Olivia
Online
Jordi Alba
@root_expert
Bug Bounty Hunter | Penetration tester ☢
Azerbaijan 🇦🇿
Joined October 2017
389 Following
66 Followers
409 Posts
@d4rk_intel @osintnewsletter And another info from me about Protonmail:
https://t.co/dAcCMAZaGq (proton mail) (change 1 to i)
Give like this: info:1:1 pub:cc0322777176da3a4a4d9916e4f32c96c55663a4:1:2048:1527584191::
Go -> https://t.co/u5PpwzntHc give 1527584191
Result: 29.05.2018 8:56:31
@d4rk_intel @osintnewsletter thanks fine article. But I think now problems
in osint around Tiktok account
This video contains the main methodologies attackers use to hack Wordpress websites
RDP Stealer with Windows Defender Bypass
Who to follow
Manan Sapariya
@maxx_191
Ethical Hacker | Bug Hunter | Security Researcher🧑🏻💻 Acknowledged - Microsoft, Google, Gitlab, Zoho, HP #NeverGiveUp
Abdalla Abdelrhman
@0x2nac0nda
Security Engineer | Binary Exploitation | Code review (PHP, Java,Python) | Code | Web & Mobile PT | Digital Forensics | #HTB | #CTF Player
Trilok Dhaked
@Tr1l0kDh4k3d
Radhe Radhe ❤️ ��� Jai shri krisna ❤️🙏
Farmer🚜🇮🇳 ⛳🚩#05 #bharatpur
Product Security Engineer @nanoheal
Founder & CEO: Building @InfoSec_Securit
How To Investigate A Telegram Channel, User, or Bot In 2026
Educational OSINT techniques for cybersecurity professionals and threat researchers.
Focus > Public channels, metadata extraction, and ethical investigation frameworks.
#OSINT #CyberSecurity #ThreatIntelligence
Every 3rd website you visit runs Nginx.
18,959,833 of them can be hijacked right now.
A bug from 2008 just got a working exploit.
CVE-2026-42945 (CVSS 9.2)
No login. No access. Just one HTTP request.
→ Heap overflow → Worker process → RCE
Patch ASAP to Nginx 1.31.0 or 1.30.1
PoC is already out:
https://t.co/O4556KGjqD
"Copas, como você faz pra enviar o tráfego de uma aplicação desktop pro burp?"
Se você fica me fazendo essa pergunta todo dia, aqui tá sua resposta meu querido, um tutorial completo sobre como utilizar o Proxifier que é a ferramenta que eu uso para enviar o tráfego de uma aplicação desktop pro meu burp!
O processo é bem simples:
➞ Baixa o proxifier
➞ Configura o proxy server com os valores do vídeo
➞ Configura as regras e coloca o .exe da aplicação
➞ Abre o Burp e seja feliz
RT + Like pra me incentivar a continuar trazendo conteúdo bom pra vocês
🔥api restriction bypass using fake parameter☠️
/api/public => unauthorized
/api/public/latest?anything=/api/public => 200ok
you can FUZZ like:
?admin=true,
?bypass=1,
debug=true,
OR add header “X-Custom-IP-Authorization: 127.0.0.1”
Join my telegram https://t.co/J6uPf8H57o
😂
Yay, I was awarded a $7,500 bounty on @intigriti
Here is a great resource made by @samwcyo :
https://t.co/4SNDz6aNBc
This has completely changed the way I approach a target since I read it !
#HackWithIntigriti
Tip:-
How to get from 10k subdomains -> 350K...
1-Subdomainer
2-chaos
3-assetfinder
4-frogy
Explanation in comments ↓
#bugbountytips #bugbountytip #bugbounty #hackerone #bugcrowd #h1
A payload without '>', html tag and limited to 35 chars to bypass filter by @avanish46
<svg onload="alert(1)" <="" svg=""
see thread for details: https://t.co/OV9FZNiG2N
Dün Telegram üzerinden bana @Trendyol üzerinden işe alım yaptığını söyleyen klasik bir dolandırıcı yazdı.
Mesajıma resim etiketi ekleyerek mesaj gönderdim ve resmin yüklendiğini belirten bir ping aldım. Daha sonra mesajıma Blind XSS yükümü ekleyerek dolandırıcıların paneline erişim sağladım.
..🧵
XSSGen is a Python tool designed to generate random XSS (Cross-Site Scripting) payloads. The tool can create a variety of payloads with random HTML tags, JavaScript events, and JavaScript code snippets to help security testers identify vulnerabilities in web applications
Harden Windows Security v0.5.1 release
🦄Intune Admins, verify the effective Status of your policies and Perform Compliance Checks
🧩Premade Secure Categorized Intune Policies Available - Graph API
♾️Hybrid mode
#CyberSecurity #Windows #Cyber #Intune
https://t.co/lfd3SaE3lk
i just wrote an keylogger using GetRawInputData().
code: https://t.co/dxugnLn3us
#keylogger #rust #maldev #redteam
Advanced SQL Injection Techniques now available in GitBook. Make a copy/ Archive / Convert to PDF before they report this too :).
#bugbountytip #BugBounty #SQLInjection #SQLi
https://t.co/APxU4CULCt
When researching request smuggling, I decided that TE.0 would never be exploitable because it requires the back-end server to accept a HTTP request starting with a number + newline.... and no server would be that crazy 🤦♂️
Awesome work! Never under-estimate the crazy.
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.2M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.6M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69.1M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.7M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers