@d3vilbug profile picture
bugzy @d3vilbug

n00b, wanna be hacker one day

Joined March 2016
  • Tweets 100
  • Following 1,006
  • Followers 280
19 Photos and videos
Pinned Tweet
bugzy @d3vilbug
5 May 2025
Just published: Witcher: Managing GitHub Advanced Security (GHAS) Controls at Scale Read full article here: d3vilbug.github.io/posts/wit… Witcher: github.com/mf-labs/witcher #ApplicationSecurity #SAST #CyberSecurity #CodeQL #GHAS #witcher #SSDLC #ShiftLeftSecurity #AppSec #pentest

GitHub - mf-labs/witcher: Managing GitHub Advanced Security (GHAS) Controls at Scale

Managing GitHub Advanced Security (GHAS) Controls at Scale - mf-labs/witcher

github.com
1
89
bugzy @d3vilbug
5 May 2025
Just published: Witcher: Managing GitHub Advanced Security (GHAS) Controls at Scale Read full article here: d3vilbug.github.io/posts/wit… Witcher: github.com/mf-labs/witcher #ApplicationSecurity #SAST #CyberSecurity #CodeQL #GHAS #witcher #SSDLC #ShiftLeftSecurity #AppSec #pentest

GitHub - mf-labs/witcher: Managing GitHub Advanced Security (GHAS) Controls at Scale

Managing GitHub Advanced Security (GHAS) Controls at Scale - mf-labs/witcher

github.com
1
89
bugzy @d3vilbug
5 May 2025
This post explores the limitations of GitHub Advanced Security (GHAS) and how Witcher enhances security management by providing greater scalability, control, and efficiency across repositories.
1
34
bugzy @d3vilbug
5 May 2025
Witcher is a tool designed to streamline and automate security control management for GitHub repositories. Whether you’re enabling CodeQL, Dependabot, Secret Scanning, or IaC scanning, Witcher empowers you to implement and monitor security features across multiple repositories.
34
bugzy retweeted
BSides Berlin @SidesBer
18 Sep 2022
#BSidesBerlin is back! Save the date: Saturday 26.11 at @cbase and online The CFP is Open until 16.10 papercall.io/bsides-2022-ber… Tickets are available on our website bsides.berlin @SecurityBSides @cfp_time

3
19
27
bugzy @d3vilbug
11 Apr 2022
Our team mango won the first place of @nullcon berlin onsite ctf. thanks to @nullcon @antriksh_s and HackIM team for this amazing experience and LightSaber 😁 #nullcon #nullconberlin
1
6
32
bugzy @d3vilbug
9 Apr 2022
Day 02 started with @albinowax talk ..... one of the interesting talk on web application security #NullconBerlin
2
4
bugzy @d3vilbug
8 Apr 2022
i am going to attend Nullcon Berlin 2022 using public transport #tramps #greencon
2
9
bugzy @d3vilbug
7 Apr 2022
#NullconBerlin2022 talk #2 was fun and interesting .... uncovering smartness of today's smart devices 😁
1
3
bugzy @d3vilbug
7 Apr 2022
more details at mandiant.com/resources/mandi…
bugzy @d3vilbug
20 Jun 2021
I'll be giving one hours session today from 6:00 PM - 7:00 PM PKT with @BSidesPakistan teams.live.com/meet/95326814… Session: 1. Demo of encryption and decryption of request & response on the fly (below are a few scenarios) 2. Decrypting Mobile App Traffic using AES Killer and Frida
8
bugzy retweeted
BApp Store @BApp_Store
13 May 2021
Added: AES Killer, decrypt AES traffic on the fly portswigger.net/bappstore/e5…

AES Killer, decrypt AES traffic on the fly

Decrypt AES traffic on the fly

portswigger.net
2
11
bugzy @d3vilbug
13 May 2021
My second extension AES Killer published in the @PortSwigger BApp store. portswigger.net/bappstore/e5… #cybersecurity #infosec #informationsecurity #pentesting #burpsuite #bugbounty #mobileappsecurity #applicationsecurity #pentester #aeskiller #aes_killer #frida #mobilesecurity
3
7
9
bugzy @d3vilbug
13 May 2021
GitHub: github.com/Ebryx/AES-Killer For more info and usage kindly read below blog posts - n00b.sh/posts/aes-killer-mob… - n00b.sh/posts/aes_killer-usa…
1
bugzy @d3vilbug
30 Apr 2021
In my second blog post, I have explained how one can decrypt the AES Encrypted mobile app traffic on the fly using AES Killer and Frida. n00b.sh/posts/aes-killer-mob… #cybersecurity #infosec #informationsecurity #pentest #burpsuite #bugbounty #mobileappsecurity #frida #MobileSecurity
5
81
219
bugzy @d3vilbug
20 Apr 2021
Released AES Killer v4.0 GitHub: github.com/Ebryx/AES-Killer Guide: n00b.sh/posts/aes_killer-usa… #cybersecurity #security #infosec #informationsecurity #pentesting #pentest #burpsuite #plugins #hackbar #bugbounty #mobileappsecurity #applicationsecurity #pentester #aeskiller #aes_killer
1
4
10
bugzy @d3vilbug
20 Apr 2021
This BEAST will work with encryption & decryption of traffic on - Complete Request and Response - Specific Request Parameters and complete response - Specific JSON Request parameters and complete response - Specific Request and Response Parameters - Override Request and Response
1
1
bugzy @d3vilbug
20 Apr 2021
bugzy @d3vilbug
15 Apr 2021
Now you can directly install HackBar from the Burp suite BApp store, Thanks to the @PortSwigger Product Team portswigger.net/bappstore/c1… #pentesting #pentest #burpsuite #plugins #hackbar #bugbounty #mobileappsecurity #applicationsecurity #pentester #infosec
1
2
bugzy @d3vilbug
13 Apr 2021
Released an update for HackBar (Burpsuite Plugin), shifted from NetBeans to Gradle and a few bug fixes. HackBar (Burpsuite Plugin) github.com/d3vilbug/HackBar/ Latest Release: github.com/d3vilbug/HackBar/… #pentest #burpsuite #plugins #hackbar #BugBounty #MobileSecurity
3
bugzy @d3vilbug
12 Apr 2021
Published a new variant for AES_Killer where the application was encrypting specific parameters in request with one key and later on encrypting a whole request body with another key. github.com/Ebryx/AES-Killer/… #pentest #burpsuite #plugins #aes_killer #BugBounty #MobileSecurity
2
1
Load more