@monkehack I was thinking of a browser exploit to get started and then hopefully get a shell Vis that
English
Random Robbie
3.3K posts
Random Robbie
@Random_Robbie
Hunting vulns. Exploits are real. Opinions are yours. Blame yourself, not me. Anything posted here is on you not me. #LFC
North West, England Joined Ağustos 2009
6K Following15.5K Followers
@Random_Robbie Didn’t really dig into it yet. It’s quite locked down by default iirc
English
Any hardware hackers hacked the Facebook portal yet? Seeing it's EOL
English
@Random_Robbie I bought one like 2 years ago when it was already obsolete, for this purpose lol
English
@lennaert89 The problem I have is deciding which is worthy. Blind ssrf for me only report when you can at least probe and tell the difference. Some others I'm always like meh I dunno if it's with while
English
I've come to realise that instead of trying to have a bar of 7.3 CVVS I can report 5.3's a clean up all the smaller bountys
English
@DataChaz Any one who kept data from the shai hulud attack can vouch.
English
With Voicebox, @ElevenLabs just lost its moat.
→ Powered by Alibaba's Qwen3-TTS for near-perfect cloning
→ Ships with a DAW-like "Stories Editor"
→ No cloud, runs locally on your machine
100% Open Source. 100% Local.
Link to repo in 🧵↓
English
@DataChaz @ElevenLabs Elevenlabs pretty much is using openai. I reported an issue a while back after a supplychain attack and pretty much all their Dev keys were openai
English
@iangcarroll Wouldn't it be the app when logged in it pings back to it or when they detect a new device from app sign in?
English
Capital One bans you from using your points for up to an entire month if you get a new device (IMEI) or carrier, and there is no workaround.
One of the worst fraud rules I have ever seen and it has been this way for over a year now. Why can they even detect this?
English
Which type of bug do you enjoy hunting the most? 👇
#BugBountyTips
English
@yeswehack Fast turn around and good bountys and decent scope.
English
We asked @yeswehack hunters what drives their program choices. The top factor? Program reputation for fast report acceptance and fair, timely payouts.
Agree, hunters? 👇
Full survey results in our 2026 report: choose.yeswehack.com/bug-bounty-rep…
English
Fair play drop a report as I'm trying to improve it the creds found are invalidated hahaha
English
Random Robbie retweeted
Spice Girls completely redubbed by a dude, is one of the most hilarious things we've ever seen!
English
@PolitlcsUK Can some one tell me how much in benefits you can earn as apparently the JSA seems to be enough for people to say you can earn more than working?
English
20.7% of UK adults between the ages of 16 and 64 are said to be economically inactive, meaning they aren’t in work and are not actively looking for work
Full stats:
ons.gov.uk/employmentandl…
English
wish more programs did this to show their appreciation!
might have to poke at Swisscom👀
Blaklis@Blaklis_
The best trophy I received in my bug bounty career, by far! Thanks @swisscom_csirt - it always has been pleasure to work with you all - and happy to see my work appreciated and respected! 9 years of hunting it - 10th one coming soon! 🎂 #bugbounty
English
AI Security Tool: 🐞 This expert-level vulnerabilitiy would take an expert hours to discover manually!
Strix AI agents can do it in 9 Minutes!
Learn more about Strix here docs.strix.ai
Or join the Hacking Masterclass and learn how I set it up with paid, FREE and local AI models 👇
zsecurity.org/memberships/
English