Olivia
Online
Shebu
@_sh3bu
Product Security @Philips | Masters in CyberSecurity @AMRITAedu
India
Joined December 2020
954 Following
896 Followers
1.8K Posts
Pinned Tweet
Happy to share that my first CVE (CVE-2024-41662) has been published !
Issue - Markdown XSS leads to RCE in VNote note-taking application.
Severity - 8.6 High
References :
1. https://t.co/bjPz3HZsd8
2. https://t.co/U4kvLM3cjN
3. https://t.co/Hpph2x63IJ
#CVE
@hackerfren Congratulations 🎉
https://t.co/ccb0UG1IxS
https://t.co/V0xPONLCqQ
CodeVulnHunt - A platform by my friend @C0d36x110 to enhance your code analysis skills. Do check it out !
Feel free to share your feedback and constructive opinions!
https://t.co/FZePAuyTMx
#CyberSecurity #ctf #BugBounty #redteam
Who to follow
Hac 
@Hac10101
🇮🇳 Hacker| CTF With Team:- @5h4d0wbr0k3r5 | Views are my own and do not represent those of my employers.
Anon_Y0gi
@AnonY0gi
A Medico-Yogi who hacks for fun (MBBS) | vCISO @Artelus,
Ex @Bugbase Triager. | Cyber Security Mentor and cybercrime investigator
https://t.co/PahRwlcM2p
TheGentlemanHacker
@mld_77
Nerd who likes Hacking, Programming, ITSec. CTF Player, Cyber Security Enthusiast
Cybersecurity Training: Real-World Code Review Challenges on CodeVulnHunt
https://t.co/zoD2vjuflJ
#bugbounty #bugbountytips #bugbountytip
Introducing CodeVulnHunt! 🚀 Sharpen your manual code review skills with real-world challenges and hands-on learning. Join the cyber community today! 🔐
Visit: https://t.co/GrietwyB6h
Medium: https://t.co/5fNo2WTxgU
#Security #infosec #BugBounty #CodeVulnHunt #ctf
🎁Monthly Giveaway🎁
Hack The Box 1-year VIP+ & 3-month Prolab
- Follow, Like, and Retweet to join!
- Winners will be picked randomly on 18 Mar.
#hackthebox #giveaway #projectsekaictf
New year giveaway! I am giving away 1 seat each for @AlteredSecurity's upcoming Attacking and Defending AD (CRTP) and Attacking and Defending Azure (CARTP) bootcamps starting on 10th and 11th January 2025.
Repost, Like and Comment to participate. I will share random winners on 3rd January 2025.
https://t.co/BG69lSjBny
#RedTeam #Pentesting #Azure
@Ashcryptoreal 🤞🏻
Pick a niche, become an expert, find bugs maybe even 0days or reverse n-days, and write blogs. Even if you don’t hit those $100k bounties, it’ll be a stepping stone toward a $100k job.
What niche? How to pick? Examples?
infosec being so vast from web3 sec to web2, mobile, desktop, recon, client-side, server-side, cryptography and so on. These are umbrella terms, but if we zoom in, there are specific areas where spending a lot of focused time will make you a top 20 expert -- 100% sure.
The key thing is, that the current top 20 experts in any niche will eventually be replaced as they get bored or burned out. This leaves room for you, and the easiest way to pick a niche is to learn from an existing expert in the niche, take inspiration, and grind to build on top of it.
1. For instance, I got into the client-side JS niche by following @terjanq’s work. From there, I went down even further to focus specifically on ElectronJS.
2. Another example: @rootxharsh and @iamnoooob their niche is in reversing n-days and finding new ones based on that knowledge. I don’t think anyone in India can compete with them on reversing n-days, writing blogs, and submitting findings to bounty programs.
3. And off the top of my head, @ajxchapman, from his tweets, seems to have a specific niche in V8 n-day exploits. I don’t think there’s anyone else in the web security scene who can write V8 exploits 😅.
4. Like @orange_8361 , pick a complex target and grind on it for months eventually uncovering mind-blowing findings.
5. Or, like @albinowax, choose a complex specification, such as HTTP, and find bugs from every aspect of it from top to bottom
(Sorry for tags xD)
I could list so many more people, but my point is this: if you look at the top bug bounty hunters or experts, there’s a pattern. Their blogs or tweets consistently focus on a specific niche (or two) for years and years. No one ever becomes a pro in a night.
How to Become an Expert in a Specific Niche?
Spend a lot of time. There’s no shortcut. Follow the work of the expert you picked for inspiration, read their blogs, dive into the blogs they learned from, and explore everyone else in that specific niche. Solve CTFs and write about them.
For example, not to make it all about myself, but just as an example. I’ve read every blog from the people I listed as inspirations(https://t.co/5MCSPeoygf) while learning client-side security.
If it’s taking time to understand, you’re likely on the right path. That’s where most people give up, so keep pushing. Just dedicating days to it will put you ahead of at least 100 others. It’s that simple.
Expert = Spent Time × IQ
Find Bugs or 0days, Reverse n-days, and "Write Blogs
Once you’re an expert, finding bugs will start to feel natural. But let’s be real, sometimes you might not get lucky. When that happens, reverse other n-days and write about it. I mean write about anything. Nothing gives you as much exposure as writing blogs: you’re helping others, plus you’re building a network that will eventually help you land a $100k job or $100k bounties.
@nnwakelam One for mee 😄
Frans Rosen was on the pod last week and dropped some mind-bending X-Correlation Injection research on us.
Including these gems on how to test for it...
1/7
🎁 Monthly Giveaway 🎁
Hack The Box 12-month VIP+ x1
- Follow, Like, and Retweet to join!
- Winner will be picked randomly on 3 September.
#hackthebox #giveaway #projectsekaictf
Made a Youtube playlist "Introduction to GCP Pentesting", Hopefully it will help people to break into GCP Security : )
https://t.co/OMb2Y2wwIa
#infosec
Completed Breaching AD network from Tryhackme ✅
https://t.co/TM5Oy8zLvQ
Everyone knows that the RFCs for email addresses are crazy. This post will show without doubt that you should not be following the RFC.
https://t.co/HL0g9f7QEA
The whitepaper is live! Listen to the whispers: web timing attacks that actually work. Read it here ->
https://t.co/cBRLNpOZ6y
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers