turb0
50 posts
turb0
@7urb01
CTBB Full-Time Hunters' Guild Member | JavaScript Survivor | Shell Tourist | /((de)?bu(g+)?(ing)?)?/i Bits, bytes, and bad ideas https://t.co/0iE5bU44up
Katılım Mart 2024
174 Takip Edilen816 Takipçiler
@Rhynorater Very true. I nominated it and voted for it when it made the nomination list but it still remains slept on.
English
This really should have been in the top 10 web hacking techniques of 2025: adragos.ro/fontleak/
English
Reviewed another very creative piece of research by the @StarstrikeAI team and am sharing another demo tape. Probably going to be a bit of pause due to travel before reaching episode 0 as I work through feedback and refine the format. youtu.be/f8iO3irIdKw
YouTube
Starstrike AI@StarstrikeAI
Data Exfiltration in Google Gemini via... phone call? Link in comments:
English
@busf4ctor @ryancbarnett Downgrade your seat to "bathroom" for a refund and just sleep in there the whole flight.
English
@ryancbarnett They call it business class I think haha even though it’s very expensive, I’d take it but it’s full because of the last minute buy :(
English
I have 26h of flight ahead of me, I may or may not survive 🫡
English
Playing with the format of a "Security Research Writeup Deep Dive" series with a bug bounty focus and did a demo episode on this really high quality writeup of a clever bug. Open to feedback on this format before I get to nonnegative episode numbers. :) youtu.be/JqvJSF2UMyY
YouTube
sudi@sudhanshur705
Part 4 of our Hacking AI Apps series. This time we hacked Google's @antigravity A vuln that let us write files to arbitrary location on the victim's system, leading to RCE just by visiting an attacker controlled website. Hope you guys will like the blog 🙇♂️
English
@omer_asfu This is such a high quality writeup and such a good bug. So cool that you were able to keep pushing deeper into the tenant project and ultimately get cross tenant impact, and it's so cool that Google was willing to disclosed. Really helpful concrete example.
English
This is only part 1 of my cross-tenant research series. There are many more #CloudSecurity and #InfoSec writeups to come!
Read the full technical deep-dive here: omeramiad.com/posts/gatewayt…
English
👼GatewayToHeaven (CVE-2025-13292).
I discovered a cross-tenant vulnerability in @GoogleCloud's #Apigee, allowing me to access other organizations' data (and sometimes even plaintext JWTs of end users).
Below is the full breakdown of the exploit chain⛓️
English
Excited to launch this with @busf4ctor. We'll be posting some of our research over the next few weeks 😁 so make sure to follow. Really looking forward to seeing where this goes!
Starstrike AI@StarstrikeAI
Today, we (@busf4ctor and @monkehack), are launching Starstrike: an AI pentesting and research startup. We'll be releasing our first few research articles over the next few weeks, detailing several bugs that helped us net over $100k in total. Follow to ensure you don't miss them!
English
@evanconnelly @Hacker0x01 This is such an interesting intersection and this interview really does it justice!
English
Recently did an interview with @Hacker0x01 on the (seemingly unlikely) combination of the two hats I wear as a pastor and hacker. hackerone.com/blog/pastor-mi…
English
Happy to publish our first research of the year on the SvelteKit framework, downloaded over 800,000 times per week, which led to CVE-2025-67647 (w/@inzo____):
Avoiding the paradox: A native full-read SSRF and one‑shot DoS in SvelteKit
zhero-web-sec.github.io/research-and-t…
Enjoy the read
English
@busf4ctor @NahamSec Hoping to see markdown images rendered in ways I never knew possible. Definitely looking forward to this talk!
English
This is my first ever bug bounty or security related talk. I admit I've been a bit nervous, but I hope everyone enjoys it! @NahamSec
English
The writeup for the first challenge is cool, but the first one existed just as a warm up for the actually cool tricks in the second one. Go solve it.
Critical Thinking - Bug Bounty Podcast@ctbbpodcast
And here's an update on this XSS miniseries by @7urb01! Next week we'll have something even cooler, so GO HACK THIS! lab.ctbb.show
English
@7urb01 Still sussing out CIA impact. Haven't reversed all subcommands that I can run.
definitely C & A are high.
working on I.
English
It's that time of year when all the bugs enter my house for warmth.
I swear since I moved to the country I see a new species every other day.
English
@monkehack @busf4ctor We need a bug bounty hunter "terrible indie game from days of yore" anthology site. I am willing to contribute some games.
English
@busf4ctor crazy how game dev was the entry point for so many of us
English
> be me, lil Vitor, age 10-12
> got addicted to creating games using Game Maker
> also addicted to creating 3D models using Blender
> learned Photoshop, Illustrator, etc
> absolutely no hacking or breaking yet
> pulling all-nighters: WoW, PW, TF2, SC2, ...
> age 14, get even more addicted to gaming
> want to be a game artist/dev
> copy-pasted a random JS from the internet in my console to make everyone follow me on Twitter
> pwned lol
> age 15, go to a graphic design school that lasts 2 years
> realize that's not what I want, it was just a hobby
> get lost for the next few years
> school grades are low
> trying to decide on a university course around age 18
> got into an engineering uni, would choose a specialization in 1.5 years
> I wanted electronics engineering
> had the first programming class, fell in love, decided to go for software engineering
> started learning to hack using books like The Art of Exploitation
> tried getting my first bounty a few times, failed
> no friends but me interested in that, so was alone on this journey
> around 20yo start working as dev
> learning a lot about cloud infra and competitive programming
> tried my first bounty again, failed again
> still learning everything about cybersec alone
> forgot about bug bounty, too hard for me
> 26yo, leading a cloud infra team and burning out
> time to set my priorities straight and take risks
> amazing gf fully supported it
> built a savings buffer, left my job and started studying to break into a cybersec job
> got the job!
> after a year I got my first bounty
> then another bounty, then one more, and more...
> locked in, time to get amazing bugs
> four months ago I became a full-time hunter
> very happy, good money, a lot of freedom
> started collabing with amazing people like monke, rafax, rez0, rhyno, etc
> got 2nd on my first LHE
> got another LHE invite because of the results on the first one
> still locked in
---> YOU ARE HERE <---
Ciarán Cotter@monkehack
> Be me, age 13 > Dad has implemented time limit restrictions on wifi > discover that you can reset the restrictions by turning the TP-Link device off and on again a few times > Play Pokémon a lot, and curiosity to learn game dev kicks off > Flight to Japan with mom and little brother > We discover that the in-flight poker game is fundamentally broken > Hand reset was free and you could change your bet after you know your hand, so you could basically just go all-in when you have a strong hand > Spend 10hrs on flight getting inflight poker balance to 10mil+ in virtual currency in competition with brother > Age 14, teach myself "UnityScript", this god-awful language very similar to JavaScript to learn game dev in Unity > Develop some terrible games, learned to import my own hand-draw sprites and make music using FL Studio > My parents let me use the computer for learning, so I could spend hours writing terrible code from youtube tutorials (thanks Brackeys) > Age 16, teach myself Python at coding club > Write some more terrible programs > Write some basic cellular automata scripts and other hobby projects for a few years. > Age 20, start Computer Science in uni > Discover bug bounty because I was kinda techy and I needed money, made some cool friends in the space like @mikey96_bh > make a few thousand in my first year, enough that I don't need to work part-time anywhere. > Age 21, start working in security research via bug bounty experience. meet my good friend @rez0__ > Meet this cool guy called @Rhynorater in Def Con in vegas. I watch him pwn a hardware device. super inspiring. > Age 23, I keep hacking. finish uni, still working, kinda tired of it all. > I retreat into the mountains in Hokkaido, Japan and quit my job to do bug bounty full time. making enough from bounties to live off the money > Moved to scotland, much happier. rough few months as I find my footing > Started writing newsletter > Age 24, making more money than ever while self employed. 10x Live Hacking Events so far, won an award in 3 of them. > consulting business pretty stable, bug bounty working out really well, learned a lot. newsletter at over 80 issues > adopt 2 cats (I love them but man, are they stupid) > get into AI hacking, discover that I'm actually kinda good at it because of my previous niche skillsets > meet super cool people like @elder_plinius and @gr3pme and meet James Kettle irl > Start working on cool startup idea in October ---> YOU ARE HERE <---
English
turb0 retweetledi
Imagine Being so Good That Bugs FIND YOU
English
@nowaskyjr This is super cool! For those trying to wrap their heads around it, you can think of it as something closer to the following:
const divide = (a,b)=>a/b;
x = top in divide(RegExp('is; '), alert(1))
Where the is effectively a space.
English
Had enough people reaching out around the React createElement XSS stuff that I decided to throw up a blog post. Nothing really new added here from the original presentations, just gives some of it somewhere more accessible to live longer term. turb0.one/pages/From_Com…
English