Tech Girl

@snyff This means developers and security engineers do not need @PentesterLab or similar offerings. They are just one prompt away from learning, creating, analyzing everything and enhancing their security skills 💥🤯

AppSec is over! Just tell your developers to add "Make no mistakes" to their prompt 💥🤯

@hugopicanzo @SpotifyEng @Spotify @Hacker0x01 @Spotify @SpotifyEng run very poor/bad bug bounty program. They basically do not care about vulnerabilities. If you disclose one, they will spend every dime on legal proceedings instead of paying for your work.

Hi @SpotifyEng, @Spotify found a high/critical flaw in one of your products. Already reported to @Hacker0x01, they they don’t care (informative). Tried to appeal, they ignored me. Since It’s not valid, can I disclose it?

The voting has concluded, and we're thrilled to announce the top ten web hacking techniques of 2025! Massive thanks to everyone in the community for sharing their hard-earned discoveries, plus the panel and everyone who nominated or voted! portswigger.net/research/top-1…

@0xw2w HackerOne burned a lot of money on AI, and the cash ran out Reference: bugbounty.forum/post/25802368-… Spotify: Bad program. They saw someone post about another program paying 3k in 2018 and 2025, so they followed it (They will soon spend tons of money in court against Anna’s Archive)

FYI Spotify H1 bug bounty program has decreased High and Critical bounties by 60% (there was no prior promotions). HackerOne's security program has decreased Mediums, Highs and Crits by 40%. To add to that, the $ devaluation to € was 17% in the past year. Let that sink in...

@Burp_Suite 4. Burp Suite freezes indefinitely when the project size is large (~10 GB) Tested on the latest version of Burp Suite on Windows.

@Burp_Suite Burp Suite freezes indefinitely on large projects 1. Go to the Proxy > HTTP History tab. 2. In the Request or Response pane below the HTTP history entries, select any portion of the content to copy. 3. Click the mouse Back button to open the context menu.

We've all done it. Change the default proxy interception state in ⚙️ > Proxy > Default Proxy interception state

@Burp_Suite Burp Suite shows ‘This message is too large to display’ in the Raw/Pretty response view. What is the maximum response size limit in Burp Suite, and is there any way to increase or bypass this limit to view the full response?

Have you tried Shadow Repeater? It's an AI-powered Extension for Burp Repeater that auto-mutates requests, does intelligent fuzzes in the background, and surfaces surprising findings to Burp Organizer, helping to uncover bypasses and hidden attack paths faster. Learn more 👇 portswigger.net/bappstore/7be1…

@Jhaddix @arcanuminfosec @the_IDORminator 🔥

Day TWO of FIVE days of celebrating our 2 year ARCANUM-VERSARY! @arcanuminfosec 3rd Giveaway = FOUR seats to our new course by @the_IDORminator "Zero to [BAC] Hero" ! 👍 1 Like = 1 Entry! ♻️ 1 Share = 2 Entries! Winners announced 1/21! Syllabus link below 👇

@Jhaddix @arcanuminfosec ❤️

Day ONE of FIVE days of celebrating our 2 year ARCANUM-VERSARY! @arcanuminfosec 2nd Giveaway - We have 4 Swag Packs up for grabs! Get a shirt, stickers, pens, a BADGE and more! 👍 1 Like = 1 Entry! ♻️ 1 Share = 2 Entries! Winners announced 1/21! enjoy our tshirt models @G0LDEN_infosec and @PhillipWylie 🫶

@Jhaddix @arcanuminfosec @xssdoctor 🔥

Happy Arcanum-versary! @arcanuminfosec 's 1st giveaway for the week is FOUR seats to our EPIC Advanced Client-Side Hacking course by myself and @xssdoctor ! 👍 1 Like = 1 Entry! ♻️ 1 Share = 2 Entries! Winners announced 1/21! Syllabus for the course below 👇

@NahamSec @hackinghub_io 🧑‍💻❤️

I'm hosting one final giveaway for my "Bug Bounty Essentials" with over 20 hours of content and 100+ labs. All you have to do is drop a 🧑🏽‍💻 under this tweet to enter! Winner will be announced on December 31. Or purchase it directly on @hackinghub_io for 30% off 👉🏼 hhub.io/eoybbex

@vxunderground @Octoberfest73 🔥

Giveaway. @Octoberfest73 has sponsored two Zero Point Security "BOF Development & Tradecraft" courses. tl;dr Training course on Cobalt Strike and malware C2 stuff. Leave a comment below for a chance to win. Course information: zeropointsecurity.co.uk/course/bof-dev

@vxunderground @cyberwarfarelab

Hello. I have partnered with @cyberwarfarelab to give away FOUR HUNDRED (400) vouchers to their Infinity Learning Pro Plan. This is worth $119,600. - 130+ hands-on labs, including advanced attack chains - Unlimited challenge time - Monthly new challenges & scenario updates - Leaderboards for nerds - ??? This is a massive giveaway. How to enter: 1. You NEED a Gmail account. IF YOU ARE SELECTED AS A WINNER authentication is performed via Gmail. It does NOT have to be your real Gmail. It can be a disposable email. However, if you DO NOT have a Gmail you WILL NOT be able to authenticate. 2. This is a pit of doom. You're all fighting. Leave a comment below with an IMAGE of your SILLIEST weapon of choice. 3. This giveaway will be active for the next 48 hours (unless I get bored). It is November 30th, 2025. If you comment AFTER December 2nd, 2025 then you're a big stinky nerd. You have missed the pit of doom. 4. Winners will notified by me commenting your comment. If you do not respond to the DM within 24 hours (if you're selected) you forfeit your win and someone else is chosen. PAY ATTENTION. Good luck in the pit of doom. Have fun. I expect lots of laughs from the silliness. Cheers,

@NahamSec @_JohnHammond @BuildHackSecure @hackinghub_io Amazing 🧑‍💻

Final giveaway for Black Friday! I'll pick two hackers to gift free access to all of our courses by @_JohnHammond, myself and @BuildHackSecure on @hackinghub_io! - Drop a comment & RT to enter You can also purchase them here: The Hackers Arsenal: hhub.io/ArsenalBundle2… Bug Bounty Essentials: hhub.io/BugBountyBundl…

@the_IDORminator Yes

Want new videos?

@b00mn0x_dz @EpicGamesES @Hacker0x01 Congratulations. How many days until you found your first one on Epic?

alhamdulillah I discovered a low-severity vulnerability in Epicgames 🔥 thank's to @EpicGamesES & @Hacker0x01

@tabaahi_ @EpicGames How many years working on Epic?

Thank you @EpicGames

@d3f7ult @Meta Sandbox bypassed?

Rce on @meta ? 🫣🫣🫣

@ctbbpodcast @thefosi Please add RSS or email subscription for the research section.

New Research by @thefosi! "ASP .NET MVC View Engine Search Patterns" - Check it out on the link below and maybe send us your research too! lab.ctbb.show/research/asp-n…

@InfoSecComm This is a useless, time-wasting premium article.

🚨 New Writeup Alert! 🚨 "From 404 to $4,000: Real Bugs Found in Forgotten Endpoints" by Monika sharma is now live on IW! Check it out here: infosecwriteups.com/5886c06f7473 #vulnerability #bugbountytips #bugbountywriteup #technology #bugbounty