Security Researcher | Red teamer | Bug Bounty hunter
Joined May 2020
- Tweets 62
- Following 91
- Followers 611
- Likes 292
4 Photos and videos
Bitmap retweeted
Jan 8
We've all done it: upload a webshell, get code execution and move on. But what if your target is being monitored ?
In our latest blog post, we tackle webshell tradecraft in monitored networks including disk activity, process context, and HTTP patterns.
blog.tracehunt.com/webshell-…
1
3
233
Bitmap retweeted
18 Dec 2025
SSH access to a system ?
🎯 Red teamers: Avoid interactive sessions to prevent entries in the `last` log. Run commands with `notty` by appending your cmd to the SSH command.
🛡️ Defenders: Monitor unexpected origin IP's in the `last` log and modifications to `/var/log/wtmp`
1
123
Bitmap retweeted
17 Dec 2025
SNMP enum in legacy/OT networks:
🎯 Red teamers: use specific MIB's that contain useful info such as `HOST-RESOURCES-MIB::hrSWRunParameters` instead of cycling the entire MIB range with snmpwalk
🛡️Defenders: Flag snmpwalk packets starting with 0x30 and containing 0xA1 or 0xA5
1
136
Bitmap retweeted
3 Dec 2025
Just published a breakdown of 3 easy red team mistakes SOC or threat hunters spot instantly.
Noisy recon, weird process chains, offensive infra misconfigurations, ... ( TraceHunt shots 👀)
If you’re in red/blue teaming or threat hunting, Check it out👇
blog.tracehunt.com/3-common-…
1
1
127
Bitmap retweeted
23 Nov 2025
If you’ve ever done an engagement and thought “wow, that command was loud,” this one’s for you.
I wrote about the OPSEC gap in current offensive trainings and how we’re tackling it with TraceHunt.
If you want your ops to be cleaner than your `/tmp/`:
blog.tracehunt.com/mind-the-…
1
1
144
27 Aug 2022
I’m so grateful to be invited to the #1337up0822 LHE hosted by @intigriti and @TheParanoids. I’ve met a lot of new faces and had a blast throughout the entire event. Cherry on top was today’s visit to the BelgianGP F1 race 🏎 Congrats to the winners and see you next time ✌️
1
24
22 May 2022
See you next year! 🔥🔥
I’ve had a amazing time meeting all of these amazing people! Truly a great group!
@jellemulck @renniepak @SanderWind @real_bitmap @holme_sec @0xJeti @jerreljosee @p4fg @bug_dutch @YanZaX @Z3r0day0x41 @m_milux @0xkasper @GrumpinouT @StanFaas @plenumlab @Kuromatae666 @BitK_
1
11
At the Hacker Mansion with @jellemulck @renniepak @SanderWind @real_bitmap @holme_sec @0xJeti @jerreljosee @p4fg @bug_dutch @YanZaX @Z3r0day0x41 @m_milux @0xkasper @GrumpinouT @iqimpz @plenumlab @Kuromatae666 @BitK_
Powered by @intigriti
2
6
45
Bitmap retweeted
14 May 2022
Multiple bugs chained to takeover Facebook Accounts which uses Gmail. ( $42k )
ysamm.com/?p=763
57
471
2,242
Bitmap retweeted
28 Apr 2022
🟣 #1337uplive release 7/10!
🟣 Today, @honoki is taking us on a journey on how to code you very first bug bounty tool! 🔨
#bugbounty #bugbountytips
Watch now! 👇
youtu.be/zh5AUKk0hJc
6
24
22 Mar 2022
My @intigriti #1337uplive talk is now available on YouTube. Go check it out 👇
22 Mar 2022
🟣 #1337uplive release 2/10!
🟣 Today, @real_bitmap shows us some very special research on hacking hosting providers! Fun and profit included 💰
Watch now! 👇
youtu.be/o34FfpknQ0w
3
2
17
17 Mar 2022
Received my @snackmagic gift from @intigriti today for being a speaker at the 1337uplive conference last weekend. Nothing better than a large stack of Belgian waffles 😋🧇🇧🇪. Thanks again for the amazing event!
1
27
Bitmap retweeted
12 Mar 2022
Now starting: @real_bitmap's talk "A “symbolic” talk - Hacking hosting providers for fun and profit"#1337uplive
📺 Tune in: intigriti.com/1337uplive
📅 Agenda: intigriti.com/1337uplive/age…
2
19
10 Mar 2022
Hell yeah 🤘 🔥
10 Mar 2022
🟣 Guess what:
@0xLupin, @bug_dutch, @SanderWind, @_superhero1, @real_bitmap, @_JohnHammond, @JoakimTauren, @thefluffy007, @InsiderPhD, and @honoki are all ready for you 🥊
Comment down below the country where you will be watching from 🌎🌍🌏👇
3
Bitmap retweeted
10 Mar 2022
🟣 Guess what:
@0xLupin, @bug_dutch, @SanderWind, @_superhero1, @real_bitmap, @_JohnHammond, @JoakimTauren, @thefluffy007, @InsiderPhD, and @honoki are all ready for you 🥊
Comment down below the country where you will be watching from 🌎🌍🌏👇
34
9
54
Let me introduce you to KrbRelay, the only public tool for relaying Kerberos tickets and the only relaying framework written in C#.
No-fix LPE No-fix Cross-Session, VDI deployments has never been more broken.
Demo at Images/demo.mp4 !
github.com/cube0x0/KrbRelay
16
433
1,006
8 Feb 2022
Tune in on March 12th, 4PM CET! I will be hosting a talk about hosting provider security. There will be bugs 😉🐛
8 Feb 2022
🟣 We are so excited to present you the very first @intigriti virtual live bug bounty conference!
🟣 When: March 12th, 4PM CET
🟣 What: Free #bugbounty conference with 10 incredible speakers including a 24 hour long CTF!
🟣 Where: intigriti.com/1337uplive
Save the date everyone!
1
7
Today we're publishing a detailed technical writeup of FORCEDENTRY, the zero-click iMessage exploit linked by Citizen Lab to the exploitation of journalists,
activists and dissidents around the world. googleprojectzero.blogspot.c…
56
1,472
4,170
Bitmap retweeted
10 Dec 2021
[thread 🧵] lets all welcome the new kid in town 😈
✨ Kerberos sAMAccountName spoofing ✨ from regular user to domain admin, because Microsoft didn't care enough about it's $$$
thehacker.recipes/ad/movemen…
12
229
565