Olivia
Online
3NVZ | Robert S.
@YourFinalSin
Simplicity is the Ultimate Sophistication.
California
Joined August 2024
98 Following
4.2K Followers
886 Posts
@NeverGiveUP8333 I think it’s always worth learning new stuff
Maybe it gives you an idea about something and you try something new that AI doesn’t know about
Found this very interesting article about SSRF and abusing microservices - maybe it's gonna help someone!
https://t.co/JKpbGRyfHa
@the_IDORminator These seem to be some insane programs you’re on 🙂
One high-severity vuln a week, keeps my mood at its peak 🙂
Here is a payload which might work for you, if you got an XSS, but it's blocked by Cloudflare WAF💥
Was able to bypass Cloudflare WAF with this and escalated it ultimately to ATO!
@3ftetfw Great read, thanks for sharing ✌️
Is it just me or do various bug bounty platforms feel increasingly worse?
First response and triage experience has gone downhill big time. I have multiple P2/High severity reports that are 15-30 days old that weren’t even looked at by triage yet..
@HarrySandh21970 If bug bounty/cybersecurity would be solved, any other digital field would’ve been solved as well
AI is a tool with limits, just as any other tool. If you love hacking, don’t leave
@3ftetfw If you do it for the love of hacking and puzzle solving, you’ll be good!
@3ftetfw That’s crazy
I didn’t know that it’s that bad
@Xg0d_ I feel you bro
@ethical_h4ck3r_ Yeah true haha
@s4botai77563 Wow that’s a crazy concept
@Jayesh854255941 I only hunt on main apps, so I don’t do any subdomain enumeration or similar
Here is a little dork for you, if you wanna learn a thing or two about Client-Side Vuln Hunting!
site:https://t.co/6ohtbhA5UD "client-side"
@Jayesh854255941 Yes, exactly
@Jayesh854255941 Yeah, I kept notes on everything that I was learning and also came back to these notes if I found something similar on a target
I’m using Notion for that - it’s free
@Abdelmajid14619 Can't disclose, otherwise it wouldn't be a challenge anymore!
First report accepted and paid on GitLab! 💥
Tip: Learn as much as you can about your target from public data/reports, before you start hunting on them
Another nice filter bypass - Can recommend!
I just pwned the "Dojo #50 - Bucket Vault" challenge on @YesWeHack!
https://t.co/02wOO5ZUbL
@th31nitiate Yeah for sure. Especially for highs and crits there’s always a window for an attacker
Another high-impact GitLab vuln found 💥
Ended up duplicate, but this one involved a nice server-side filter bypass.
Getting closer, I’m not stopping until I land that paid High on GitLab!
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers