johnpi

@NullSecurityX @theXSSrat Count me in

🎉 Great news for my followers! Huge thanks to @theXSSrat 🙏 I’ll be giving away 50 coupons, each worth 25€ 💸 To join: 👣 Follow me 🔁 Retweet this post 💬 Leave a comment Winners will be picked soon based on engagement. Good luck 🍀

🏆 KNOXSS September 2025 Giveaway 🏆 ➡️ Follow, like and share! 😍 ➡️ 1 Month Pro access for 3 winners on Friday 5th Good luck! 🤞 Check what only KNOXSS can find for you: knoxss.pro/?page_id=766 knoxss.pro - try it now! #WebAppSec #BugBounty #PenTesting

@theXSSrat @tryhackme Hey

🚨 GIVEAWAY ALERT 🚨 Got 2 fresh @tryhackme 1-month vouchers burning a hole in my pocket 🔥 Meanwhile… my hackers toolkit is 85% off (all current + future courses in one) thexssrat.podia.com/full-house-bun… Want one? Do this: 1️⃣ Follow @TheXSSRat + @tryhackme 2️⃣ Share this post 3️⃣ Drop a comment 4️⃣ Smash that like You’ve got 72 hours, dear rats 🐀

@NullSecurityX @theXSSrat pick me.

🎉 We’re partnering with @theXSSrat for a special giveaway! Once we hit 5,000 followers, 1 lucky winner will get access to $600 worth of cybersecurity courses — for FREE! To enter the giveaway: ✅ Follow 🔁 Retweet this post 💬 Leave a comment 📚 Course thexssrat.podia.com/full-house-bun…

How to find viable targets for client-side desync attacks: 1️⃣ Open Burp Suite and intercept requests. 2️⃣ Choose an endpoint that wouldn't usually expect a POST request (e.g GET) and send it to repeater. 3️⃣ Go to Inspector > Request Attributes > Protocol field > Upgrade to HTTP/2. 4️⃣ Send the Modified Request and look for this error message: "Server ALPN does not advertise HTTP/2 support"... 5️⃣ Enable ALPN Override in request settings and send again. If you see "Stream failed to close correctly" then you've confirmed that the server does not support HTTP/2 and is a valid target for desync testing! Want to learn more about desync attacks? On August 6, at Black Hat USA, James Kettle from PortSwigger Research will reveal new classes of desync attack that enabled him to compromise multiple CDNs and kick off the desync endgame! 😲 Stay up to date here: http1mustdie.com

@0xarise hi

@theXSSrat @XssRat @davidbombal

🚨 GIVEAWAY: The Endless Bundle 🧠💥 Our full ethical hacking course library — lifetime access, all future updates. 🔐 To enter: - Like ❤️ - Repost 🔁 - Comment and tag your best hacking buddy 🤟 Follow @XSSRat 💻 260+ lessons | Labs | Discord | Weekly updates 🔥 Bug bounty, XSS, BAC, scripting & more ⏳ Ends in 3 days! 💸 Can’t wait? Grab it at 80% off: 👉 thexssrat.podia.com/full-house-bun… #EndlessBundleGiveaway #CyberSecurity #BugBounty

To celebrate our badge launch, we're giving away FIVE free 6-month licenses to @pentesterlab. ✅ Comment BADGELIFE and retweet this post to enter. Additionally, pre-order a custom badge at shop.bugbountydefcon.com for a chance to win one of FIVE Annual VIP+ subscription to @hackthebox_eu. Purchasing a badge helps us run and fund the village. That's a total of TEN WINNERS! Winners will be picked on August 1st. Good luck! Note: Badges are pre-order only. Order online, pick up in village. No shipping. #BadgeLife #DEFCON33 #BugBounty

@BugBountyDEFCON @PentesterLab BADGELIFE

Time for another giveaway! We are going to send a t-shirt and a few goodies to one person who follows @PentesterLab and retweets this tweet!! And we are going to give a 12-month voucher to someone who follows @PentesterLab and likes this tweet!!

I’m Giving Away 3 Free Tickets to atten IWCon W2022 by @InfoSecComm To participate in the giveaway RT #IWCon #infosec #cloudsecurity #Giveaways

@thebinarybot I am excited for @hakluke talk.

Hey there! I have 2 conference passes for IWCON2.0 which is happening on 17th-18th December, 2022. To enter the giveaway: 1. Follow @thebinarybot 🫂 2. Retweet 🔁 3. Comment which talk you are highly looking forward to 💭 #bugbounty #infosec #cybersecurity #hacking

I've got two passes for IWCON2.0 happening on 17th-18th December, 2022 from the awesome folks @InfoSecComm 👋 Register here : iwcon.live To win these passes just retweet this and like the tweet. Two of the luck winners will be contacted by the team for the passes.

It's Black Friday! 🎉 Get FREE recurring API credits if you like + retweet this tweet (must be following @securitytrails). If we get up to 100 RTs everyone gets 100 recurring monthly API credits. If we get over 100 RTs, everyone gets the # of API credits in the amount of RTs.