Olivia
Online
kmt
@secparanormal
what is your threat model? | OSCE(3)
Joined February 2017
837 Following
203 Followers
447 Posts
Since day one, our goal has been to make cybersecurity accessible for everyone.While coding is great, it introduces tons of security issues. Start securing your dream for less than $100.We are giving away 10 starter plans.Let me know if you want to try.
#startup #cybersecurity
We successfully identified security vulnerabilities across major platforms including Google, as well as multiple private and public bug bounty programs on YesWeHack and other platforms.
#bugbounty #hackerone #startup #cybersecurity
StubZero: $148,337 RCE in Google Cloud Production
https://t.co/m7cBnSTaj4
If you're serious about mastering client-side bugs, this repo is a goldmine.
A curated roadmap covering:
• XSS (DOM-based & advanced)
• postMessage exploitation
• CSP bypass techniques
• Prototype Pollution
• Real-world writeups & labs
Stop jumping randomly between topics, follow a structured path.
🔗 https://t.co/0Z7YZiyTmA
#BugBounty #WebSecurity #XSS #AppSec #InfoSec
We asked Claude to find a bug in Vim. It found an RCE. Just open a file, and you’re owned. We joked: fine, we’ll switch to Emacs. Then Claude found an RCE there too.
Full story: https://t.co/7UL9suKs8r
if you think im just some dumb dumb thinking claude can find bugs and all my examples are wrong, just watch 15 min of this talk 😝 https://t.co/3UP7ierZyB
WebSocket Security Testing Checklist
https://t.co/zebkK4iCYh
JWT algorithm confusion: forging tokens the library trusts
https://t.co/jPSxwnmrlU
I have been doing bug bounty since 2011 and ran a program for a multinational bank. Put everything I've learned into https://t.co/78z1JfSzmr. Target selection, recon pipelines, chain patterns, report templates, the business side. Free, no paywall, no course upsell.
Penetration Tester Agent - https://t.co/088JVXhCFu
You are a senior penetration tester with expertise in ethical hacking, vulnerability discovery, and security assessment. Your focus spans web applications, networks, infrastructure, and APIs with emphasis on comprehensive security testing, risk validation, and providing actionable remediation guidance.
#PenetrationTesting #EthicalHacking #VulnerabilityAssessment #AppSec #CyberSecurity #PentestAgent
Meet BugSkills.
I built a tool to convert the knowledge and methodology used in your HackerOne reports into AI skills you can use to automate vulnerability discovery.
Thank you @rez0__ for the idea.
https://t.co/Ywb3SXQ2QJ
A friend quit his quant fund job and sent me 2 pages.
“These are the key formulas I used to make money on Polymarket. $400K a year. If you can apply them, you’ll get rich.”
I didn’t believe him.
I dropped both pages into OpenClaw and sent one prompt: “build a bot for Polymarket.”
Then I left for the gym. When I came back, there was a Telegram message from the agent: “MVP is ready.”
Now it’s been making me $150 a day for 4 days straight.
I attached both documents. Drop them into your AI agent and tell me what it builds.
After 5 months of development, I'm releasing EvilWAF v2.4 - a MITM proxy that makes ANY tool bypass WAFs https://t.co/KfBhpwKLas
I DON'T UNDERSTAND WHY PEOPLE DON'T USE GROK FOR STOCKS.
Most traders are looking at charts from 3 months ago.
Grok analyzes real-time sentiment on X to predict tomorrow.
Here are 8 prompts to find the next 10x stock:
Use NextJS? Recon ✨
A quick way to find "all" paths for Next.js websites:
DevTools->Console
console.log(__BUILD_MANIFEST.sortedPages)
javascript:console.log(__BUILD_MANIFEST.sortedPages.join('\n'));
Cred = https://t.co/4hiJXDNlmU
#infosec #cybersec #bugbountytips
I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: https://t.co/jD6EaGtsn3
A lot of people don’t realize they’re 5 hours of Claude Code away from changing their entire financial lives
R.I.P McKinsey.
You don’t need a $300k consultant anymore.
You can now run full competitive market analysis using Grok 4.
Here are the exact 3 mega-prompts I use to replicate McKinsey-style insights for free:
I tested Grok 4 and ChatGPT-o3 with same critical prompts.
The results will blow your mind.
Grok 4 Vs. ChatGPT-o3
(Video demos are included)
@y0bera switch off the lights before opening your browser. Simple as that.
#Bugbountytip #bugbountytips
Install JS Miner extension over Burp
After crawling all endpoints
Click on the target ==> Extensions > Js Miner > Run All Passive scans
I got a result [Js Miner] Dependency Confusion
The package is unclaimed over NPM
Next step
Create an account on NPM
Then install the NPM in Linux
~ npm login
~ mkdir (Package Name)
~ cd package name
~ npm init -y
~ npm publish --access public
And I claimed the package
Next Step: I edit the package.json file to the RCE
POC https://t.co/vfFinyoUaM
And in the end, I got a nice P1 😍
This amazing man @m359ah , taught me 6 months ago about understanding and exploiting the Dependency Confusion, so big thanks to him ♥
#bugbounty
Happy Hunting ♥
![GodfatherOrwa's tweet photo. #Bugbountytip #bugbountytips
Install JS Miner extension over Burp
After crawling all endpoints
Click on the target ==> Extensions > Js Miner > Run All Passive scans
I got a result [Js Miner] Dependency Confusion
The package is unclaimed over NPM
Next step
Create an account on NPM
Then install the NPM in Linux
~ npm login
~ mkdir (Package Name)
~ cd package name
~ npm init -y
~ npm publish --access public
And I claimed the package
Next Step: I edit the package.json file to the RCE
POC https://t.co/vfFinyoUaM
And in the end, I got a nice P1 😍
This amazing man @m359ah , taught me 6 months ago about understanding and exploiting the Dependency Confusion, so big thanks to him ♥
#bugbounty
Happy Hunting ♥](https://pbs.twimg.com/media/GuMl1FgXIAAxXsw.png)
Last Seen Users on Sotwe
CD seda bisex
Seen from United States
MUTHANA 🫶
Seen from Algeria
sm lover 
Seen from Korea
Calvin
Seen from Turkey
godain kamu
Seen from Malaysia
ولد عهد المطيريه
Seen from Saudi Arabia
hania 😍
Seen from Pakistan
skibiditoiletsigmafck
Seen from Singapore
Natali Dg 𓆰𓆪
Seen from Peru
Bặßặ Mặĥěř
Seen from Egypt
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.2M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.8M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.4M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers