Minilucker

⏰When the clock strikes midnight… The Midnight Flag CTF will rise once more A brand-new HORROR edition ! 👻Qualifications Friday 13 → Sunday 15 March ⏳More info soon… Dare to hunt the flag ?

Want to hack mobile applications? 📱 We’ve just published the ultimate guide to building an Android #BugBounty lab with emulators, real devices and proxies (featuring Genymotion, Android emulator, Magisk, Burp, Frida & Medusa) 👇 #BugBountyTips yeswehack.com/learn-bug-boun…

In the latest #TalkiePwnii, @pwnwithlove takes on a Dojo challenge about predictable tokens & YAML deserialization in Python 🐍 From predictable tokens to achieving RCE via unsafe YAML load - watch the full exploit 👇 #BugBountyTips #YesWeRHackers youtu.be/kSiuk2s-GpA

@sanzoX10 @Blaklis_ So unaffected that you keep flaming him while being blocked tho

@Blaklis_ u blocking me dosent effect me when u are racist

eyad giving him the attention his dad did not

@yeswehack @pwnwithlove 👀

Ever exploited server-side prototype pollution? 👀 In the latest episode of #TalkiePwnii, @pwnwithlove dives into Hacker Profile, a community-made Dojo challenge by @0xidel! From prototype pollution to RCE in Node.js - see it in action 👇 youtube.com/watch?v=5ja_NV…

7 challenges down on our Hunter’s Bucket List - and counting! 🏆 The latest tick? A brilliant challenge by @0xidel, featured in this month’s Dojo! ⚡ Have you tackled ‘Hacker Profile’ yet? It’s live until April 17th 👉 dojo-yeswehack.com/challenge-of-t… Only 3 items left to complete the list… don’t miss your shot at scoring an exclusive swag pack! #YesWeRHackers

Ready, set, GO! - A new Dojo challenge is out! 💥 This time, you're going to exploit a hacker's profile page and compromise the application. Do you have what it takes? It's time to prove it 👉 dojo-yeswehack.com/challenge-of-t… #YesWeRHackers #CTF #BugBounty

Trying to solve our latest Dojo chall? 👀 Look no further! In Episode 4 of #TalkiePwnii, @pwnwithlove breaks down homograph attacks in phishing, and explores why NodeJS sandboxes using the VM module might not be as secure as they seem 👇 #BugBountyTips youtube.com/watch?v=Js9NEE…

Looks like my DOMPurify article has been nominated! I know I haven't released part 2 yet, but if you enjoyed it, I would really appreciate if you could vote for it! 🫶 mizu.re/post/exploring…

Ty @yeswehack :D

Here are the giveaway results for the XSSMas VSnippet! 🎄 A huge thank you to everyone who participated in this challenge, and congrats to our two winners: @kabilan1290 and @0xidel! 🎉 Keep an eye on your DMs to receive your swag pack 👀 Now, let’s break down the challenge solution 👇

@yeswehack @kabilan1290 🤓

@yeswehack solved

Santa is losing patience waiting for your letter… 🙄 Have you noticed the Node.js-based source code seems to implement a weird input sanitizer? Come on, it’s your last chance to surprise Santa before Christmas 😈🎅 Try it out on GitHub: github.com/yeswehack/vuln… #YesWeRHackers

@rootme_org @Nishacid Can confirm, he's friendly

🎄 Root-Xmas Challenge 🎄 ✨Today, discover The Friendly Snowman challenge in the AI category! 📌Submitted by: @Nishacid 🔗Details & participation here: xmas.root-me.org Good luck to all! 🎅

@vxunderground o/

Hi, it's tuts-for-nerds giveaway 1. We're giving away 20 Mullvad VPN 6 month subscriptions courtesy of "Uber" (not the company). If you'd like a 6 month subscription to Mullvad VPN, leave a comment below. - Winners will be selected randomly in the next 24 hours. - We will DM winners. - If you do not confirm your win in 24 hours a new winner will be selected - If your DMs are closed, you automatically forfeit your prize Have a nice day

Hey Folks ! 🏔️ Here is writeups for all my challenges of @GrehackConf CTF - nishacid.guru/tags/grehack24/ It was great fun to create them all, thanks to all the participants and we hope you enjoy them. I'm looking for feedback and don't hesitate to DM me if you have any questions 💚

@Nishacid @GrehackConf 🤩

@pwnwithlove @yeswehack 🐐

a few weeks ago, I received an award for a critical vulnerability submitted on @yeswehack -- Path Traversal (CWE-22) (˵>ᗜ<˵)! !! this thread is literally how I discovered this vulnerability :p

@kevin_mizu @GrehackConf 🐐

I'm happy to say that the DOMLogger++ workshop created for @GrehackConf is now available 😁 I've written it in a way that it can serve as documentation. I hope it helps you understand how to use it properly! Website: domloggerpp-workshop.mizu.re:5173 GitHub: github.com/kevin-mizu/dom…