Olivia
Online
One more
@rom1_
COO @yeswehack // Tweets are my own
Joined June 2012
289 Following
1.1K Followers
2K Posts
Save the date! @swisspost’s 2025 Public Intrusion Test starts on 28 July 🚨
💰 Rewards up to €230K - with the highest payout to date at €40K
🎯 Bonus of €3K for the first 3 confirmed reports
🆕 Write-in fields now in scope
Test the e-voting platform: https://t.co/BnKvuz4Tkw
🇪🇸YesWeHack is honoured to support #DanaCONSolidario, an online cybersecurity conference dedicated to raising funds to help those affected by the recent floods in Spain.
🎯More specifically, we are supporting an online #LHE being held this weekend, involving around 50 ethical hackers and a dozen of our clients.
💰All bounties awarded during this event will be donated to NGOs active in the regions impacted by DANA floods.
🙏 We would like to thank our customers and all participating bug hunters for joining this cause, as well as DanaCON Solidario for organising this event.
🫶Our thoughts remain with all the flood victims. If you would like to contribute to this initiative, please visit the event website: https://t.co/VO6siJP7d9
Have you noticed? @openxchange has boosted the rewards grid for its @powerdns #BugBounty Program to €8K 💰
#PowerDNS is an #OpenSource DNS server offering domain resolution & network security features – plus a wide attack surface to explore 👾
👉 https://t.co/j1plPqSRo3
💡Create SSTI payloads despite being limited?
Our latest research by @Brumens2 reveals unique ways of creating powerful payloads for popular template engines and achieve RCE with limited resources!
#YesWeRHackers #bugbounty
https://t.co/SxcbZlrMPP
Who to follow
Geluchat 
@Geluchat
Baptiste Devigne | Bug Bounty Hunter | Best Hacker and Best Team H1-813 | Best Team H1-0131 (AWS) | Eradicator H1-6102 (Salesforce)
leHACK
@_leHACK_
🗓️ #leHACK 2026 // June 26-27, 2026 // 🎟️Tickets : https://t.co/RW40frdN13 // 📍 https://t.co/YNCuc1Jq03
Hisxo
@adrien_jeanneau
📍 @yeswehack (aka Hisxo) - I love to break things (and I'm paid for that) - Bug Hunter
🔗 Check my Github repository https://t.co/Sj3prhiZyu
#BugBounty
New hunters: "I want more invitation for private program, there is no more vulnerabilities on public programs, everyone already hunted on it!"
Meanwhile, the experienced hunters 👇
today with @Brumens2 we received a 50,000€ reward for discovering a bug in a public program !! don't be shy, go hunt in public programs too
@yeswehack ʚ(。˃ ᵕ ˂ )ɞ
🤩 Experience our #LiveHackingEvent with @LouisVuitton! Held at their Paris HQ, #HMIF2 was an outstanding 30-hour journey for everyone involved. Thanks to the #LV_NEO team, participating hunters & all partners for making it a success! Here’s how it went 👇
#LHE #BugBounty
🔓 Abusing AWS S3 Bucket Permissions 👇
AWS S3 buckets are popular targets for hackers due to potential misconfigurations and improper access control. Let's dive into the techniques attackers use to identify and exploit vulnerable S3 buckets!
1️⃣ Bucket Recon: Spot S3 buckets URLs via source code inspection (HTML & JS files), brute-forcing, Google dorking (site:https://t.co/LwMj0To8Xl "company_name"), DNS caching, or reverse IP lookups.
2️⃣ Permission Testing: Use AWS CLI to test permissions. For read (aws s3 ls s3://[bucket-name] --no-sign-request) and write (aws s3 cp localfile.txt s3://[bucket-name] --no-sign-request).
3️⃣ ACL Exploration: Retrieve bucket/object ACLs (aws s3api get-bucket-acl --bucket [name]) and test WRITE_ACP by attempting to set new ACLs.
4️⃣ Full Control Abuse: Look for FULL_CONTROL permissions to read, write, and modify ACLs. Exploit any authenticated AWS client access by using your AWS profile in the CLI commands.
5️⃣ Policy Misconfigurations: Identify overly permissive policies (e.g., Action set to "*") and recommend granular, need-based permissions.
By trying out these tricks, you may be able to effectively identify and report misconfigured S3 buckets, helping organizations secure their sensitive data in the cloud!
#BugBounty #YesWeRHackers #BugBountyTips
Today, a public bug bounty launched for @SequoiaPGP , supported by the #BugResilienceProgram on the @yeswehack platform: https://t.co/NPZPAMjVzO
We're funding the discovery of vulnerabilities by researchers, as well as the fixes by FOSS projects. 1/2
3 down, 6 to go on our hunter's bucket list! ✅
The latest win? Getting an OS command injection report accepted on a public #BugBounty program. Big congrats - this was no small feat 👏
Hunters: keep it up and win exclusive swag packs!
#YesWeRHackers
The Dojo challenge - Terminal isolation is still alive and ready to be pwned by you!🫵
Solving the challenge is a great start for new hackers to increase their chances of getting more private invitations.
➡️ https://t.co/KK3IEi69nb
#YesWeRHackers #bugbounty #CTF
To all our bug bounty hunters: this is a way to improve your daily automation with @Burp_Suite by combining passive and active scanning to detect potential vulnerabilities in your target 🕵️💻
Find out more here : https://t.co/Y9UnySyyCL
#YesWeRHackers #bugbounty #bugbountytips
🚨🔐Pirater FranceConnect pour renforcer sa sécurité, c’est tout l’objectif du programme de Bug Bounty de la DINUM mené avec @yeswehack pour FranceConnect, FC+, AgentConnect & Tchap.
📢 Experts en sécurité informatique, contribuez et rejoignez-nous : https://t.co/g1RFWE4sdU
🎵🎄 All I want for Christmas is… swag! For the holiday season, we've put together a #YWHAdventCalendar. Get ready for exciting surprises, insightful info, thrilling challenges & the chance to win great prizes!
Rules: https://t.co/Xq2gOVuseR
Let's have fun before XSSmas!
Game time, hunters 🌟
Somewhere on our platform hides a soon-to-be-unveiled feature that tells YOUR story! Before the big reveal… can you spot it first? 👀
Use some tricks & share your findings here! We’ll randomly select a winner to receive exclusive swag 🎁
#YesWeRHackers
🤩 Hey hunters! We're currently testing a new custom chatbot!
It's still in early stages, but we'd love your initial thoughts.
➡ ChatGPT Plus users can try it here: https://t.co/V4fvpG2cHQ
Your feedback can shape its future! #YesWeRHackers
@FlUxIuS Easy to park
🔥 It seems that @Brumens2 is having quite a bit of success in Argentina!
If you're at @ekoparty and want to discuss hacking and #BugBounty with him, head over to booth 29 until Friday!
Exploiting DOM clobbering for #XSS?
You can try to overwrite JavaScript methods to manipulate the JavaScript code. This is difficult to protect against and can sometimes lead to a successful exploit! 💸
The image below shows an example of a simple DOM clobbering scenario.
Last Seen Users on Sotwe
Towkem3
Seen from Thailand
Karlos Ferr 24cm 📍SP 01/06 - 09/06 JUN
Seen from Brazil
resim paylaşım yeri 😉kızlar fotolarınızı atın😉
Seen from Turkey
痛腚思痛
Dụ trai thẳng 400k
Seen from Vietnam
فحل المطلقات جيزان
Seen from Egypt
MissQuinnCarter- Southern NH
Seen from United Kingdom
Hunter
Seen from Portugal
অচেনা মানুষ
kaizu07
Seen from Vietnam
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.7M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.2M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.6M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.2M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.3M followers