave, Uniswap, LayerZero, Ethena.
We are celebrating with a giveaway. You need to like, retweet & comment. 4 winners, $500 each, 48hrs. Good luck🫡
@pashov I do understand quantum physics, How can I become a great security researcher?
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.2M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.8M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.4M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers