@nnwakelam profile picture
Nate @nnwakelam
Joined October 2013
  • Tweets 16,670
  • Following 1,049
  • Followers 43,326
946 Photos and videos
I chat to @brutecat sometimes and I’m always really sincerely impressed by how he puts together logic and the way he’s rationalising his way through problems. I didn’t have a deep grasp of Google, and just even being able to reference his blog posts to understand the Google stack was really invaluable.
skull
@brutecat
Jun 11
Hacking Google with A.I. for $500,000 brutecat.com/r/hacking-googl…
2
14
329
28,069
81
40
3,014
274,271
All pharmacies should be legally mandated to have a seat with a PlayStation that you can use while your girlfriend canvasses the pharmacy like it’s a crime scene
2
1
35
7,564
I can't stress it enough when I say I would rather commit ritualistic japanese suicide and die a warriors death than sit around training bug bounty platforms to automate me out of the pipeline with my bug reports
5
16
208
14,706
waiting for bounty payouts
9
22
258
11,860
honestly if you can't make money in an age where you can literally ask a computer to hack something and it just does it for you you don't deserve the money anyway
11
15
243
17,484
7
216
13,241
How the fuck does an account recovery flow make it onto Facebook where you can just ask an LLM to give you a password reset for someone else’s account?
11
6
335
24,297
Just spent 3 days on a target and escaped from a jail… into a significantly less permissive build jail.
3
40
5,976
I have one avenue to get RCE on the host with a TOCTOU that I will verify tomorrow and then I’m going to leave it
7
3,272
Really excellent
Preben
@prebenve
May 28
Found a cool bug at Meta. From misconfigured Grafana instance to R/W access on 507 private Meta repositories. Wrote up the full chain here: sectricity.com/blog/misconfi… $157k bounty awarded by @metabugbounty
1
85
16,708
Does anyone follow me who registered for blockchain.info before 2012?
3
8
8,089
I’ve got a tonne of hardware here I’m barely using if anyone has any old wallets they want me to have a go at cracking hit me up. 🙏
2
16
4,626
I’ve got an old edge wallet of mine I’m trying to crack that I know has like $80,000 in it, so I can promptly give that money to NVIDIA and buy more GPUs.
6
1
41
7,737
It’s a vicious cycle
2
3,744
I really lost my passion for hacking in a big way the last 18 months but it’s nice knowing AI has not made me an antique just yet 😀
18
9
600
22,100
wow cracking scrypt is a real piece of shit hey
8
3,596
the face you make waiting politely for your bug reports to get paid
1
3
75
4,828
Nate retweeted
skull
@brutecat
May 22
StubZero: $148,337 RCE in Google Cloud Production brutecat.com/articles/google…

StubZero: $148,337 RCE in Google Cloud Production

A chance Discord message, two missing pieces, and one hour before the window closed: From info leak to RCE on Google Cloud. Three months later, it happened again.

brutecat.com
16
174
760
84,702
Nate retweeted
Lupin
@0xLupin
May 21
I managed to RCE Fortune 500 companies and made over $50,000 with this technique. A new npm supply chain technique we just disclosed. The trick is dumb-simple. We call it npx Confusion. 🧵
10
56
390
25,398
Load more