Information Security | Cyber Security | Web App Pentesting |
Joined October 2020
- Tweets 252
- Following 85
- Followers 184
- Likes 234
63 Photos and videos
Pinned Tweet
2 Jul 2024
⚠️ New video alert! ⚠️
Just uploaded a detailed walkthrough of @hack_sparo Death Note challenge on THM! 🚀
File upload exploits, SSH Misconfig, File immutability & Append Only attributes and Simple Docker breakouts.
Check it out with the link below! 👇
youtu.be/emBZdoqjsCc
1
2
18
2,059
CTF Security retweeted
May 21
PwnShop has no flags. Real targets don't have them either, they have consequences.
Stolen accounts. Free orders. Full admin access. That's the impact we want you to feel.
Web: github.com/ctfsec/pwnshop
pwnshop.ctfsecurity.com
Mobile: github.com/ctfsec/pwnshop-mo…
2
7
88
CTF Security retweeted
May 20
OWASP LLM08 Excessive Agency. When an AI agent has more permissions than it needs with no verification before acting.
I Asked PwnShop Mobile Chatbot to credit my wallet. It asked for a WALLET_TOPUP_OVERRIDE_KEY.
Can you get the credit applied?
github.com/ctfsec/pwnshop-mo…
1
4
94
May 13
Pwnshop Mobile is here 📱
The Android version of Pwnshop is live. OWASP Mobile Top 10, LLM Top 10, and API business logic flaws. No setup needed, just download the APK and start hacking.
github.com/ctfsec/pwnshop-mo…
3
252
CTF Security retweeted
Apr 30
We got our first our first admin pwn.
Apr 29
Built a vulnerable e-commerce app for pentesters and AppSec engineers to hack legally. 40 vulns. OWASP Top 10 (2025) LLM Top 10.
Hack it live or spin it locally with Docker. pwnshop.ctfsecurity.com github.com/r007sec/pwnshop
#AppSec #BugBounty #OWASP
1
10
663
Apr 30
If you want to see what pwnshop intentionally vulnerable code actually looks like under the hood, the full source is open.
Read the code, find the flaws, break the app.
github.com/r007sec/pwnshop
#AppSec #BugBounty #OWASP
1
3
40
Apr 29
We built a vulnerable e-commerce app you can hack legally.
Pwnshop has over 40 vulns. OWASP Top 10 (2025) LLM Top 10.
Live and ready. Spin it locally with Docker or hack it straight from your browser.
pwnshop.ctfsecurity.com
github.com/r007sec/pwnshop
#AppSec #BugBounty #OWASP
1
18
CTF Security retweeted
Apr 29
Built a vulnerable e-commerce app for pentesters and AppSec engineers to hack legally. 40 vulns. OWASP Top 10 (2025) LLM Top 10.
Hack it live or spin it locally with Docker. pwnshop.ctfsecurity.com github.com/r007sec/pwnshop
#AppSec #BugBounty #OWASP
1
14
31
4,567
CTF Security retweeted
Apr 20
Some Telegram channels, public and private, block you from saving media even when you're a member.
TeleReap bypasses save restrictions at the API level, bulk downloads, channel intel, auto-watcher, scheduler, file browser, history log & cloud upload.
github.com/r007sec/telereap
1
3
176
CTF Security retweeted
21 Dec 2025
NETWORK PLUS DAILY
4
3
23
2,099
21 Dec 2025
This video shows you how to track down a mysterious photographer using powerful OSINT techniques
youtu.be/dUa84Q99B6Q?si=iLM3…
1
1
64
9 Dec 2025
We crossed 3,000 on YouTube today. We appreciate every single person who subscribes, watches, and shares.
youtube.com/@ctf-sec?si=syRB…
1
20
6 Dec 2025
We’re so close to 3,000 subscribers. Only 3 more to go! Thanks to everyone who’s been part of this journey so far. Let’s hit 3k together and keep growing.
1
2
42
30 Aug 2025
Hijacking Eureka User Management Microservices and Heapdump Memory Leak Analysis
youtu.be/cZUE7QYiktc?si=5lcU…
1
221
18 Mar 2025
Exploiting Path Traversal on Ruby on Rails 7.1.4 to Access config/database.yml – Leaking Database Credentials
48
CTF Security retweeted
7 Mar 2025
Bypassing XSS blacklist filters
gist.github.com/shuding/8b1e…
1
10
477