Olivia
Online
Manaf
@manaaaaaaaf
Lausanne, Switzerland
Joined September 2024
190 Following
172 Followers
21 Posts
Deleting a Google API key doesn't revoke it immediately.
Our research found successful authentications up to 23 minutes after deletion across Google's infrastructure. During that window, attackers with a leaked key can still access enabled APIs, including Gemini.
Google closed our report as "won't fix."
Few months ago, @manaaaaaaaf and I decided to join @AikidoSecurity because there is no better place to build AI Pentest.
A platform to cover all security aspects is the only way to achieve unhackability. Aikido is now a ๐ฆ
Super proud to be part of @ProjectEurope_ !
Weโre building truly special at @haicker_app with my co-founder @pilvar222, super excited for whatโs next!
We're happy to announce we're backed by @ProjectEurope_!
These people are completely insane. So much energy and ambition! With them, we're cooking so hard @GordonRamsay would be proud.
Hack the planet!
For my French-speaking friends:
You can find the replay of the stream my co-founder @manaaaaaaaf and I were invited to, in which we talk AI stuff and present @haicker_app in action! ๐ฅ
Thank you @TheLaluka for the invitation! โค๏ธ
It's finally out! :D
@manaaaaaaaf and I have been building @haicker_app for the last 6 months, putting all our knowledge and skills into it.
We're releasing it to the market. Any organization can now secure their application using @haicker_app !
Very excited for what's next!
Iโve been working on this for a while with @pilvar222, happy that we are launch !
Book a demo with us to get access at https://t.co/1rR3TU9N87
Introducing Haicker: your AI penetration tester
Continuous, automated vulnerability scanning for your web codebases.
Cheaper, faster, and more efficient than traditional pentesters.
Book a demo now, link in the comments.
Hey ! This is a combination of both SAST and DAST. The agent will have both the code and an isolated instance of the website. It will be able to identify the vulnerabilities better than traditional SAST thanks to increased context comprehension while maintaining a 0% false positive rate by testing its exploit on the instance
My friend @manaaaaaaaf and I have created an AI hacker! ๐จโ๐ป
It can find 0-days in web applications with 0% false positives, and it also works on CTF challenges!
What you see โฌ๏ธ is @haicker_app solving a web challenge from UMassCTF 2025 (only 45/557 teams were able to solve it!)
Waitlist is open, sign up for early access ๐
๐https://t.co/FfX6dmrajO
@lovable We're building a tool to fix this ! https://t.co/1rR3TU9N87
We're fixing vibe coding mistakes, you can now have your own AI hacker that finds the vulnerabilities before the code gets shipped in prod
โSo is it over or, are we back? It canโt be both. You have to call it.โ
@kuba_developer @peer_rich unfortunately, you canโt use components which start with a lowercase letter, because jsx will automatically assume this is an html tag even if you have a defined variable
Example: <a/> will transpile to jsx("a", {}) instead of jsx(a, {})
just use LinkIcon lol
it may be that today's large neural networks are slightly conscious
@MarkusEicher70 @czue @Hetzner_Online Performances are also very unpredictable. During December, one of my vps was taking 30 seconds for an ssh login. I asked them about it and they said they were aware but did not do anything.
@MarkusEicher70 @czue @Hetzner_Online okay, random comment but contabo locked me out of my main vps for 2 days this weekend, and their support were silent, you should definitely change ASAP, they're very unhelpful
I'm now moving everything to Hetzner, their dedicated (AX41-NVMe) are so affordable for what you get
@BatkuEst @nyaathea @dx9er The probability is 1 - (1 - 1/10^6)^tries.
500k tries and you have 39.34% chance of recovering
If they do > 693,146 random tries, they have a 50% chance of getting their account back.
Here, it really depends on the Discord rate limit and IP bans, to get it "under 20 years"
Research into a unique 0-click deanonymization exploit targeting Signal, Discord and hundreds of platform ๐งต
@nathan___gage @idolmomentum you can store values before Unix epoch using signed ints (e.g. -2208988800 for 1st jan 1900).
They are probably just using a signed int64 for timestamp
๐ช๐บ The European Cybersecurity Challenge 2024 kicks off tomorrow in Turin, Italy ๐ฎ๐น
๐ Read the opening press release on: https://t.co/3NSFzHUMlg
#ECSC2024 #Cybersecurity #Challenge #CTF
@CyberSecNatLab @csirt_it @enisa_eu
Last Seen Users on Sotwe
NaughtyKristian
Seen from Spain
uลak sakso sever
Seen from Turkey
OaklandTop 
Ma'in
Seen from Indonesia
๐ง๐ปโโ๏ธ๐จ๐ฉท
Seen from Ireland
KรTAHYA DPร VE SWฤฐNGER PAYLAลIM ฤฐTฤฐRAF
Seen from Turkey
Alp Sert
Seen from Turkey
Pasutri Fantasi
Seen from Indonesia
khusus bokep jepang +18
Seen from Thailand
madamnangfa
Seen from Thailand
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.2M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.3M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers
โจ
โญ
๐ซ