Olivia
Online
HN Security
@hnsec
Penetration testing, red teaming, and security by design delivered by world-class cybersecurity experts.
Italy
Joined December 2020
5 Following
269 Followers
156 Posts
To wrap up #BurpExtensibilityMonth initiatives, our Research Lead and #BurpAmbassador @apps3c just released AI Reporter, a Burp Suite extension that brings AI-powered automation to penetration test reporting using Burp AI or a local Ollama instance.
https://t.co/9maqrGYyko
As part of #BurpExtensibilityMonth initiatives, last week our Research Lead and #BurpAmbassador
@apps3c gave a talk titled “Restoring testability: Handling complex scenarios in Burp Suite with a custom extension”.
Video, slides and code:
https://t.co/CVPAcMDm2V
#HNSecurity has brand new headquarters in #Turin!
A bigger space. A proper hacking lab, because our researchers deserve the right playground.
And ('cause we're Italian and we have our priorities straight 🇮🇹) a well-equipped kitchen. 👨🏻🍳
https://t.co/6W6yI9BYig
As part of #BurpExtensibilityMonth initiatives, our Research Lead and #BurpAmbassador @apps3c is joining @PortSwigger on @discord later today for “Restoring testability: Handling complex scenarios in Burp Suite with a custom extension”.
Don’t miss it!
https://t.co/FV2PcKKlYu
Who to follow
Federico Maggi
@phretor
Cybersecurity engineer, researcher, and advisor with broad technical and scientific experience on designing, analyzing, and testing security-critical systems.
Federico Dotta
@apps3c
@[email protected]
tonghuaroot
@tonghuaroot
Staff Security Engineer. Cyber Security enthusiast, not Hacker. Focus on Application Security, Penetration testing. #OSCP #OSEP #MSCS #RedTeam #AppSec #WebSec
Next week for Extensibility Month on Discord 👇
📥 Submitting extensions to the BApp Store
📝 Writing your Burp extension
🗣️ “Restoring Testability: Handling Complex Scenarios in Burp Suite with a Custom Extension” with Burp Ambassador, @apps3c
🆕 Deep dive on Swapper with the author, Dave Blandford
Join us on Discord as we continue celebrating Burp Suite extensibility and the community building around it.
https://t.co/7y24n18mpU
To celebrate the @Burp_Suite Extensibility Month, the tenth article of the series "Extending Burp Suite for fun and profit - The Montoya way" is out! The topics of this tenth part is "Burp AI"!
Stay tuned for a new extension on the topic on @BApp_Store!
https://t.co/BwMuePkrSu
To kick off his collaboration with @PortSwigger as a Burp Suite Ambassador, our Research Lead @apps3c just published the 10th article on the creation of extensions for @Burp_Suite. Topic: Burp #AI!
https://t.co/PErtADr0l4
🚀 Extensibility Month is launching on the PortSwigger Discord!
Join us for a month of events, resources, and community discussion all about creating, sharing, and getting more from Extensibility in Burp Suite.
#BurpSuite #BurpExtensibility
Meet the Burp Ambassadors: @apps3c 🇮🇹
Federico Dotta is an offensive security researcher with a deep focus on Burp Suite extensibility.
#BurpAmbassador #BurpSuite #BurpExtensibility #BApps
You’ll soon see Burp Ambassadors contributing research, events, educational content, and community initiatives around the world. Read the full blog 👉https://t.co/ddAuZ70BnY
Introducing the official Burp Ambassador Program! 🧡
@0xTib3rius @rana__khalil @apps3c @hAPI_hacker @soyel_mago
#BurpAmbassador #BurpSuite
[1] https://t.co/phRbq0RAIy by @danielklischies @nSinusR @noopwafel et al.
[2] https://t.co/hU5PRRSLZt by @binarly_io
[3] https://t.co/0FMegk7Wi6 by @evilsocket
[4] https://t.co/jEQNKDSYjJ by @0xdea
[5] https://t.co/R4hkE2m3J2 by @mahal0z @AnantaSoneji @adamdoupe et al.
[6] https://t.co/JM4aHA8jn5 by @onekey_sec @qkaiser
happy new year 🚀
once again, I want to kick off the year by sharing some of my favorite firmware & low-level security research of 2025:
BaseBridge: Bridging the Gap between Over-The-Air and Emulation Testing for Cellular Baseband Firmware [1]
Another Crack in the Chain of Trust: Uncovering (Yet Another) Secure Boot Bypass [2]
TP-Link Tapo C200: Hardcoded Keys, Buffer Overflows and Privacy in the Era of AI Assisted Reverse Engineering [3]
Streamlining vulnerability research with IDA Pro and Rust [4]
An Empirical Study of Human–LLM Teaming in Software Reverse Engineering [5]
Understanding RTOS Firmware [6]
![pr0me's tweet photo. happy new year 🚀
once again, I want to kick off the year by sharing some of my favorite firmware & low-level security research of 2025:
BaseBridge: Bridging the Gap between Over-The-Air and Emulation Testing for Cellular Baseband Firmware [1]
Another Crack in the Chain of Trust: Uncovering (Yet Another) Secure Boot Bypass [2]
TP-Link Tapo C200: Hardcoded Keys, Buffer Overflows and Privacy in the Era of AI Assisted Reverse Engineering [3]
Streamlining vulnerability research with IDA Pro and Rust [4]
An Empirical Study of Human–LLM Teaming in Software Reverse Engineering [5]
Understanding RTOS Firmware [6]](https://pbs.twimg.com/media/G9lylIbXgAg1wye.jpg)
In this latest article in our long-running series on #BurpSuite #Extension #Development, @apps3c illustrates how to extend the Active and Passive Scanner in your favorite #WebApplication #PenetrationTesting tool with Custom Scan Checks:
https://t.co/dA1odbIkoc
Check it out!
Hey developers and vulnerability researchers!
I'm working on improving my C/C++ #Semgrep ruleset, and I've just published the v1.1.0 release: https://t.co/UQpsnQ8Grv
Please test it inside and out, open issues or submit PRs. Aiming for a major release sometime before spring.
Our senior security analyst @0x_nope has published a follow-up to his popular #Groovy Template Engine #Exploitation writeup:
https://t.co/wDLxybF3v1
Check out some new practical exploitation tricks that he figured out while working on a real-world scenario.
I released an updated version of Brida (0.6), fully compatible with @fridadotre >= 17! You can download the new release from GitHub and soon from the @Burp_Suite BAppStore.
https://t.co/OHXuYMkhNu
#Brida 0.6 is here! The bridge between #BurpSuite and #Frida is now fully compatible with Frida 17+.
For users who still rely on older Frida versions, Brida 0.6pre remains available on GitHub.
https://t.co/wchgATzvDF
Coming soon to the BApp Store (pending approval).
If you’re into #ReverseEngineering, #VulnerabilityResearch, or #Rust, don’t miss @0xdea’s latest:
Streamlining Vulnerability Research with the idalib Rust Bindings for IDA 9.2 💻 🦀 Now live on our restyled blog!
https://t.co/nHOxQoGnFs
Last Seen Users on Sotwe
Sen ben
Seen from Turkey
nice
Seen from Thailand
Elif KARAARSLAN 
Seen from Germany
Noor Shah
Seen from Pakistan
乐天
Seen from Malaysia
Donia Somrani
Seen from Sweden
I like Chubby Girl Only
Seen from Malaysia
Sham❤️🤭
Seen from Saudi Arabia
GoonEnjoyer
Seen from Turkey
Nakal Malaysia
Seen from Malaysia
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers