Hammad Ul Hassan @Syntax3r
Trader 📈📊 | Security Enthusiast | AppSec Engineer | Nature Lover sectechsolution.com Karachi, Pakistan Joined August 2016-
Tweets592
-
Followers89
-
Following398
-
Likes1K
💡 Bug Bounty Tip #9 One command. Thousands of endpoints. echo target.com | katana -silent | gau | uro | grep "=" | sort -u What it does: - "katana" → Crawls the target. - "gau" → Pulls historical URLs. - "uro" → Removes duplicate/noisy URLs. - "grep "="" → Keeps only parameterized URLs (great for XSS, SQLi, IDOR, SSRF, etc.). - "sort -u" → Deduplicates the final output. Simple commands like this often uncover attack surfaces that the UI never exposes. #BugBounty #Recon #AppSec #CyberSecurity
🔐 Automate BAC & IDOR Testing in Burp Suite with This Powerful Extension TokenTwin Checker is a Burp Suite extension that automates Broken Access Control (BAC), IDOR, and horizontal privilege escalation testing across multiple authenticated users. It supports cookie and custom-header authentication, all-vs-all testing, baseline comparison, smart response filtering, risk classification, CSV export, side-by-side request comparison, and a built-in PoC viewer—making authorization testing faster and more accurate for bug bounty hunters and security researchers. 🔗 github.com/rootdr-backup/… #BugBounty #BurpSuite #API #IDOR #CyberSecurity
Many beginners struggle with recon in bug bounty & pentesting 🔍 So I built a simple recon pipeline to make it easier for you to get started! Check it out 👇 github.com/kanishk-dadhic… #BugBounty #Recon #CyberSecurity #Infosec #EthicalHacking
We pulled in $117,000 in Chrome bug bounties with simple tricks; on Wednesday, Quang Luong will spill his secrets at the Stanford AI Security Conference: seclab.stanford.edu/RealWorldAIsec/ Fun fact: Quang is probably the only researcher in the known universe who still uses Gemini to find bugs. Before the end of the year, Calif researchers will be presenting at Blackhat USA, Defcon, and Hexacon. We're also hoping to make it to Unprompted AU, OffensiveCon, and Objective By The Sea. At Black Hat USA, Dionysus Blazakis and the team will walk through the bugs and exploit chain used in the Apple MIE bypass discovered a few months ago. blackhat.com/us-26/briefing… At DEF CON, we will tell the story of hacking software that helps run the Internet backbone. At Hexacon in Paris, @brucedang and I will give the keynote. Apple announced MIE there last year, so it'll be a fun one. I suspect they only wanted Bruce, but keynotes require a certain amount of professional nonsense, and Bruce is far too honest for that, so I got invited too. My job is marketing, which is to lie without getting caught. What's wild is that none of this existed at the beginning of the year. We started with a simple realization: very few people have both deep security expertise and access to the best AI models. So we went all in and never looked back. Back in March, we called a company-wide all-hands on a Saturday. The title of the invite was: "AI Tsunami and Our Actions." I don't want to romanticize overwork, but what we were seeing felt too urgent to wait until Monday. Then everyone started cooking. The results have been spectacular. Our research on defeating Apple MIE made it into The Wall Street Journal. We signed major contracts with Anthropic, OpenAI, Google DeepMind, and xAI. While others are celebrating access to the latest models, we've been using them to explore the frontiers of vulnerability research. In the first half of 2026, we're already surpassing our entire 2025 bookings. Most importantly, we've assembled a top-tier team in record time. I've read many strategy books, but this is the first time I've witnessed the power of the right strategy at the right time. Focus is the name of the game. Strategy is deciding what to ignore. For one month and a half, we stopped starting new projects. I've personally shelved a lifelong passion in Vietnam, because it isn't a priority for the company. You can only move fast when you're light. Several people were upset when we changed direction so abruptly. That's normal. If nobody complains, you probably didn't focus. Of course, strategy isn't magic. You can make a focused bet and still be wrong. We were fortunate that this one worked out. None of this would be possible without our partners and supporters across the frontier labs. Thank you.
Deleting a GitHub commit does NOT delete the secret. The SHA still resolves. The credential is still live. I built a tool to find exactly that and it earned me $$$$ github.com/smakarim/reven… #BugBounty #InfoSec
Why hasn’t anyone ever mentioned the @praetorianlabs GitHub organization? Their tools are like a goldmine for bug hunting.
Korea’s #1-ranked hacker on HackerOne is back with a follow-up post! 👀 Hyunseo Shin (KU, 4th year) previously shared how he uncovered open-source 0-days using LLM agents. Now, he breaks down the AI-based vulnerability detection workflow behind those findings. Full post below 🔥 🔗 blog.cykor.kr/2026/06/Buildi… #CyKor #AI #hackerone
Authorized testing on a production API endpoint. Opus 4.7 confirmed the SQL injection was real but couldn't pull any database names. sqlmap said false positive.
I switched to DeepSeek V4 Pro inside Claude Code and it figured out a trick: make the database answer yes/no questions by crashing on purpose.
The payload wraps CASE WHEN around two XML casts. If the condition is true, it parses broken XML like
Do you watch Netflix in your free time? Try hackflix for security conference talks h4ckfl1x.com #cybersecurity #bugbounty
Earlier today Cloudflare's CSO shared how they tested Anthropic Mythos using an unreleased 8-stage vulnerability-discovery agent. So I asked Opus to implement the agent for me, it works via Claude SDK with a Pro or Max subscription, no API. Enjoy github.com/evilsocket/aud…
Someone built 35 AI pentesting agents for Claude Code... and it's honestly insane. AD attacks, web exploitation, cloud pentests, malware analysis, reverse engineering, C2 ops, even LLM red teaming — all inside one framework. This is one of the most advanced offensive security AI projects I’ve seen on GitHub lately. 🔗 github.com/0xSteph/pentes… #CyberSecurity #Pentesting #RedTeam #AI #OSINT
This is underated but goldmine.
Android Pentesting Skill github.com/DragonJAR/Andr…
This might be what's missing from your recon workflow. Uncover will search for hosts using Shodan, Censys, FOFA, Hunter, Quake, ZoomEye, Netlas, CriminalIP, PublicWWW, HunterHow, Google, Onyphe, Driftnet and NerdyData. Then it drops the results straight into your terminal, ready for chaining with other tools. github.com/projectdiscove…
Effective today, we are: 1) Doubling Claude Code’s 5-hour rate limits for Pro, Max, and Team plans; 2) Removing the peak hours limit reduction on Claude Code for Pro and Max plans; and 3) Substantially raising our API rate limits for Opus models.
while Anthropic quietly removed Claude Code from the $20 Pro plan (now $100+ Max only) we just released OpenClaude v0.6.0 completely free & open-source.
kimi-2.6 just works out of the box in OpenClaude. cc @Kimi_Moonshot currently at 22.9K stars!
🚨 Kimi 2.6 just dethroned @claudeai for coding — and we built 6 full projects in one morning to prove it. 3D worlds. Space shooters. Live data dashboards. All from single prompts. Claude who? @Kimi_Moonshot 👀 Watch the full breakdown 👇
The Local LLM cheat sheet for your 16GB RAM device I pulled together a lineup of small models that can run comfortably on a Mac Mini or personal laptop while still leaving room for context without melting your machine. Models for Daily Use Qwen3.5 9B / GGUF / Q4_K_M Daily driver. General chat, drafting, research, translation. If you're keeping only one, keep this. DeepSeek-R1 Distill Qwen 7B / GGUF / Q4_K_M Reasoning engine. Math, logic, step-by-step problems. Slower, but worth it when you need actual thinking. Models for Specialty Work Qwen2.5 Coder 7B / GGUF / Q4_K_M Code specialist. Completions, refactors, debugging, repo Q&A. Better than a generalist when the task is code. Llama 3.1 8B / GGUF / Q4_K_M Long context worker. RAG, doc chat, codebase Q and A. The output isn't top tier, but the context is strong for its size. Phi-4 Mini Reasoning / GGUF / Q4_K_M Compact thinker. Logic, structured answers, math, and short coding bursts. Smaller context is the catch. Models for Efficiency Gemma 4 E4B / GGUF / Q4_K_M Light all-rounder. Writing, chat, light agents, structured output. Phi-3.5 Mini / GGUF / Q5_K_M Pocket sidekick. Summaries, extraction, background doc chat. Easy to pair with a bigger model. Qwen3.5 2B / GGUF / Q4_K_M Useful for summaries, tagging, rewrites, and lightweight sidekick work. Micro Models Qwen3.5 0.8B / GGUF / Q5_K_M Classification, keyword routing, binary decisions, triage. Gemma 4 E2B-it / GGUF / Q4_K_M Lightweight chat, quick Q and A, summaries, tiny agents. My personal choice for a single model is Qwen3.5 9B For two models use Qwen3.5 9B + Qwen2.5 Coder 7B for code, or Qwen3.5 9B + Phi-3.5 Mini for support tasks. Let me know in the comments your experience with these models, or any I have left out.
𝗞𝗶𝗺𝗶 𝗞𝟮.𝟲 𝗶𝘀 𝗖𝗵𝗶𝗻𝗮'𝘀 𝗻𝗲𝘄 𝗼𝗽𝗲𝗻 𝘀𝗼𝘂𝗿𝗰𝗲 𝗮𝗻𝘀𝘄𝗲𝗿 𝘁𝗼 𝗖𝗹𝗮𝘂𝗱𝗲 𝗖𝗼𝗱𝗲. It has 1 trillion parameters but only uses 32 billion at a time. Context window holds 256,000 tokens. It scored 85% on Live Code Bench. Claude hit 64%. It plugs into OpenClaw, Cursor, and Cline with no restrictions. Kimi Claw deploys in the cloud in 2 minutes. It's way cheaper to run than Claude day to day. Save this. Your coding stack just got a real rival.
~$ 𝓦𝓱𝓸𝓪�... @0trusts
279 Followers 3K Following “Yesterday is history, tomorrow is a mystery, but today is a gift.
Nimrah Hussain @NimrahHussain_
27 Followers 36 Following Math grad 🎓 | Exploring Agentic AI 🤖 | Python & Web Dev | Future tech innovator in sha Allah🚀
سیدہ رابیل �... @Rabii_Rizvi
33 Followers 89 Following Graduated Hobbies👉🏻 _Books Reading🤓 _Painting & Sketching 😎 Coffeeholic☕ Choco_LoveR 🍫 Proud to Be Hussaini ♥️🙂
Ethelyn Baumbach @EthelynB61801
5 Followers 161 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/hw4UdCGDAC
✨_geeknik_//✨ @geeknik
20K Followers 7K Following Human Co-Founder & CTO⇢https://t.co/JDh2Hm96vA A mad scientist with a penchant for chaos. Fuzzing from kernelspace➠uncanny valley. Latest: CVE-2026-27477
VINGATE TECHNOLOGY SO... @vingate_tech
413 Followers 4K Following Web development, SEO, SM Marketing, Data Analysis, Social media management. For General Consultation send a DM 📩
Paws on a Dime @Crimeonadime
1K Followers 4K Following
きくはらあきは @kikuharaak81156
52 Followers 3K Following
bouderbala amira @Mira_bouderbala
11 Followers 106 Following
Mamadou Abdoulaye @bloman19
243 Followers 1K Following Google Student | Cybersecurity Enthusiast | Linux User 😄 | Baby H4ck3r
Jean-Yves Garcin @JeanYvesGarcin
837 Followers 4K Following 💻 Lead QA Software Tester | AI & Automation Enthusiast 🤖 🇫🇮 Heart in Finland #SoftwareTesting #AI #Automation
Lisi Hocke | Find me ... @lisihocke
6K Followers 2K Following holistic tester, quality enabler, agile experimenter, sociotechnical symmathecist, team glue. volleyball player, game lover, story enthusiast. she/her.
Ayaz Ahmed Khan @ayaz_khan
514 Followers 1K Following I used to play tennis and cycle! Now, it aches all the time. DevOps hacker! AI will replace me very soon, so I’m going to enjoy the ride till then.
MUßEEN ⚡ @reverse0x7
77 Followers 75 Following
Ali Yar Khan @Mr_Programmer14
2K Followers 2K Following Freelance Full stack web & mobile developer | MERN stack | React Native | Flutter | React | Nextjs | Nodejs | Appwrite | Firebase
sina @sina90798825
3 Followers 1K Following
Ghina Ahmad @ahmadghina4
387 Followers 156 Following
Ahsan Ahmed Siddiqui @AhsanAhmedSid12
32 Followers 48 Following Student of Computer science 🖥 & Islam 🕋.
Brenda Miller @BrendaM68649506
725 Followers 5K Following Achieve your certification dreams with us! 100% pass guarantee
Ahmed Abdel Rasoul�... @0xbartita
1K Followers 2K Following Penetration Tester & Bug Hunter | eWPTX | eCPPT | eMAPT | CVE-2026-23524
Zulfiqar Qadri @kakrjutt
77 Followers 395 Following خاتـم النبییـن محمــــدﷺصَلَّى اللّٰهُ عَلَيْهِ وَسَلَّم❤️
Nguyễn Hoàng Thố... @nhthongdfvn
79 Followers 856 Following
Rajeev Suyambu @Rajeevsuyambu
37 Followers 696 Following
@[email protected]... @ashariqbal
765 Followers 4K Following infosec. GRC. devops. ISO27001. dataviz. CISSP. cyber cyber cyber @[email protected]
Saba @Onlyyy_Truth
28 Followers 167 Following Investigative Journalist. Part time OSINT. Clean Twitter == Delete all my Tweets at the end every month. :)
Zeeshan @zeeshan1338
396 Followers 6K Following Ethical Hacker ! Security Researcher And Software Engineer
BSides Pakistan @BSidesPakistan
996 Followers 296 Following Passionate about growing the next generation of cyber security professionals in Pakistan. Organiser of @BSidesIslamabad
Fatima Navaid @FatiNavaid
256 Followers 2K Following Cyber GRC Analyst @ NayaPay | CyberSecurity Enthusiast | MS - NUST | BE - NED. ALHAMDULILLAH for everything 😊 | Remember ALLAH is the greatest of all ♥️
David Cervigni @DavCervSec
146 Followers 575 Following Following me you became part of a small elite!
Acey9 @Acey9_cn
810 Followers 368 Following Network Security Engineer, Honeypot, Network Scan Tracking, Coder @Xlab_qax @360Netlab
pnɯɥɐɯ @simply_mahmud
63 Followers 2K Following "a simple person with complex mind!" CSE Graduate Curious | Security Researcher 🔥WISH: 40% Developer + 20% E.Hacker + 40% Trainer "trying to rebuild youth!"
CYB3RMX @m4lipulat0r
297 Followers 214 Following #InfoSec Enthusiast | #DevSecOps | Author of Qu1cksc0pe project | #Malware Analyst | #Reversing #MalwareDetection #ThreatHunting #EmbeddedProgramming
CoinTickr @CoinTickr
202 Followers 379 Following The best physical #crypto ticker for your desk. - 12,000 coins & 300 exchanges. - Real-time price alerts. - Developed in partnership with CoinStats. Get yours.
SecHawk @sec_hawk
2K Followers 3K Following InfoSec | Bug Hunter | Entrepreneur | Futurist ••• Scroll my feed for 1337+ #InfoSec resources 💎 Building @ZSecurityHQ #DataPrivacyActivist
Jubayer Ahmed Rhyme @Jub4y3r_3x009
229 Followers 3K Following مهاجم آسيوي عشاق الأمن السيبراني | _-_ | المتعلم | باغ باونتي هنتر Web Application Security Researchers At Hackerone & Bugcrowd
Digital Gift Socks @socks_gift
285 Followers 3K Following Digital Gift Socks is a new cryptocurrency designed to be kept deep in your bottom drawer.. or alternatively a BEP20 compatible crypto wallet like Trust Wallet.
Hussain Alshehri @HMsKenani
64 Followers 332 Following
BetterCallZee @zeshan_inayat
7 Followers 76 Following
Mahmoud @Mahmoud49109521
25 Followers 408 Following
Shayan Dhamia @DhamiaShayan
3 Followers 25 Following
Tati 🍀☺️ @wampoobri
208 Followers 244 Following 21 / Chief Artificial Intelligence Officer @ubitquity_io
Rohan.exe 🖤 @roohaa_n
4K Followers 292 Following Part time Bug Hunter | Full time Security Analyst | Learner
xssdoctor @xssdoctor
6K Followers 389 Following hacker and cardiologist… not necessarily in that order
Alican Kiraz @AlicanKiraz0
35K Followers 3K Following LLM Craftsman & Agentic AI Systems Architect & Cybersecurity Sr. Staff | Exploring Robotics & Biohacking
Tur.js @Tur24Tur
6K Followers 1K Following Interested in Application Security, Bug Bounty, Reverse Engineering, Frida & Ghidra @NoBugEscapes @BugBountyZip https://t.co/bltifT1jkQ
0xor0ne @0xor0ne
92K Followers 508 Following Cybersecurity | Reverse Engineering | Vulnerability Research | Embedded & Silicon Security | My Tweets, My Opinions :)
Medusa @medusa_0xf
9K Followers 213 Following Security Researcher | Building Medusa | Partnering with cybersecurity companies on technical content | Partnerships 📩
aisauce @aisauce_x
1K Followers 845 Following Prompts. Workflows. Shortcuts. By @lokeshmahore_ | Join TG for sauce
MARKHOR 𓄅 @MarkhorTweet
9K Followers 0 Following I am not from “Aabpara”, and I don't know the inside stories
Sulaiman Ahmed @ShaykhSulaiman
846K Followers 875 Following https://t.co/L7BfZDskci https://t.co/L1qa0ouLiC
Pakistan Strategic Fo... @ForumStrategic
219K Followers 234 Following PSF is an independent think tank run by an international team of researchers, delivering the intelligence you need to make informed decisions on geopolitics.
Khamenei.ir @khamenei_ir
2.3M Followers 33 Following Statements from Imam Sayyid Ali Khamenei, the martyred Leader of the Islamic Revolution
Nicolas Krassas @Dinosn
158K Followers 776 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKZLB Posting content that I find interesting.
Kali Linux @kalilinux
400K Followers 25 Following Kali Linux, The Most Advanced Penetration Testing Distribution. Ever. @[email protected]
Claude @claudeai
1.6M Followers 2 Following Claude is an AI assistant built by @anthropicai to be safe, accurate, and secure. Talk to Claude on https://t.co/ZhTwG8dz3D or download the app.
Dan Perez @MrDanPerez
5K Followers 1K Following Technical Lead, 🇨🇳 Mission @Google GTIG. Specializing in tracking and attribution of China-Nexus Threats, and making life difficult for them.
LaurieWired @lauriewired
157K Followers 293 Following researcher @google; serial complexity unpacker; https://t.co/Vl1seeNgYK ex @ msft & aerospace
Hannan Haseeb @HannanHaseeb11
1K Followers 870 Following Pentester @SecWallOfficial | Top 50 @YesWeHack | @SynackRedTeam Acropolis
RocketGod @jeremyyablan
534 Followers 239 Following https://t.co/TqrJs77HbG https://t.co/fHPlNAsTOB https://t.co/NfWapcWalq https://t.co/3O3tVrug0T
GiamMa-based research... @giammaiot2
15K Followers 1K Following #ArtTechnology #IT #Hardware #Security #OSINT #SIGINT #COMINT #HamRadio #SoftwareDefinedRadio #IoT #Hack #Maker #STEM #Jedi #Sith #SuperSaiyanIII #TerminatorAI
Meer | AI Tools & New... @Meer_AIIT
47K Followers 638 Following I post about the latest in AI and explain complex concepts in plain English. Building the world's largest AI newsletter, coming soon.
WeatherWalay @weatherwalay
110K Followers 2K Following PakWeather is now Weatherwalay. Pakistan's first private weather company with over 300+ weather stations across Pakistan. HQ in Islamabad.
Exploit-Forge @ExploitforgeLTD
2K Followers 0 Following Industry-leading penetration testing and offensive security services to protect your digital assets and ensure your business stays secure.
Nimrah Hussain @NimrahHussain_
27 Followers 36 Following Math grad 🎓 | Exploring Agentic AI 🤖 | Python & Web Dev | Future tech innovator in sha Allah🚀
M. Qasim Munir @Savitar0x01
3K Followers 2K Following 24 | OSCP | Security Engineer - Day | Bug Bounty Hunter - Night | SRT | Gamer | CTF Player | Crypto Enthusiast | Watching & Sharing memes 24/7
Youssef Sammouda (sam... @samm0uda
41K Followers 589 Following Security Researcher/Hacker 1st in Meta bug bounty program for 6 years Opinions are my own and not my employer's.
Tom Dörr @tom_doerr
213K Followers 3K Following Follow for posts about GitHub repos, DSPy, and agents Subscribe for top posts DM to share your AI project (Due to volume of DMs I'll prioritize subscribers)
✨_geeknik_//✨ @geeknik
20K Followers 7K Following Human Co-Founder & CTO⇢https://t.co/JDh2Hm96vA A mad scientist with a penchant for chaos. Fuzzing from kernelspace➠uncanny valley. Latest: CVE-2026-27477
Furong Huang @furongh
11K Followers 3K Following Assoc. prof. of CS at University of Maryland. Researcher in #PhysicalAI, #TrustworthyML, #EthicalAI, AI #Alignment, #AI for ALL.
Shao ZHANG @Alice_ShaoZHANG
268 Followers 123 Following PhD Student @sjtu1896 Shanghai Jiao Tong University Interested in HCI4AI, Human-AI Collaboration, Game AI, MAS
Qingxiu Dong @qx_dong
4K Followers 721 Following Research Scientist @GoogleDeepmind, #Gemini RL ✨ Prev: PhD @PKU1898, Intern @MSFTResearch Asia.
Tianshi Li @tianshi_li
3K Followers 618 Following Assistant Professor @Northeastern @KhouryCollege PEACH Lab, Prev @google @cmuhcii. Human-centered AI, and its intersection with privacy.
ACM CCS 2025 @acm_ccs
6K Followers 0 Following ACM Conference on Computer and Communications Security
YuanTian @Yuantest3
2K Followers 646 Following Associate Professor at UCLA; previously at UVA and CMU; Researcher of Security and Privacy
Ghulam Nabi Madni @GNMadani
121K Followers 863 Following Journalist,Anchor, Writer,Content Creator , YouTuber.Focusing on World Politics Especially Islamic World & Middle East.
Edward Snowden @Snowden
5.5M Followers 1 Following I used to work for the government, but now I work for the public.
Your Herbal Stroke Sp... @NY_amankwaa
75K Followers 462 Following Licensed and certified Medical Herbalist trained at KNUST ||Best stroke specialist || Safo Nyame Herbal Therapeutics || 📞+233557850151
Alex Barnicoat @AlexBarnicoat_
313K Followers 64 Following An Independent Journalist, running in the next election to save our United Kingdom.
TrendAI Zero Day Init... @thezdi
89K Followers 18 Following TrendAI Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
chompie @chompie1337
89K Followers 1K Following hacker, exploit developer/weird machine mechanic head of X-Force Offensive Research (XOR) @IBM
Haifei Li @HaifeiLi
9K Followers 151 Following For contact in the security community. NOTE: All the tweets are totally my personal opinions, not about any of my current employer stuff.
Ishika Mittal @imittalishika
3K Followers 1K Following Building @heyordo | ex-@amazon Robotics | Comp Eng @UofT | Fellow @joinodf @cansbridgeproj | AI engineer @ R&D Japan
Hiring @XHiring
51K Followers 9 Following Try job search at https://t.co/7dVBTNIpt5 (available on web and iOS).




























