Olivia
Online
Aníbal Irrera
@airrera
Security Researcher at @Immunityinc @AppgateSecurity
Joined December 2009
850 Following
280 Followers
377 Posts
Pinned Tweet
I wrote a blogpost about Misconfigurations in Java XML parsers that can lead to security vulnerabilities.😀 #xxe #ssrf #infosec #pentesting Check out here:
Check out Immunity's blog post:
Misconfigurations in Java XML Parsers by Anibal Irrera
https://t.co/GgOelHfTm8
@gnuler Awesome work Mati! Congrats!
XBOW autonomously discovered CVE-2024-50334, a critical authentication bypass in Scoold, an open-source Q&A webapp used by major companies like Cisco and IBM. Our latest blog post details how it found the flaw: https://t.co/FBgT8R9dXR
This is an experiment we did with all the benchmarks, removing descriptions showed us that XBOW performs just as well as with descriptions.
This is one of my favorite examples, it is fully capable of understanding how GraphQL works and exploit an IDOR creating custom queries
Who to follow
Niemand
@niemand_sec
Security Researcher at @xbow - Founder at @SwordBytesSec - Ex @immunityinc - #BugBounty hunter https://t.co/x39yDRfZoA - Blog https://t.co/5P8YS1OKbh
Leandro Barragan
@lean0x2f
Offensive Security Researcher @XBOW | A.K.A. none_of_the_above | https://t.co/zhzGBvicK7 | https://t.co/XyZBK7PHlW
alex
@insertScript
@[email protected] # https://t.co/liE6hop4OX Array(10).join('a'-1)+ Batman! #Cure53
Se viene la World Cup de @Hacker0x01 de nuevo🚨🚨
- Queres participar de scopes copados?
- Queres ganarte entradas a los LHE?
- Queres ser parte de la comunidad?
Comenta este tweet o manda DM. Tambien podes unirte a https://t.co/DX5pASW2i1
Se agradecen los retweet 🙏
@nicowaisman That's great! Congrats Nico!
Latest Anvil blogpost on how @Alex91dotar and I found two new CVEs in GOG Galaxy 2.0 is right out of the oven! I can stress enough how much I enjoy merging my passion for gaming with my passion for security!
Give it a read and tell us what you think!
https://t.co/PERpaOsgIH
Gente se viene la World Cup de nuevo! Con premios que todavia no puedo contar pero que estan 🔥🔥
Tenes ganas de participar y conocer mas gente de la comunidad? Comenta asi te agrego al discord de @Hacker0x01.
Mas info pronto, stay tuned! #BugBounty
Se agradecen los retweet 🙏
¿Queres aprender sobre hardware hacking? ¿Tu empresa o productos utiliza hardware de terceros y no sabes cómo auditarlos? ¿Tenes dispositivos IoT en tu red y queres hacer un pentest? Anótate en mi training de la @ekoparty y aprende de forma práctica.
https://t.co/UgVb6aAJeM
Just opened 8 bugs I found in Windows Credential Guard. Ranged from arbitrary code exec in VSM to Kerberos key disclosure attacks. Probably my favorite was abusing the NTLMv1 API to leak an AES128 key which is what I was cracking in the quoted tweet😁 https://t.co/Vxm3qW6NGM
Querés aprender sobre sistemas embebidos para arrancar un research o aplicarlo a tu laburo? Confía tranquilo que @6e726d te puede dar todas esa sabiduría en este curso de la Eko! Puro 🔥, no te vas a arrepentir!
Unsafe .Net Deserialization in Windows Event Viewer! This is a by-product of my research. Has confirmed with MSRC that this didn't cross any security boundary, but I guess it could still be another fun #LOLbas or Defender Bypass.😆
#Spring4Shell details are now public, It is an old ClassLoader Manipulation. Actually, CVE-2022-22965 is just a bypass of the 12 years old CVE-2010-1622 (https://t.co/QszwfgHCr1)
Dejamos la slides de las charlas que se dieron en @securityjam
@airrera - Analizando XXE
@MrNox_ - How not to win Pwn20wn
@pastaCLS - Gif2png Memory Corruption
@SecSignal - Escalating Firmware Vulnerabilities
🔗Link: https://t.co/XE3F2FQDKi
#securityjam
Muchas gracias a la organización de la @securityjam y en especial a @intthree por el regalo para los speakers! Gracias Albert! Hermoso! 😊
🚨Cerramos el Line-Up de JAM 🚨
⚡️T-R-E-M-E-N-D-O⚡️
⚠️SOLD OUT⚠️
Speakers🗣️
@airrera
@MrNox_
@pastaCLS
@SecSignal
ArtistX🎤
@luvitorres
Streaming Twitch📽️
@Age_Of_Entropy
Sponsors🦾
@pucara @faradaysec @Immunityinc @hackmetrix
📢Abrimos los CFP 💌
👋Veni y contanos que estas haciendo. Como intentas innovar o como fallaste intentando. Como buscaste un bug o simplemente algún tema que interese dar. Mientras este levemente relacionado con la seguridad informática ,todo vale.
🚨🚨🚨18 de Marzo , 18.30HS🚨🚨🚨
🤖Security Jam 2022 - Edición Marzo 👾
Mini-charlas levemente relacionadas con seguridad.
De gente 🧠y con much@ ❤️🔥 para dar.
🙏No te olvides de tu entrada para la para las consumiciónes, se acaban rápido. 👇
https://t.co/XY046MSX1q
Last Seen Users on Sotwe
Leya Desantis Official 
Seen from Kuwait
الشقيق 🤍❤️💚 عمر بن عبدالعزيز
Seen from Saudi Arabia
BGY
Seen from Turkey
I Love old man
Seen from Germany
🇬🇹Aportes GT🇬🇹 🤫
Seen from United States
ชอบเย็ดสาวใหญ่แม่หม้ายสาวอวบ
Seen from Thailand
socounty
Seen from Netherlands
urstepbro
Seen from Malaysia
Azgınlar kulübü
Seen from Turkey
Barkat Pathan
Seen from Netherlands
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers