caon

@arthurair_es Inspiração!! Parabéns pela trajetória, que venham muitos os LHEs e oportunidades ano que vem :)

how it started (2020) how it’s going (2025) I’m not great at telling stories, but I wanted to share a little bit of my journey. The first photo is from 2020. That was me at the prep course where I studied, covered in eggs and flour, celebrating after finding out I had passed the entrance exam for a federal medical school. I spent almost two years studying full-time after high school, doing mock tests, reviewing everything, and pushing as hard as I could. In the end, it worked. I got in for the 2019 to 2020 intake. The second photo is from my white coat ceremony. The Hippocratic oath, the tradition before officially starting medical school, that moment when everything feels like the beginning of a lifelong career. Then the pandemic hit. Classes stopped and everything shut down. I needed to find a way to help my family because things were not easy. While searching online, I found HackerOne and learned that it was actually possible to hack companies legally and get paid in USD for it. Since I was stuck at home with a lot of free time, I started studying everything I could. Lots of failed attempts, countless nights, and a lot of frustration… until February 28th, 2021, when I finally got my first bounty. A few months later, on May 9th, 2022, I received my first Live Hacking Event invitation for H1-303. I couldn’t go because I didn’t have a US visa yet. But on June 10th, 2022, I was invited to H1-702, and that time I made it. The third photo is from that event. I met incredible people who became close friends and huge inspirations. That was the turning point when I realized my future wasn’t in medicine. I had a long conversation with my parents about my decision. It wasn’t easy, but it was the right one. The last photo is from the most recent LHE I attended, H1-468 in Sweden. It was one of the most special events I’ve ever been part of. I met new people, reunited with old friends, learned a ton, and felt genuinely proud of how far things have come since that first picture back in 2020. Getting invited to LHEs still makes me genuinely happy. Not only because of the event itself, but because every invitation reminds me of where I started, how many things went wrong before anything went right, and how grateful I am for everything this path gave me and my family. 2020 to 2025. What a ride. And I’m just getting started 🚀🖤.

Not even in Brazil yet, and the @BugBountyBr guys already gave me such a warm welcome 😁 @highustavo @zeroc00i @locs3c @_caon__ — thanks for the live, guys. That was insanely genuine!

🟥 Positive Hack Talks → São Paulo 🇧🇷 Dec 10th, 2025 🗣️ Speakers — submit papers (flights/hotel covered). CFP link in thread 👇 💻 Cybersecurity community — join our most community-driven event. ➡️ phtalks.ptsecurity.com/saopaulo Free · 8 talks · limited spots #PHTalks

@oestagiarioplus feito

@_caon__ Bota lá tbm github.com/agenda-tech-br…

Ótima oportunidade para a comunidade! 🚨 LHE – Mercado Livre Hacking Event 2025 🚨 🗓 25/10 a 01/11 Escopo ampliado, desafios, bounties e premiações exclusivas! Inscreva-se: forms.gle/Cs35PeYcoGsm8e…

@gui_scombatti @0xTeles @arthurair_es pf não me coloque em uma saia justa kkk

@_caon__ @0xTeles @arthurair_es somente para os dois? ok

@gui_scombatti @0xTeles @arthurair_es Somente para os ambassadors fazerem o corre e compartilhar! Todos são bem vindos!!!!!

@sw33tLie The library used in the trackpad balance app comes to mind, maybe it has the capabilities to implement your idea github.com/krishkrosh/Ope…

Anyone knows how to change the force touch behavior on the Macbook Pro trackpad to make it send the selected text to an LLM rather than searching a word on the dictionary? Surely that'd be much more useful 🤔

🚨 CALL 4 PAPERS — Bug Bounty Village @ H2HC 2025 🚨 Caçou um bug insano? Tem case real ou técnica nova? Esse é seu palco! Envie sua proposta pelo form: bit.ly/4n4hXf9 #H2HC #BugBountyVillage #Call4Papers #HackerCulture

🚨 CFP aberto — Bug Bounty Village @ H2HC 2025 🚨 Achou um bug insano, bypass criativo ou tem case real de pentest/bug bounty? Manda sua talk! 👉 docs.google.com/forms/d/e/1FAI… #H2HC #BugBounty #Call4Papers #HackerCulture

@caioluders @itseieio Agora com CNPJ!

TODOS OS CPFS lude.rs/every-cpf/ fork do everyuuid.com do @itseieio

Hackers, To make our pricing fairer worldwide, we’re trying out localized pricing. We’re starting with Brazil 🇧🇷, with Individual plan prices dropping by about 50%. 💸 Monthly: ~110 BRL → 55 BRL 💸 Yearly: ~1,100 BRL → 550 BRL Which country should we do next? caido.io/blog/2025-08-2…

I don't know who this will help but I put together a page listing JavaScript APIs that can break Shadow DOM encapsulation :) github.com/masatokinugawa…

Try this out on your next target! Some more gold from the guys at @ctbbpodcast! 🔥

New Android host validation bypass technique! [1/4] All parsed URIs in Android are android.net.Uri.StringUri objects. However, the scheme parser only looks for the ":" delimiter

How to find viable targets for client-side desync attacks: 1️⃣ Open Burp Suite and intercept requests. 2️⃣ Choose an endpoint that wouldn't usually expect a POST request (e.g GET) and send it to repeater. 3️⃣ Go to Inspector > Request Attributes > Protocol field > Upgrade to HTTP/2. 4️⃣ Send the Modified Request and look for this error message: "Server ALPN does not advertise HTTP/2 support"... 5️⃣ Enable ALPN Override in request settings and send again. If you see "Stream failed to close correctly" then you've confirmed that the server does not support HTTP/2 and is a valid target for desync testing! Want to learn more about desync attacks? On August 6, at Black Hat USA, James Kettle from PortSwigger Research will reveal new classes of desync attack that enabled him to compromise multiple CDNs and kick off the desync endgame! 😲 Stay up to date here: http1mustdie.com

If the origin server treats a delimiter, but the cache doesn’t and the cache normalizes paths before applying static directory rules you can leverage path traversal! Take this payload: /myAccount$/..%2Fstatic/any - The cache sees: /static/any - The origin sees: /myAccount The response for /myAccount is cached under /static/any and anyone that visits that static URL gets leaked data.

Want to know how I discovered this vector? Read the blog... thespanner.co.uk/the-curious-ca…

RFC 2047 "encoded-word" is crazy! It lets you smuggle encoded payloads into email addresses and the craziest thing is that some parsers decode it before validation 👇 Shout out to @garethheyes for this  🔥