🕵️ MLT 🧙♂️ @0dayWizard
Cybersec researcher & exploit developer w/ emphasis on webapp security. Former #TeaMp0isoN + former Founder of Project Insecurity LTD + founder of Bug0xF4. github.com/MLT-0x539 keybase.io/0dayWizard Joined July 2021-
Tweets1K
-
Followers5K
-
Following185
-
Likes2K
Been writing a script to make post-exploitation on *nix easier for beginners, here's what I've added so far. If anyone can think of more functionality to add then please let me know. I've made a primitive UI to make it easier for beginners to use (rather than cmdline args)
Does anyone know how I contact @ChainLands ? The Project Insecurity LTD member who was from NL? Need to contact him ASAP.
@_godiego__ @serverinspector Open redirect alone won't work, but a redirect in conjunction with something else I've got will work (an XSS isn't the only thing I've found)
I asked this like a year ago but didn't get a response.. everything else for my chain is still working so I'll ask again.. Does anyone currently have JSNOP callback or open redirection in *.paypalobjects.net? I'll split the bounty with you if you've got one.
@coffinxp7 Yeah I did see that the payload list covered some different contexts, but it would be cool to see a post breaking down each of those contexts and explaining the situations in which different context-specific payloads should be used. Either way, nice post.
Is there anything specific about this vuln that makes it more noteworthy than the thousands of other vulns that get reported to NASA?
Why is this even news? Someone reported a vuln to the VDP of probably the least secure .gov site in existence and somehow this is newsworthy? Does anyone even know what type of attack vector it was? Is there a writeup? I fail to see what makes this "breaking news"
BREAKING NEWS 🚨 📢 14 year old Yuvraj Gupta, who lives in Kanpur, Uttar Pradesh, has done a great feat. Hesaved the website of American space agency NASA from hackers. NASA has included him in the 'Hall of Fame' and also given him a letter of recognition.
@Earinenes @danielmakelley The closest thing to "social media" that many of them use is IRC
@Earinenes @danielmakelley Definitely not true. I know hundreds of skilled hackers who avoid all forms of social media like the plague.
@vxdb I get that this is the results of an investigation from 2023, but by now it's pretty much old news given that all of these markets are dead and the customers getting arrested are most likely dealers themselves. I can't see how this would disrupt any currently existing DNM's.
@vxdb I'm assuming the buyers who got caught weren't just your typical buyers, but rather dealers themselves
@coffinxp7 I see tons of people starting their payload with ' or %27 and just assuming it isn't vuln when that doesn't work, but I never see articles covering how payloads need to be tweaked for different context and in situations where starting with ' doesn't work, something like ") might
@coffinxp7 Nice article, however one thing I NEVER see in articles regarding SQLi is context-specific payloads, i.e. how you need to change the start of your payload based upon where in the SQL statement your inputs are being reflected into.
@serverinspector I've got an XSS in PayPal but their CSP is preventing me from triggering it, however if I can find JSONP callback or open redirection in paypalobjects.com then I'll be able to bypass the CSP and get my JS to trigger.
@serverinspector Yeah I meant .com sorry
@xitsec So it was literally just a case of reading that file from the extracted tarball and then connecting to their MySQLd using those creds. Second time I hacked them was using a CVE that had been public for several years. Even to this date they're vuln to tons of dumb BS like that..
@xitsec The first time I hacked NASA I found a wordpress installation there with open directory listings and a "backup.tar.gz" file -- the tarball was a backup of their WP site with wp-config.php included in there. Working plaintext MySQL creds in that file + open port 3306
Jack Rhysider 🏴... @JackRhysider
171K Followers 4K Following Creator of @DarknetDiaries. Tell me a good hacker story. 💻🔦⤵️🐰🕳️ Discord: https://t.co/qxanMuJ5X2
The XSS Rat - Proud X... @theXSSrat
166K Followers 1K Following Bug bounty profiles: https://t.co/3Uz5K130ah https://t.co/rzbqV5AmZ2 https://t.co/CDlzXdNvPB
zseano @zseano
81K Followers 714 Following #1 Amazon Hacker. rebuilding bugbountyhunter and making bug bounties a better place for hackers. lover of hackbots
Katie Paxton-Fear @InsiderPhD
97K Followers 2K Following Dr, apparently. Security Adovcate @semgrep & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/her
Luke Stephens (hakluk... @hakluke
100K Followers 2K Following Hacker, marketer. I manage socials and marketing for cybersecurity orgs. Founder of @hacker_content and @haksecio
Julien | MrTuxracer �... @MrTuxracer
39K Followers 441 Following Founder of @rcesecurity | #BugBounty | @Hacker0x01 MVH && H1-Elite | $1,5+ Mio in Bounties | Mobile Hacker | @[email protected]
Justin Elze @HackingLZ
71K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
uɐpʇou@ ✸ @notdan
22K Followers 3K Following genuinely flawed satire ه҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿ im U17r4H4rd(0r3 d00d
Md Ismail Šojal �... @0x0SojalSec
47K Followers 5K Following Cyber_Security_Re-searcher || Ai Re-searcher || AI-Sec|| Malware Analysis II iOS || Pwn || 0SINT || Project AI-StrikeSec || 0ldAccounts Suspended @0xSojalSec ||
Nikhil @Ox4d5a
18K Followers 2K Following Penetration Tester | i XCHG 0's 1's and do hacks | Red Team Sorcery https://t.co/6LUhkvN2hz | #eJPT | #OSCP | #CRTP | #CRTA | #CESP | #CRTE
уυηg ՏΝАΤ @yunginnanet
3K Followers 515 Following smokin dead opps out da ashtray; https://t.co/pXe1D5KmYd
cje @caseyjohnellis
29K Followers 5K Following human | troublemaker & troubleshooter | founder @bugcrowd @disclose_io, advisor | pioneer of #bugbounty as-a-service | opinions CC0 1.0 | #hacktheplanet
TheKevinHQ @kevinmeisterko1
844 Followers 4K Following #freeleafy #freeleafyishere #w213 #w212 #w211 #w202 that is all my dads mercedes benz cars but some of them are gone
Fugu @heihousha
0 Followers 12 Following
anln @CyxSasha45843
1 Followers 155 Following
Michael Swan @BlackSwanAPT
1 Followers 98 Following
Malware Web @MalwareWB
11 Followers 185 Following
Ivan @Ivanklydz
686 Followers 105 Following Security researcher with deep focus on vulnerability detection. Former blackhat, Former hellcat.
ABACUS 2007-AC1 @ABACUS_2007_AC1
5 Followers 224 Following
👽😈 @tommyGlobe_22
71 Followers 1K Following
___4:44_____ @fquimo696
21 Followers 103 Following
Light_Yagami @darkprince_0695
19 Followers 111 Following
bugsploiterr @systempwn3d
28 Followers 2K Following
ه҈̿҈̿҈̿҈̿҈�... @xk4tz
0 Followers 327 Following no-one should be following me... Please stop trying to follow this account, its a sock.
Tomas Azevedo @TomasAzevedo250
0 Followers 35 Following
Peligr0 @Peligr0299287
4 Followers 261 Following
A56 @A561059522
0 Followers 8 Following
Tracebit @tracebit_com
333 Followers 5K Following The Assume Breach platform that detects intrusions in seconds. Also on https://t.co/T4VNPGjS2O
Kippa@ɹnɐsɐddᴉʞ... @Kippasaurr
108 Followers 85 Following Chairman of Anonymous Bureau Of Investigative | Buy $ANON on CA: FhvBDEr46meW6NHWHNeShDzvbXWabNzyT6uGinEgBAGS | Hacktivist | Expect us
Dice312 @Dice3121355561
2 Followers 567 Following
MiLaNo @0xmilano
203 Followers 328 Following 07-08 Good Times For those about to hack (ethically) We salute you!
Mohamed elkaoui @mhmdel05
0 Followers 82 Following
Autist @hellohhhahahah
2 Followers 107 Following
jigga @scaredthc
673 Followers 20 Following
ForsakenBorg @ForsakenBorg
135 Followers 747 Following
djc @djc82253747
0 Followers 9 Following
nad @Nadsec11
484 Followers 1K Following Systems Administrator | Cybersecurity Nerd | Weird Robot Enthusiast https://t.co/bjecckpTqC https://t.co/AJrYkXmZRx https://t.co/7rxfMeri1U https://t.co/x33pgl5XzG
lawest08 @lawwest00
45 Followers 592 Following
𝙞𝙣𝙩𝙚𝙡�... @intelrat
739 Followers 294 Following Independent OSINT/threat intel research. Content is for informational purposes only and does not endorse or promote any referenced services or activity.
Dede @ShowoutDede
19 Followers 175 Following
pita90 @pita90375397
0 Followers 77 Following
Kactus @Kactus0005
1 Followers 74 Following
LogicSec @lazylnl
5 Followers 729 Following
smilez @celestech0
20 Followers 273 Following The sun rises for everyone, but the shadow is yours alone.
Gregory @magnate_rex
294 Followers 332 Following
Jeramy Canals @JeramyCanals
0 Followers 214 Following
Agent K @CombatBeat
679 Followers 780 Following Living Comfort Eagle in Dystopia. Now today is tomorrow, and tomorrow today And yesterday is weaving in and out Round and Round Up and Down
Meliodas 🏴☠�... @meliothecrack
90 Followers 743 Following aka le Soldat de l’Hiver 🏴☠️tiktok : meliothecrack // insta : mohaameliodas
MALWIZARD @MALWIZARD369
3 Followers 213 Following
mike manzi @my_on17005
0 Followers 4 Following
th0rs @th0rs289472
4 Followers 16 Following
office @r15halfatooth
7 Followers 63 Following
ً @pix1238659
1 Followers 84 Following
Mira Rankovic @MiraRankov67465
0 Followers 2 Following
Jack Rhysider 🏴... @JackRhysider
171K Followers 4K Following Creator of @DarknetDiaries. Tell me a good hacker story. 💻🔦⤵️🐰🕳️ Discord: https://t.co/qxanMuJ5X2
The XSS Rat - Proud X... @theXSSrat
166K Followers 1K Following Bug bounty profiles: https://t.co/3Uz5K130ah https://t.co/rzbqV5AmZ2 https://t.co/CDlzXdNvPB
zseano @zseano
81K Followers 714 Following #1 Amazon Hacker. rebuilding bugbountyhunter and making bug bounties a better place for hackers. lover of hackbots
Katie Paxton-Fear @InsiderPhD
97K Followers 2K Following Dr, apparently. Security Adovcate @semgrep & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/her
Luke Stephens (hakluk... @hakluke
100K Followers 2K Following Hacker, marketer. I manage socials and marketing for cybersecurity orgs. Founder of @hacker_content and @haksecio
Julien | MrTuxracer �... @MrTuxracer
39K Followers 441 Following Founder of @rcesecurity | #BugBounty | @Hacker0x01 MVH && H1-Elite | $1,5+ Mio in Bounties | Mobile Hacker | @[email protected]
uɐpʇou@ ✸ @notdan
22K Followers 3K Following genuinely flawed satire ه҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿ im U17r4H4rd(0r3 d00d
Nikhil @Ox4d5a
18K Followers 2K Following Penetration Tester | i XCHG 0's 1's and do hacks | Red Team Sorcery https://t.co/6LUhkvN2hz | #eJPT | #OSCP | #CRTP | #CRTA | #CESP | #CRTE
уυηg ՏΝАΤ @yunginnanet
3K Followers 515 Following smokin dead opps out da ashtray; https://t.co/pXe1D5KmYd
cje @caseyjohnellis
29K Followers 5K Following human | troublemaker & troubleshooter | founder @bugcrowd @disclose_io, advisor | pioneer of #bugbounty as-a-service | opinions CC0 1.0 | #hacktheplanet
SPYDIR @SPYDIRBYTE
2K Followers 134 Following Hacktivist - Anonymous Operations, fighting for free expression, and standing against injustice and inequality. Freedom begins with your actions.
Evil Rabbit Security ... @EvilRabbitSec
5K Followers 798 Following here, queer I don't like beer, I'm hunting pedos so come join me we're all inclusive here. I hate corporate greed but it's pride month so imma join in.
Francisco Ribeiro @blackthorne
2K Followers 2K Following Hacker, Researcher, Engineer. Previously: XTX Markets, Google, DeepMind, Mimecast, Cisco et al.
serverinspector @serverinspector
285 Followers 746 Following Security Researcher Shoot me a DM if you've come across something related to me and got questions.
zer0pwn @zer0pwn
6K Followers 2K Following
ha3ks @ha3ks
1K Followers 2K Following Cyber Security Engineer | SOC Goon | Half a dozen Certifications in a Trench Coat
The Wiggler @The__Wiggler
84 Followers 279 Following Embedded cyber-security goblin They/He 🚲🏞🏕💻 Opinions found in the bins round the back of Tesco.
Sean Powers @SeanCPow
2K Followers 5K Following ▶︎ •၊၊||၊|။||||ııı။၊|။|||။||ı။၊| 10:16 x Senior Supervising Producer, @ClickHereShow at @TheRecord_Media / Email: [email protected] / DM for Signal
Random Robbie @Random_Robbie
16K Followers 6K Following Hunting vulns. Exploits are real. Opinions are yours. Blame yourself, not me. Anything posted here is on you not me. #LFC
godiego @_godiego__
7K Followers 1K Following Security researcher and bug bounty hunter. https://t.co/ybndhjqZ5z | https://t.co/b1SmtBMqCw | https://t.co/Vv5K0oN4bQ | 🇪🇸
William Turton @WilliamTurton
32K Followers 6K Following Reporter @ProPublica Contact me on Signal: 804-295-7201 [email protected]
Timothy French @leet_sauce
812 Followers 107 Following One-time pain in every government's rear, now reformed cyber-security researcher on the quest for 0day w/ @mandconsulting_
debug @0xdebug
168 Followers 209 Following
mikrl 🦾 @mikrl_dev
10 Followers 52 Following Vibe coding a crypto hedge fund with $0.20 worth of 2013 BTC.
pirate.moo @apiratemoo
7K Followers 4K Following \x6d\x6f\x6f\x62\x69\x74\x63\x68 I break things for a living. Opinions are my own.
Martian Defense @Martian1337
65 Followers 75 Following Product Security Engineer but I may do some hacking, CTI and other stuffs :) Please allow some time for a DM response as I am not engaged on social media often.
marin @eingengraou
239 Followers 1K Following Full Stack Web dev | Python | Bug bounty hunter | Cyber Security Analyst @igbigi_official | Acknowledged by @nokia, @apple | Open for collabs
Nisa Nihilist @NisaNihilist
103 Followers 436 Following Hi, I'm Nisa. I'm a metal head, twitch affiliated streamer, gamer, car enthusiast, vaper, animal lover, adventurer, writer, and photographer.
Xenosine @xenosine
11 Followers 92 Following Binary Exploitation ● Reverse Engineering ● Founder of @Node0CTF ● Mixed Martial Artist
Daniel Kelley @danielmakelley
48K Followers 296 Following I'm a reformed black hat hacker who has contributed to 100+ bug bounty programs, and I ghostwrite for cybersecurity teams.
HackenProof @HackenProof
39K Followers 2K Following Expert bug bounty and crowdsourced security marketplace · 400+ programs · $ 26M + paid in bounties · 85k+ ethical hackers
Freddie @freddie0x1
342 Followers 466 Following
freddy @falsneg
931 Followers 1K Following i like butter croissants and security controls, uncontrollably eating both. threat research @ https://t.co/NEo2w5Ulp1
666KAIZEN666🇧🇧�... @1Kaizen1
606 Followers 717 Following An old wise guy. Enjoying his new found, quiet life, admiring the scenery. Problem is, the scene/ry has a way to drag you back to the views. 2011. 🎭
Alp @alp0x01
5K Followers 474 Following security researcher | https://t.co/t48NOEjxSK | embrace the stress, it's the only path to success.
Angel Montes @_N0xi0us_
2K Followers 669 Following Bug Bounty Hunter | Find me as n0xi0us in all platforms
Mike Tiso (vi/vim) @MichaelHacks0n
2K Followers 1K Following Mike Tiso | AI Engineer | Business owner | Software Engineer | Maker of apps | Solver of Problems
Paulos Yibelo @PaulosYibelo
5K Followers 397 Following security researcher , prev @octagonnetworks , haxor 🗺🦉/, I haxor everything I touch.. Disclaimer: I speak for my self
lilith kills :) @0xlilith666
154 Followers 602 Following 18 | system engineer | red team | student | 🇷🇺 🇨🇦 🧁🍩 🦀
cyber_patriot517 @CyberPatriot517
10 Followers 100 Following Husband | InfoSec Professional | Amateur Hacker | Wanna Be Researcher
Dr. Evil Engineer - S... @DrEvilEngineer
2K Followers 3K Following Software and Electrical Engineer. #CyberSec + #OSINT Mental health advocate. #Trans #ProjectMoonlightChaser #Autism #Anonymous
Friendly @Skeletorkeys
1K Followers 107 Following Something along lines of SRT Member. Time-to-time, I do bug hunting and pentesting.






















