Bug write-up for "Google AI Studio XSS" ndevtk.github.io/writeups/2026/… (ノ*・ω・)ノ
English
NDevTK
338 posts
Many people messaged me that the solution I explained worked for them, but they still get the same error again, so here is what I found:
The approval email you receive is tied only to the specific chat where the token was generated
After filling out the form and getting approved, you can continue working in that same chat but this approval does not apply to new chats.
From what I’ve seen, even after getting 4–5 approvals, the error still appears in future sessions, but for the approved session, I can continue working without issues. I think they may introduce a trusted cybersecurity program soon similar to the one announced by @OpenAI, where things will be more managed instead of submitting an application every time.
#Anthropic #Claude #ClaudeCode
Tur.js@Tur24Tur
Finally @AnthropicAI approved my cyber use case in just 2h 25min upon submission For people getting rejected provide your profile: @Hacker0x01, @Bugcrowd, and a project with one of your github repos. Much appreciated, Anthropic team 🤎 #InfoSec #Anthropic #BugBounty
English
@S1r1u5_ Can you share what kind of task you are asking it to do? I got my request for less safeguards in Claude approved, but I might have not asked for enough to do straight up exploit dev
English
Thought of using codex and it doesn't even budge.
How are you bypassing the guardrails on codex? we applied to cyber thing, got no response.
s1r1us (mohan)@S1r1u5_
hi @AnthropicAI, our request to remove claude safeguards was denied. we would really appreciate a reconsider, we're not just any company. mythos access would be great too 😉 check the thread for our work securing AI & OSS products like Atlas, Antigravity, Windsurf 🧵👇
English
ndev.tk/htmldom/ got more complicated it now converts unsafe sinks to safe DOM API calls and traces taint from sources to sinks across files, functions, and control flow. Maybe can reuse code in extension :)
English
@ndevtk I made a similar thing once when I was working on some docx generation, with a slightly different stylistic choice of using scopes to clearly show nesting:
gist.github.com/JorianWoltjer/…
English
I made a HTML/CSS to DOM API converter! ndev.tk/htmldom/ this project doesn't use Babel JS because I couldn't be bothered.
English
The first version of APIClient has been released chromewebstore.google.com/detail/api-sec… it supports API learning with key tracking based on usage and Google/Swagger discovery documents plus XSS finding also replacement for postLogger extension. It's not perfect, create GitHub issues :)
English
>> It appears your recent prompts continue to violate our Acceptable Use Policy. If we continue seeing this pattern, we’ll apply enhanced safety filters to your chats. Learn more »
Here we go!!!!
s1r1us (mohan)@S1r1u5_
it is interesting how dario and anthropic out of all the frontier model companies make the most noise about cyber espionage and ai risk but still keep claude's guardrails pretty loose. smart marketing move honestly. not sure if it is delibarate, they are basically setting up a narrative where if there's a 0-day it's because of claude, and security researchers are eating it up, making noise left and right with "claude did this, claude did that." crazy pr, tbh meanwhile openai fumbled the whole thing by going the other way, openai models are par with opus but nerfing their model with insane guardrails that make it barely usable. too bad, there won't be blogs from security researchers that codex wrote a kernel exploit or a vim bug.
English
github.com/NDevTK/APIClie… has been recovered does both API learning and XSS finding it's not perfect but I'm starting to get over it. Hopefully this time I will release and not delete it.
English
Taint analyser is replaced with CodeQL Chrome github.com/NDevTK/codeql-… because trying to get AI to build a code graph then integrate it with an SMT was annoying. I asked something basic like trace the internals of jquery it made a fake version.
English
Bug write-up for "Google XSS part 3" ndevtk.github.io/writeups/2026/… \^o^/
English
the amount of features they ship everyday tells you no model is anywhere near close. opus 4.6 is truly a goated model.
Felix Rieseberg@felixrieseberg
We're shipping a new feature in Claude Cowork as a research preview that I'm excited about: Dispatch! One persistent conversation with Claude that runs on your computer. Message it from your phone. Come back to finished work. To try it out, download Claude Desktop, then pair your phone.
English
@randomunkn36565 There's a share button for browsable intents but for the other intent types it would need ADB exports or its own deeplink system that prefills the fields (preferred by me) crashes in large apps is a problem will hopefully get better with updates.
English
@ndevtk Just wanted to say, the apps amazing! It just sometimes crashes when analysing huge apps, but rest, it's amazing, I have, one suggestion maybe add something that allows you to build a poc easily. This app made it really easy for me to get into android bug hunting
English
🚀 I'm releasing AndroHunter-v, my on-device Android security toolset developed for bug hunters.
17 modules. No root required. Works on Android 10+.
👉 github.com/ynsmroztas/And…
#bugbountytip #bugbountytips #infosec #recon #Android #PenTest
Yunus Emre Öztaş@ynsmroztas
Did you know you can perform SQL injection tests on mobile applications using Ghauri or SQLmap? 🥳🥳🥰🥰 I managed to test potentially critical endpoints by combining both applications. This way, you won't have to connect to the Android application via proxy or deal with SSL Pinning issues; you can directly subject the application to SQL injection tests. I'll be sharing a great article and my tools about this soon, so stay tuned! 🌹🥳🥳 #bugbountytip #bugbountytips #infosec #recon #Android
English
The test release of DroidProbe is published after joining groups.google.com/g/droidprobe it can be installed at play.google.com/store/apps/det… please provide feedback :)
English
github.com/NDevTK/DroidPr… Contextual GUI via code analysis all the things.
English
@a7mad__n1 @GoogleVRP based on the info above your issue on `T3b` since it is `Execute code on the client (C0)` it means they bounty is `$200` so why you said i got `$$$$` is it fake or what!!
English
Yeah I reported a high issue to Google for ++++ time and got $$$$.
Alhamdullah for everything, thanks Google @GoogleVRP 😍🔥.
Who is interested in joining my private channel, DM me t.me/a7mad_n1
#bugbounty #cybersecurity #Hack #bounty #Googlevrp
English
A no-code web-based GUI for Chromium MojoJS security research with automated binding generation. Tempted to add an AI chat bot. github.com/NDevTK/MojoGUI
English
An experimental WinDbg debugging toolkit for Chromium security researchers: github.com/NDevTK/chromiu…
Bug write-up for OAuth redirects don't check for SSL/TLS: ndevtk.github.io/writeups/2025/…
Summarizer theme on my writeups website now works on desktop chrome again! 🦆
English