Francesco Enrietti

@Ch0pin Having the ability to write the equivalent of a Burp Extension/Scan Check would be great!

Dynamically registered receivers are added as part of the burp-like monitor. If you have any cool ideas, let me know before I publish.

Can a hostile container sneak past your eBPF tracing? Sometimes, yes. With @OSTIFofficial & @CloudNativeFdn we audited Inspektor Gadget - 3 vulns (fixed), 6 hardenings, 6 bypasses (io_uring, openat2, jumbo frames…). Work by @ndaprela & @suidpit👏 🔗 shielder.com/blog/2026/04/i…

Frankly, I'm appalled by the prospect of LLMs taking offensive security research jobs from honest, hard-working fuzzers

Attending @1ns0mn1h4ck? Meet @not4nhacker @Luk3ros and @Sev1rus from our AppSec and Red teams! They are eager to discuss about breaking complex authentication implementations and relaying all the things to DA!

@AnthropicAI it’s only Claude if it’s distilled in the Silicon Valley region of California 😤

introducing claude cowork

1/6 What started as a routine 24-hour vulnerability research of PostHog turned into quite the rabbit hole... 🕳️🐇 I ended up finding a way to chain a simple SSRF, a ClickHouse Postgresql Table functions SQL Escape 0-day, and default DB credentials into a full RCE. It’s a fun story about how "safe" features can be misled. 🧵👇

Want to learn more about our approach into auditing complex libraries and writing cool exploits? Attend @OSTIFofficial's meetup where our very own @Th3Zer0 and @suidpit will talk about the "Security Audit of OpenEXR" 🗓️: Dec 02 🕗: 20:00 CET RSVP: luma.com/ostif-meetups?…

can we please get the libxml2 and ffmpeg people some cold cash, lambo's and decent quality blow as a token of appreciation for all the ASAN splats we throw over the fence and want to have fixed pronto? I know one man's trash (CVE's) is another man's treasure, but we gotta respect and support these hardworking devs a bit more. how else do you expect to play back (x-rated) flicks that come in esoteric video container formats or correctly render SVG's containing vector depictions of your favorite animals in safari?

You’ve done everything right: least privilege, PAM solution deployed, users don’t even know passwords. What could go wrong? Paolo Cavaglià (@Paupu_95) from Shielder has the answer in his #TheSAS2025 talk, "Grand Theft Credential: Ransomware Gangs’ Wet Dream" 🏰 His team spent two weeks reverse engineering Broadcom’s CA PAM and found 13 vulnerabilities that lead to complete infrastructure takeover. A malicious actor can decrypt all stored credentials, move laterally to every managed host, and own the company. More SAS gold (aka agenda): kas.pr/6rx9

@jobertabma @NahamSec @stokfredrik @Hacker0x01 not4nhacker

Hey hackers! We're running a beta for Hai for Hackers, our AI security agent. If you're interested, please reply with your HackerOne username (we will probably limit to ~100 hackers for now). After it's been enabled, you can start using it by clicking the Hai button in the top right corner of the app. It’s free to use (with a limited daily budget for now). It is like any other AI you’ve interacted with, with the added benefit that it has access to a whole bunch of HackerOne data, like reports and programs. We’re shipping improvements to Hai almost every day. Here are some neat use cases: - “take all the learnings from STÖK, jhaddix, and nahamsec's recon strategy and build one for me!” - “write a python script for a typical recon process” - “i need an XSS payload that doesn’t use single or double quotes” - “my XXE payload doesn't call back to my server, what could go wrong?” - “write a response for report #133337” The beta also comes with Hai Plays for you, which allows you to build your own security agents in HackerOne. You can create them at hackerone.com/settings/hai_p…. Some of the cool use cases we’ve seen so far are: - write reports with minimal input from you (efficiency++!) - convert reports into blogposts with a single prompt - AI mentor to give feedback about your communication and increase the likelihood of a reward In the background we’ve been working on agentic behavior, which we expect will soon come to Hai for Hackers as well. These AI agents can act like your hacking buddy and hack alongside you. We’ll keep you in the loop on our progress.

Last week @Apple released MacOS 13.4 which contains a fix for a vulnerability @suidpit exploited to escape the Sandbox. Update now and stay tuned for the technical details! Ref: support.apple.com/en-us/122373

Except @TumpiConIT of course

A bit late but who cares. This week I was lucky enough to attend @1ns0mn1h4ck, and it was a great event, probably my new favorite conf

In Lausanne for @1ns0mn1h4ck? Don’t miss the chance to meet our very own @not4nhacker! If you're into cursed OAuth hacking techniques or breaking mobile apps, find a comfy spot -- you might be there for a while!

Hey hackers! We’ve started sending out the first invites — check your inbox! 👀 Didn’t get one? Take the fast track and submit a talk!

During a recent engagement @Mindlaess_ hacked his way through @vtigercrm which led to discover a privilege escalation and a SQL injection. Learn more in the dedicated advisories: - CVE-2024-42994 #sqli shielder.com/advisories/vti… - CVE-2024-42995 #privesc shielder.com/advisories/vti…

@0xTib3rius Ask and you shall receive: wordlists-cdn.assetnote.io/data/automated…

Oh you're a web app hacker? Name every parameter.

@cocktailpeanut @ollama

On an NVIDIA 4090, downloaded Llama3.1 405B from @Ollama. Asked a question. After a 30 minutes of waiting, Llama just started responding... "The". It's been 5 minutes since then. Eagerly waiting for the next message that will blow my mind...

🤫 #SneakPeekThursdays