Olivia
Online
ensy
@ensyzip
ctfer with @BlackB6a, web player, programmer, high schooler
Hong Kong
Joined March 2023
225 Following
291 Followers
43 Posts
Pinned Tweet
Found a DOMPurify 3.2.3 Bypass on Chinese New Year!
Works when `SAFE_FOR_TEMPLATES` is set to true.
https://t.co/Isia1fr5Xn
Nice border radius there
@aidenybai the font reminds me of chatgpt image generation
@J0R1AN vouch
@ctbbpodcast Thanks @J0R1AN for escalating it – don't know how I am sleeping tonight with such a random discovery at 3am
Accidentally found an XSS on Adobe while listening to @ctbbpodcast 's public hackalong – might have to become a member now for more hackalongs😂
@siunam321 Reminds of https://t.co/IrYxd00mdi – this would perhaps be considered as 'parser differential between two different cookie parsers'? 😂
I'm happy to release a script gadgets wiki inspired by the work of @slekies, @kkotowicz, and @sirdarckcat in their Black Hat USA 2017 talk! 🔥
The goal is to provide quick access to gadgets that help bypass HTML sanitizers and CSPs 👇
https://t.co/SgsSyxoEMR
1/4
If you ask it to set an alarm, then click on the 'clock' widget that google assistant shows – there's a chance it reveals your alarms for a split second
Or is this just an issue with Nothing OS?
Apparently you can use google assistant with your phone locked?
Found that you can 'leak' alarms through google assistant; someone who gets hold of your phone could get a glimpse of the possible meetings/appointments you have – even without ever unlocking it🤔
Here's my review of this certificate and its course. Enjoy!
https://t.co/IBYQtOfUrF
First proper bug bounty :P
Thanks @GoogleVRP
RIP mXSS. (Or a new era of mXSS?!)
Never made anything when you were <14 award goes to whomever is running this account
Here's my research about Python dirty Arbitrary File Write to RCE via overwriting shared object files or overwriting bytecode files. Enjoy!
https://t.co/P3V2y0yGH9
#Research #WebAppSec
it's finally time...
this is css clicker, a fully-featured incremental game where your goal is to design your own personal website and get as many views on it as possible
the fun part? it's a pure-css game, meaning it has zero javascript or server-side code.
have fun!
vibe coders when the vibe is off
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.6M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers