Hacker, bug bounty hunter, security researcher etc. I love everything security
Joined May 2008
- Tweets 2,198
- Following 831
- Followers 483
- Likes 709
35 Photos and videos
Pretty neat Pre-Auth RCE in Oracles identity manager, good read slcyber.io/research-center/b…
94
Hey @garethheyes is there a way to make hackvertor tags work when sending a websocket request to repeater? It only sends the actually tag, not replacing it with a value on the latest Burp :(
3
1,138
webhak retweeted
24 Jul 2025
Is your target leaking CSP violations left and right? Mikhail Khramenkov reveals how to hijack the onsecuritypolicyviolation event to trigger JS in hidden inputs - when unsafe-inline is in play and styles are blocked. Now live on our XSS cheat sheet.
Link to vector👇
ALT <input style=x type="hidden" onsecuritypolicyviolation="alert(1)">
4
21
111
7,929
webhak retweeted
24 Jul 2025
I'm happy to release a script gadgets wiki inspired by the work of @slekies, @kkotowicz, and @sirdarckcat in their Black Hat USA 2017 talk! 🔥
The goal is to provide quick access to gadgets that help bypass HTML sanitizers and CSPs 👇
gmsgadget.com/
1/4
12
173
459
42,867
We are super excited to share that we acquired the Shift Plugin (shiftplugin.com/) and we are making it free to Caido paid users 🚀
Shift is a Caido plugin that is a smart AI companion for your hacking. It can craft payloads, Match&Replace rules, HTTPQL queries and much more.
All details here: caido.io/blog/2025-07-16-shi…
6
20
141
9,539
webhak retweeted
8 Jul 2025
🚀 New on the BApp Store: UnUnicode
🔍 Automatically decode nested Unicode sequences in requests, responses, and WebSocket messages.
🧩 Custom tab for viewing unescaped content, enhancing visibility for manual inspection.
📄 Includes "pretty print" functionality for JSON content
17
101
5,183
When applying for a job at McDonald's, over 90% of franchises use "Olivia," an AI-powered chatbot. We (@iangcarroll and I) discovered a vulnerability that could allow an attacker to access the over 64 million chat records using the password "123456".
ian.sh/mcdonalds
18
117
469
41,922
webhak retweeted
23 Jun 2025
How do we turn bad SSRF (blind) into good SSRF (full response)? The @assetnote Security Research team at @SLCyberSec used a novel technique involving HTTP redirect loops and incremental status codes that leaked the full HTTP resp. It may work elsewhere! slcyber.io/assetnote-securit…
7
177
642
46,122
Love this! Have to step up my dependency confusion game - landh.tech//blog/20250610-ne…
63
webhak retweeted
13 Jun 2025
After @0xLupin's great article on dependency confusion on Netflix, some people suggested that I added a detector for npm packages in jxscout. I think this will be a great addition, I'll make a new pro release soon with this detector!
Original article: landh.tech/blog/20250610-net…
4
17
118
7,774
webhak retweeted
13 Jun 2025
Did you know an input can use the form attribute to link to a form by ID letting it submit with the form even if it’s placed outside of it!? 👀
In this PHP example, an input outside the form adds a URL argument and only the second parm value (1337) is echoed.
S/O to @encodeart and @ctbbpodcast! 🔥
4
13
85
7,224
webhak retweeted
11 Jun 2025
AI is so hot right now that in a short while, specializing in AI will be about as common as specializing in software development.
Everyone SHOULD learn how to adapt to it, but also everyone WILL learn it. Find a way to keep your skillset niche and unique.
3
2
57
3,830
webhak retweeted
18 Apr 2025
“Please limit your traffic to 2 requests per second when testing” my brother in planet earth, a legit website browsing would generate more requests per second
2
4
66
4,885
webhak retweeted
23 Apr 2025
I just built a custom action to let you test for race conditions with a single click! No tab groups required, and it uses the cutting edge single-packet attack under the hood.
8
61
351
25,278
webhak retweeted
21 May 2025
💡 Tip!
When looking for subdomain takeover vulnerabilities, don't just examine the CNAME records... 👀
Inspect the HTTP response too, as it can reveal more accurate signs of a third-party service that might be susceptible to subdomain takeovers! 😎
3
6
50
4,357
I've recently put more work into my ffuf fork, uff, and I think every ffuf user should at least give it a try - and maybe even switch to it.
Here's why, in a #bugbounty 🧵
12
75
468
56,078
webhak retweeted
15 May 2025
Sharon Brizinov made ~$64k by recovering secrets from deleted files in public Git repos. Even after using git rm, files remain in the history stored in the .git/objects dir until garbage collection runs.
Here's the command to use:
3
84
406
22,220
A fix from Google was released today. Part of the issue was due to my misunderstanding based on previous reports.
Big thanks to chromium team for the quick resolve
I hope everyone had some fun, and apologies to the triagers on HackerOne XD
Today I used a technique that’s probably not widely known in the community.
In what cases could code like this lead to a vulnerability? ->
14
26
199
43,445
webhak retweeted
Don’t miss it!! 👇🤘
#NahamCon2025
5 May 2025
🎉 Hyped for #NahamCon2025!
✨ Day 1: Full AI x Offensive Security track with
@jhaddix, @rez0__ , @DanielMiessler,@wunderwuzzi23, @monkehack, @xssdoctor.
Details: NahamCon.com
#InfoSec #bugbounty #CyberSecurity
1
5
26
6,301