Olivia
Online
Nishacid
@Nishacid
Cybersecurity enthusiast | Bug Hunter 🪲| Staff @rootme_org | @GrehackConf 🏔️ | CTF @RMUBYGG 🇫🇷
France
Joined May 2019
257 Following
1.6K Followers
734 Posts
Pinned Tweet
Hey Folks ! 🏔️
Here is writeups for all my challenges of @GrehackConf CTF
- https://t.co/mIBDwA6vfV
It was great fun to create them all, thanks to all the participants and we hope you enjoy them.
I'm looking for feedback and don't hesitate to DM me if you have any questions 💚
Nouvelle vidéo sur le leak ANTS.
Une faille IDOR a été évoquée. On voit ensemble ce que c'est concrètement, pourquoi c'est une faille basique, et ce qu'on peut en tirer.
https://t.co/P4pD7VpWGE
Hello dear Root-Me community,
We're aware of claims circulating on a hacking forum about a Root-Me data leak. We've obtained and analysed the files in question, and here's what we found.
No user data is affected. The files contain only challenge source code, no passwords, no emails, no personal information.
This is an old leak. Several years ago (prior to 2018, so nearly a decade old), a vulnerability allowed challenge sources from a specific server of ours to be extracted, and someone did exactly that at the time. The material surfacing today appears to originate from that incident.
We've since fixed the underlying issue by hardening challenges and ensuring they were all properly sandboxed. There's nothing for our community to action, but if you have questions, we're here to answer them.
We thank you all for the responsible reports that brought this to our attention.
The Root-Me Team
I started playing CTFs in 2022, and LLMs definitely changed the **competitive** CTF scene a lot, especially since mid-2025. I also started using LLMs in late 2025. Yes, those models did one-shot many challenges, but what's the fun of slopping them? I learned absolutely nothing 🥲
Who to follow
GUILLET Lionel
@L_Guillet
Management de la Sécurité de l'Information - Protection des données à caractère personnel - Plan de continuité d'activité ....
Laluka@OffenSkill
@TheLaluka
Sharing is Caring, Hacker, Eternel Learner, Cat! =^~^=
Kai Roer
@kairoer
Author, speaker, trainer, advisor. Creator of the Security Culture Framework. Inspiring leaders worldwide. Motorcycles, food, cybersecurity. Whats not to like?
LE WEB A CASSÉ en DÉCEMBRE 2025.
React2Shell, MongoBleed, Livewire... les piliers d'Internet se sont effondrés. 💥
J'ai invité les chercheurs de chez @Synacktiv, @_Worty et @_remsio_, pour décortiquer la RCE sur Livewire (CVE-2025-54068)🛠️
https://t.co/67QcHXWWLV
Combien on gagne VRAIMENT en Cybersécurité en 2026 ? ��
J'analyse toutes les grilles de salaires (CDI vs Freelance) et ce qu'il reste vraiment dans ta poche. ⤵️
https://t.co/y2nDznQEWA
😤 "Punaise encore une fuite... Cette année, c'est décidé, je me lance dans la cyber !"
Ok, mais par où commencer en 2026 ? Le marché a changé et le diplôme ne suffit plus.
Dans cette nouvelle vidéo, je vous donne la roadmap exacte 👇👇
https://t.co/hjOUxphX2l
#CyberSécurité
Nominations for the Top 10 (new) Web Hacking Techniques of 2025 are now live! Review the submissions & make your own nominations here: https://t.co/gt0bIlqyX5
The community have the burden of exposing the frauds in our industry - so let's go!
@theXSSrat content is a non sense, he doesn't have the proper skillset nor any credibility in the field to be in a position to either create courses, mentor, or teach anything.
#bugbounty
🇹🇼 J'ai organisé la finale des "JO du Hacking" à Taipei !
Le défi fou des WorldSkills Asia ? 🤯 avec @rootme_org
6 jours de config, de stress et de passion à découvrir dans mon nouveau Vlog 👇
https://t.co/wpJyLbE5sk
𝙿𝙰𝙶𝙴𝙳 𝙾𝚄𝚃! #𝟾 𝙳𝙴𝙰𝙳𝙻𝙸𝙽𝙴: 𝟺 𝙹𝚊𝚗𝚞𝚊𝚛𝚢 𝟸𝟶𝟸𝟼 𝙴𝚘𝙳 𝙴𝚘𝙰
Save the date if you're planning to write an article or showcase your digital art in the next issue of our magazine.
https://t.co/8GiM1IwmHD
P.S. We're looking for sponsors for issue #8 as well.
GreHack is this Friday & Saturday!
Friday: Talks all day + workshops 6–9pm. At the same time, join our Evening Social & Apéro . Everyone’s welcome, drop by anytime or come after your workshop to meet attendees, chat, and relax.
Saturday: CTF , 8-hour competition for all levels
🔥 Docker n’est PAS sécurisé : la vérité que personne ne vous dit
Dans ma vidéo :
• docker.sock exposé
• --privileged
• capabilities dangereuses
• root dans les conteneurs
• images non durcies
👉 Comment sécuriser Docker (et éviter la catastrophe) : https://t.co/2cBmcdE4cx
Hey folks, welcome to the traditional "sponsor week" 🎉
We will be posting daily to thank each and every one of our sponsors for their support during this year's edition #GreHack25, but you can find them at any time on https://t.co/QVAcwRtU5h 🤝
🚨 Une journée dans la peau d’un hacker éthique 💻
Entre audit, tests d’intrusion et vie de consultant en remote, je t’emmène dans les coulisses du pentest 🔍
🎥La vidéo est dispo ici https://t.co/4zXCABya5s
Hier, le cloud AWS tombait
Mais il y a peu, le cloud Microsoft a frôlé bien pire : une faille (CVE-2025-55241) qui permettait d’usurper n’importe quel compte Entra ID - jusqu’au Global Admin
Explication & démo
https://t.co/yzcifFMACb
#EntraID #AzureAD #CVE2025 #CloudSecurity
Next IRL-Time - Save The Date ! 🤯
- Quoi : Pré-Event GreHack : @rootme_org x @OffenSkillCorp 💣️
- Pourquoi : Plus de potes, Plus de binouzes, Plus de rumps WTF 😏
- Quand : Jeudi 27 Novembre à 19h 📅
- Où : Tonneau de Diogène à Grenoble 🗺️
Orga :
- 🌱 Soumettez vos rump à @Nishacid ou @TheLaluka en DM 🌱
- 🍻 RM x OSK régalent les premières planches et tournées 🍻
- ⚠️ Framadate RSVP, 50 places MAX ⚠️
https://t.co/L84gdxXmMP
💣 We caught @ycombinator–backed @gecko_sec stealing two of our CVEs, one on @ollama , one on @Gradio.
They copied our PoCs, claimed CVE IDs, and even back-dated their blog posts.
Here’s the full story 👇
Hey Folks,
Many of you asked for it, and we did our best to open up some extra tickets
📅 SAVE THE DATE: Saturday, October 18 at 2 PM UTC+2, the second batch of ticket sales!
There will once again be a few tickets available, make sure to be on time this will be the last one!
🎉Happy to realease HExHTTP v2 !🎉
https://t.co/rKm7WZzeBS
Thanks to @KharaTheOne @Geluchat @Nishacid @__PH4NTOM__ for the help ! 🙏
& Thanks to BB FR community ! 😁
Have Fun & Hack the Planet ! 🌍
( & If you would like to contribute, pls feel free to give a little coffe :)
Hello World :)
Ever worked on a Windows RemoteApp?
Me neither...Until recently !
Here’s what I learned:
https://t.co/97LPbgeOkl
#BugBounty #AppSec
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.2M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.4M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.1M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers