Q5Ca @_q5ca
Chief Remote Work Officer at @u0Kplusplus duongq5ca.substack.com Vietnam Joined November 2017-
Tweets246
-
Followers960
-
Following400
-
Likes3K
Booyah it's been confirmed! 🎉 splitline (@_splitline_) of DEVCORE Research Team chained 2 bugs to exploit Microsoft SharePoint, earning $100,000 and 10 Master of Pwn points. Massive aura farming this year at #P2OBerlin. Full win! #Pwn2Own
And this one is human insight w/ LLM-assisted research. Took about one week to finish everything. The AI really rescued me from a lot of tedious work — excluding the part where it changed the Domain Admin password, locked me out, and claimed it got RCE 🤦
Aaaand it's official! Orange Tsai (@orange_8361) of DEVCORE Research Team chained 3 bugs to achieve Remote Code Execution as SYSTEM on Microsoft Exchange, earning a whooping $200,000 and 20 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin
Locked in! Le Duc Anh Vu (@vulda17) of Viettel Cyber Security (@vcslab) exploited Cursor, earning $30,000 and 3 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin
Aaaand it's official! Orange Tsai (@orange_8361) of DEVCORE Research Team chained 3 bugs to achieve Remote Code Execution as SYSTEM on Microsoft Exchange, earning a whooping $200,000 and 20 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin
There it is! Orange Tsai (@orange_8361) of DEVCORE Research Team was able to exploit Microsoft Exchange! If confirmed, they win a whooping $200,000 and 20 Master of Pwn points. Off to the disclosure room to explain how they did it and seal the deal. #Pwn2Own #P2OBerlin
Boom! @rewhiles of Viettel Cyber Security was able to exploit Anthropic Claude Code! If confirmed, they win $40,000 and 4 Master of Pwn points. They're off to the disclosure room to explain how they did it. #Pwn2Own #P2OBerlin
That's my chain — a full chain w/ logic bugs only! No memory corruption, no AI, and of course no collisions at all 😉
Confirmed! Orange Tsai (@orange_8361) of DEVCORE Research Team (@d3vc0r3) chained 4 logic bugs to achieve a sandbox escape on Microsoft Edge, earning $175,000 and 17.5 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin
@D1iv3 Thanks for the hint. Allow me to farm some aura 😉 gist.github.com/Q5Ca/586fa0a18… JFYI, codex 5.4 xhigh implemented most of it.
@ZackKorman Happened to me. Tried to remind you guys 😂
Just a quick reminder: Copilot on microsoft365.com (m365.cloud.microsoft/chat) is not on scope for bounty 🥲 duongq5ca.substack.com/p/another-micr…
Ước 🥹
Blog for ToolShell Disclaimer: The content of this blog is provided for educational and informational purposes only. blog.viettelcybersecurity.com/sharepoint-too… #SharePoint #ToolShell
@by6153 @haxor31337 Yes, but I think it didnt help much 😅
@GodfatherOrwa @HusseiN98D @haxor31337 Remember that! I’m comming!
@vudq16 Slide: 1drv.ms/p/c/362121a38b… Recording: youtube.com/watch?v=xBnMrN…
Happy to share that my colleague @vudq16 and I will be speaking at PHDays in Moscow 🇷🇺 next week, May 24th. I’ll share a story from one of our red team projects, with techniques to maximize stealth during the operation. Hope to make new connections there:D phdays.com/en/forum/progr…
@pfiatde @haxor31337 Here is it: 1drv.ms/p/c/362121a38b… Please tell me if there is any problem 😅
@HusseiN98D @haxor31337 Keep what’s in Moscow in Moscow man 🙏
@haxor31337 @GodfatherOrwa let see if we can get more views than you 🤣
Tuan Anh Nguyen⚡️... @haxor31337
16K Followers 2K Following 30 y/o Bug Bounty Hunter and Red Team Lead at Viettel Cyber Security. Brand Ambassador @Hacker0x01 - Researcher Spotlight @Bugcrowd
Pham Khanh @rskvp93
2K Followers 373 Following Security Engineer at @calif_io. Winner of Pwn2own Vancouver 2021, Torento 2022, Vancouver 2023. MSRC top 100 2019, 2020, 2021.
shubs @infosec_au
59K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnote
Nguyen Xuan Hoang @hoangnx99
702 Followers 130 Following Security Researcher at @vcslab Chief Finance Officer of @u0Kplusplus
VCSLab @vcslab
3K Followers 27 Following This is the Twitter channel of VCSLab - the research team of Viettel Cyber Security
Nguyen The Duc @ducnt_
3K Followers 392 Following Just another web warrior ⚔️ Security Researcher ۞ Principal Security Engineer @Verichains ۞ Pwn2Own 2023 ۞@vnsec squad ۞ 💰https://t.co/wuyz6IfAbA ۞ nano 💻
Hussein Daher @HusseiN98D
51K Followers 197 Following Entrepreneur, Hacker 🇱🇧🇨🇮 @WebImmunify 21th/270000 BugCrowd Hacking Platform
frycos @frycos
4K Followers 520 Following Private account! Red teamer @codewhitesec. @[email protected] @frycos.bsky.social
LamScun @LamScun
2K Followers 824 Following Researcher of mobile and web security issues. It's safer in the forest than on the internet.
Taidh @taidh_
361 Followers 522 Following Penetration Tester at VNPT Cyber Immunity | Cyber Security Reseacher | Redteam | SRT Member | Bug Bounty Hunter
huyna @huyna89
745 Followers 945 Following
Peter M @pmnh_
3K Followers 560 Following aka pmnh / ex-Security researcher / Synack #1 SRT 2022-2023 / Synack, HackerOne, BC / Deep recon / source code analysis. Opinions my own, not employer.
Khoa Dinh @_l0gg
2K Followers 117 Following
SinSinology @SinSinology
13K Followers 741 Following Pwn2Own 20{22,23,24*2,25*3,26*2}, i look for 0-Days but i find N-Days & i chase oranges 🍊
Le Hong Phuc @imlehongphuc
5 Followers 286 Following 📩 Cổng dịch vụ đa kênh HOME - TECH Media 🌐 https://t.co/csGfA4mxhG 📞Zalo 0989.998.249
lbao @bao190505
10 Followers 500 Following
bugsploiterr @systempwn3d
27 Followers 2K Following
Tuan Tran @tp0t125
1 Followers 66 Following
TS @TSyuuj
35 Followers 1K Following
beetrio189 @TrioBee24871
6 Followers 272 Following Last year student. Trying to get better at this security thing.
nh0kt1g3r12 @nhoktiger12
19 Followers 492 Following DFIR Enthusiast | Forensics CTF Player @f4n_n3r0 / @l3akctf
AngrFish @FishAngr4981
3 Followers 204 Following
Ongia Noel @NoelOngia8195
0 Followers 122 Following
Nam @namhv05
1 Followers 455 Following
zayne (zeyu) zhang @zeyu1337
3K Followers 2K Following 🇸🇬 | co-founder @hacktronai - your AI teammate for security | @projecteurope_ 🇪🇺 | cs @cambridge_uni 🇬🇧 | prev: @cure53berlin @tiktok_us, ogp | @Water_Paddler
Dang Hieu @hieudp01
4 Followers 71 Following
X0Dzeko @X0Dzeko
43 Followers 882 Following
naive_tester @naive_tester
24 Followers 2K Following
トピックス別株... @Rhefir04379
47 Followers 2K Following 【完全無料】 25年の株式投資プロチーム(運用資産500億円以上)が提供:毎日の市場分析レポート + 優良成長株のピックアップ。プロの情報を無料で。まずはお気軽にお問い合わせください。
ngtuonghung @ngtuonghung
0 Followers 89 Following
Shubham Khanna @Shubhamkhanna06
142 Followers 2K Following Explores and learns! Pentester by Passion. AI explorer. book lover! shares bug bounty tips
Huy Nguyen @HuyNguy03889789
9 Followers 853 Following my account somehow got hacked and spammed. Too lazy to clean it up, so just ignore the posts
nst @ngosytuanbug
2K Followers 503 Following
Ali Hz @AliHzSec
455 Followers 744 Following
Y @YongSeng_G
62 Followers 2K Following
nemo @JosephKanko4
208 Followers 3K Following Passionate about Ethical Hacking | CTF Player | I explore the vulnerabilities
Abdullah Asif @Abdulla36287154
13 Followers 607 Following
0xadt204 @0xadt204
3 Followers 478 Following
k0er @m1k0er
108 Followers 750 Following
Ahmed Badry @NomadSec0
2K Followers 1K Following offensive cyber security engineer eWPTXv3 & eMAPT & MCSA Geek 👽👽👽 Hall of Fame AT&T IBM Sony Honda Ford Vodafone DOD British Airways Stanford
GFX🇧🇩Ovi @mdovi303
432 Followers 3K Following An independent cyber security researcher. ✌Hall Of Fame by: Google,Uber,Payoneer,Hotjar,walmart,T- Mobile,Wetransfer and many more... 🙂
LisaColeman @yojiria1976
0 Followers 25 Following
Daniel @DMakewea
1 Followers 2K Following
GAMALIEL SANKAY TSHIS... @SankayMarc22830
112 Followers 5K Following
Hoang Tien Thanh @htthanh02
4 Followers 315 Following
Nahla @4r97sO8CbbY44
34 Followers 800 Following
Zack Korman @ZackKorman
14K Followers 2K Following Cofounder @ Embroidery. Building AI cybersecurity stuff.
Peter @peter_clowncs
179 Followers 1K Following (wanna be) security researcher & reverse engineer noob @r3kapig
Jus @Jus251129088141
6 Followers 355 Following
Two Seven One Three @TwoSevenOneT
5K Followers 2K Following Chief Security Officer (CSO) || Security Researcher at https://t.co/YsorB5YEAu || Penetration Tester || Red Teamer || Social Engineering Awareness Trainer
Mohammed Hr0x 🇲�... @medhr25
12 Followers 1K Following
TrendAI Zero Day Init... @thezdi
89K Followers 18 Following TrendAI Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
Tuan Anh Nguyen⚡️... @haxor31337
16K Followers 2K Following 30 y/o Bug Bounty Hunter and Red Team Lead at Viettel Cyber Security. Brand Ambassador @Hacker0x01 - Researcher Spotlight @Bugcrowd
Pham Khanh @rskvp93
2K Followers 373 Following Security Engineer at @calif_io. Winner of Pwn2own Vancouver 2021, Torento 2022, Vancouver 2023. MSRC top 100 2019, 2020, 2021.
shubs @infosec_au
59K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnote
Nguyen Xuan Hoang @hoangnx99
702 Followers 130 Following Security Researcher at @vcslab Chief Finance Officer of @u0Kplusplus
ϻг_ϻε @steventseeley
23K Followers 559 Following Artist disguised as a logician. Pwn2Own Winner. Spiritual Alchemy. An adept in the making.
VCSLab @vcslab
3K Followers 27 Following This is the Twitter channel of VCSLab - the research team of Viettel Cyber Security
Nguyen The Duc @ducnt_
3K Followers 392 Following Just another web warrior ⚔️ Security Researcher ۞ Principal Security Engineer @Verichains ۞ Pwn2Own 2023 ۞@vnsec squad ۞ 💰https://t.co/wuyz6IfAbA ۞ nano 💻
Sam Curry @samwcyo
101K Followers 1K Following
Hussein Daher @HusseiN98D
51K Followers 197 Following Entrepreneur, Hacker 🇱🇧🇨🇮 @WebImmunify 21th/270000 BugCrowd Hacking Platform
frycos @frycos
4K Followers 520 Following Private account! Red teamer @codewhitesec. @[email protected] @frycos.bsky.social
LamScun @LamScun
2K Followers 824 Following Researcher of mobile and web security issues. It's safer in the forest than on the internet.
Source Incite @sourceincite
3K Followers 4 Following We are Incite Team. Providing high quality Vulnerability Research & Training Services.
Horizon3 Attack Team @Horizon3Attack
12K Followers 54 Following @Horizon3ai Attack Team | Security Research | Exploit Dev | TTPs
clearbluejar @clearbluejar
2K Followers 447 Following Security Researcher | Founder @clearseclabs | Author of #ghidriff | Agentic #PatchDiffing | Stuck in a loop: Build • Reverse • Learn • Share
Limited Chan🐹 @LimitedChan
3K Followers 1K Following CyberSecurity・Threat Intelligence I generally don’t reply
Manfred Paul @_manfp
5K Followers 311 Following Security but not as in "national security". Playing CTFs with @redrocket_ctf (and @Sauercl0ud). Pwn2Own Vancouver 2020..=2024\{2023}. @[email protected]
Chi-en (Ashley) Shen ... @ashl3y_shen
5K Followers 1K Following Security researcher @TalosSecurity / Ex-Google TAG / Black Hat USA & HITCON Review Board / Organizer of @rhacklette41. My tweets are my own opinion.
rewhile @rewhiles
336 Followers 62 Following Pwn2Own 2026 | DEFCON 34 finalist Security Researcher @vcslab CTF with @infobahn_ctf @SuperDiceCode
Bruce Dang @brucedang
5K Followers 1K Following Sweeping the floor at https://t.co/CM8ErzxC5z (we are hiring). Previously at Microsoft/Veramine/Apple. author of Practical Reverse Engineering.
Hanqing Zhao @hankein95
1K Followers 3K Following Co-founder of stealth company | Tea Deliverers CTF Team | Georgia Tech SSLab @SSLab_Gatech | Co-lead AIxCC @TeamAtlanta24 | System & Security Research
Zhiyun Qian @pkqzy888
3K Followers 528 Following Professor @UCRiverside. Research on system and network security.
CISA Cyber @CISACyber
299K Followers 73 Following Part of @CISAgov, we respond to major incidents, analyze threats, and exchange critical cybersecurity information with partners around the world.
Dang Hieu @hieudp01
4 Followers 71 Following
Elizabeth Kenyon @lizkenyon07
4K Followers 2K Following Software developer, justice seeker, cat lover and occasionally funny.
trieulieuf9 @trieulieuf9
268 Followers 433 Following dreamer, humoristor, bug hunter. My blog: https://t.co/DD5SvLNZTV
nst @ngosytuanbug
2K Followers 503 Following
Tal Be'ery @TalBeerySec
11K Followers 2K Following Security Research Manager. Co-Founder, CTO @ZenGo. Advisor @ZeroNetworks. x-VP Research Aorato, acq by @Microsoft. 10 times @BlackHatEvents speaker.
DawnSecurityLab @dawnseclab
1K Followers 6 Following Dawn Security Lab focusing on system & iOT security https://t.co/H2vUNhaVd0
DARKNAVY @DarkNavyOrg
5K Followers 77 Following Cybersecurity enthusiasts from DARKNAVY. Achieve, Analyze, Attack *Oops.
Thomas Rinsma @thomasrinsma
1K Followers 349 Following Looking for strange loops and weird machines. Lead security analyst @CodeanIO.
CODE BLUE @codeblue_jp
7K Followers 643 Following CODE BLUE 2026: International cybersecurity conference 📆 Training: 11/13-15 |Conference: 11/17-18 📢 HP https://t.co/blERauQHdx
Offensive AI Con @OffensiveAIcon
1K Followers 17 Following Year 2 of the first con dedicated to exploring the offensive use of AI. Hosted by RemoteThreat. Oct 4-7, 2026 | Oceanside, CA #OffensiveAICon
Zack Korman @ZackKorman
14K Followers 2K Following Cofounder @ Embroidery. Building AI cybersecurity stuff.
Mikhail Klyuchnikov @m1ke_n1
5K Followers 151 Following n1 | Security Researcher at Positive Technologies | OSCP, eWPTX
Positive Technologies... @PTsecurity_EN
4K Followers 870 Following Embrace any digitalization challenge—we'll secure your cyber-resilience
0patch @0patch
8K Followers 223 Following Microscopic cures for big security holes. 0patch (pronounced 'zero patch') Bluesky: https://t.co/js7yaM3lqN Mastodon: @[email protected]
Dirk-jan @_dirkjan
30K Followers 207 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
H1 Disclosed - Public... @h1Disclosed
10K Followers 2 Following User friendly unofficial HackerOne public disclosures, keeps you updated about the recently disclosed bugs. Made With ♥ By Hackers For Hackers. - @rynosec
Tiểu Phương 🇻�... @tiuphun
3 Followers 19 Following
Akai 🇻🇳 @KMA_Akai
452 Followers 783 Following
Stephen Fewer @stephenfewer
10K Followers 258 Following Senior Principal Security Researcher @rapid7. Specializing in software vulnerabilities and exploitation.
Tur.js @Tur24Tur
6K Followers 1K Following Interested in Application Security, Bug Bounty, Reverse Engineering, Frida & Ghidra @NoBugEscapes @BugBountyZip https://t.co/bltifT1jkQ
Debangshu 🇮🇳�... @ThisIsDK999
8K Followers 1K Following Security Ninja/Thought Leader. @hacker0x01 Brand Ambassador. Top 200 | Hacker Advisory Board @bugcrowd. Founder @defndit Opinions are personal.
Bhavuk Jain @bhavukjain1
14K Followers 617 Following Trying to make internet a safer place for everyone. Unzipping IPAs @ https://t.co/ATg0ANlDP7. Pentest Lead @Hacker0x01. Helping businesses @ https://t.co/eTR0t82712
Ebrahem Hegazy 🇵�... @Zigoo0
35K Followers 933 Following Founder of @DarkEntryAMS. Vulnerabilities Hunter since 2013. ex Sr. Manager at Visa Inc, HackerOne, Deloitte, QCERT and EGCERT. Tweets are my own.
s1r1us (mohan) @S1r1u5_
14K Followers 2K Following aham nityaṃ śiṣyaḥ, jagat mama guruḥ. {~hacker~} {founder @ElectrovoltSec, @HacktronAI}
Brian Gorenc @MaliciousInput
3K Followers 509 Following Leader of the Zero Day Initiative. Pwn2Own organizer and adjudicator. Trafficker of export-controlled intrusion software. Bug Hunter.
Godfather Orwa 🇯�... @GodfatherOrwa
27K Followers 2K Following Hacker | Bug Hunter | Cooker | Top 5 P1 Warrior On https://t.co/dzFQH75OWj | LevelUpX Champion | 10+ 0Days/CVEs
Roy🇨🇦 @GrandpaRoy2
48K Followers 420 Following 🇨🇦 Grandfather | OSINT 🇺🇦🇷🇺 drone warfare, EW, munitions Breaking down technology, tactics, & trends Follow for clear, source-based, daily analysis




























