Q5Ca

244 posts

Q5Ca

@_q5ca

Chief Remote Work Officer at @u0Kplusplus

Vietnam Katılım Kasım 2017

395 Takip Edilen957 Takipçiler

Sabitlenmiş Tweet

Q5Ca@_q5ca·16 May

Happy to share that my colleague @vudq16 and I will be speaking at PHDays in Moscow 🇷🇺 next week, May 24th. I’ll share a story from one of our red team projects, with techniques to maximize stealth during the operation. Hope to make new connections there:D phdays.com/en/forum/progr…

English

3.6K

Q5Ca retweetledi

TrendAI Zero Day Initiative@thezdi·6h

Locked in! Le Duc Anh Vu (@vulda17) of Viettel Cyber Security (@vcslab) exploited Cursor, earning $30,000 and 3 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin

English

3.3K

Q5Ca retweetledi

TrendAI Zero Day Initiative@thezdi·3h

Aaaand it's official! Orange Tsai (@orange_8361) of DEVCORE Research Team chained 3 bugs to achieve Remote Code Execution as SYSTEM on Microsoft Exchange, earning a whooping $200,000 and 20 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin

English

726

39.7K

Q5Ca retweetledi

TrendAI Zero Day Initiative@thezdi·5h

There it is! Orange Tsai (@orange_8361) of DEVCORE Research Team was able to exploit Microsoft Exchange! If confirmed, they win a whooping $200,000 and 20 Master of Pwn points. Off to the disclosure room to explain how they did it and seal the deal. #Pwn2Own #P2OBerlin

English

437

39.6K

Q5Ca retweetledi

TrendAI Zero Day Initiative@thezdi·1d

Boom! @rewhiles of Viettel Cyber Security was able to exploit Anthropic Claude Code! If confirmed, they win $40,000 and 4 Master of Pwn points. They're off to the disclosure room to explain how they did it. #Pwn2Own #P2OBerlin

English

5.2K

Q5Ca retweetledi

Orange Tsai 🍊@orange_8361·1d

That's my chain — a full chain w/ logic bugs only! No memory corruption, no AI, and of course no collisions at all 😉

TrendAI Zero Day Initiative@thezdi

Confirmed! Orange Tsai (@orange_8361) of DEVCORE Research Team (@d3vc0r3) chained 4 logic bugs to achieve a sandbox escape on Microsoft Edge, earning $175,000 and 17.5 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin

English

107

343

2.3K

145.7K

Q5Ca@_q5ca·4d

@D1iv3 Thanks for the hint. Allow me to farm some aura 😉 gist.github.com/Q5Ca/586fa0a18… JFYI, codex 5.4 xhigh implemented most of it.

English

Dlive@D1iv3·6 May

Container escape with CopyFail

English

107

918

81.1K

Q5Ca@_q5ca·25 Ağu

@ZackKorman Happened to me. Tried to remind you guys 😂

Q5Ca@_q5ca

Just a quick reminder: Copilot on microsoft365.com (m365.cloud.microsoft/chat) is not on scope for bounty 🥲 duongq5ca.substack.com/p/another-micr…

English

158

Zack Korman@ZackKorman·21 Ağu

Microsoft isn’t paying a bounty because this related to “enterprise copilot” which apparently isn’t covered? I don’t even know what that means… I have an M365 copilot license and a P1 license lol. What are they talking about.

Zack Korman@ZackKorman

Microsoft isn’t disclosing this so: M365 Copilot allowed users to access files without producing an audit log. All you had to do was ask Copilot to not link to the file. You don’t even have to ask; it sometimes just happens. If your org uses Copilot your audit log is likely wrong

English

255

19.3K

Q5Ca@_q5ca·10 Ağu

@GodfatherOrwa @aditi_singghh 👀

QME

200

Q5Ca@_q5ca·28 Tem

@huyvinhptit @grok 👀

QME

Q5Ca@_q5ca·24 Tem

Ước 🥹

Khoa Dinh@_l0gg

Blog for ToolShell Disclaimer: The content of this blog is provided for educational and informational purposes only. blog.viettelcybersecurity.com/sharepoint-too… #SharePoint #ToolShell

QST

636

Q5Ca@_q5ca·19 Haz

@S1r1u5_ Cool!

English

105

s1r1us (mohan)@S1r1u5_·19 Haz

@_q5ca yeah, you can just set a flag in protobuf request

English

423

s1r1us (mohan)@S1r1u5_·13 Haz

Hacking Windsurf: I asked the AI for the shell, it said yes. new video’s out. I show how I could’ve hacked you… just by getting you to click my link. Link posted below.

English

411

67.2K

Q5Ca@_q5ca·13 Haz

@by6153 @haxor31337 Yes, but I think it didnt help much 😅

English

Zeeshan M.@by6153·13 Haz

@haxor31337 @_q5ca Hi @haxor31337 it was a great talk loved it totally 🙌 also I have a question when you used ActivitySurrogateSelector gadget it prompted almost 16k+ characters payload and you mentioned that the querystring supports 2048 characters did you tried to use -minify option in ysoserial

English

100

Tuan Anh Nguyen⚡️ 🇻🇳@haxor31337·4 Haz

From SSRF to RCE and transfer money in core banking. It is really cool red team case. A perfect combination of external and internal vulnerabilities for each other to bypass the monitoring and detection of the blue team. Present by my colleague @_q5ca youtu.be/xBnMrNCuO_w?si…

YouTube

English

353

31K

Q5Ca@_q5ca·10 Haz

@GodfatherOrwa @HusseiN98D @haxor31337 Remember that! I’m comming!

English

659

Godfather Orwa 🇯🇴@GodfatherOrwa·10 Haz

@HusseiN98D @haxor31337 @_q5ca 🤣🤣🤣🤣🤣🤣 same here

English

1.1K

Hussein Daher@HusseiN98D·10 Haz

Burn out, platforms not always playing the right game , some programs scamming you.. it's not all beautiful in Bug Bounty. Find a backup plan ;) only the wise will start diversifying. The next years will become very hard.

English

5.8K

Q5Ca@_q5ca·5 Haz

@vudq16 Slide: 1drv.ms/p/c/362121a38b… Recording: youtube.com/watch?v=xBnMrN…

YouTube

English