Geluchat
@Geluchat
Followers
4K
Following
5K
Statuses
2K
Thanks so much! It was an incredible collaboration with @DoomerHunter. Huge shoutout to @awscloud, @amazon, and @Hacker0x01 for organizing and supporting such a smooth LHE! Here's to more successful collaborations in the future!🔥#h10131
We just made ~150 000$ hacking on AWS at #H1-0131 with @Geluchat, winning the Most Impactful Team tropy! LHEs are incredible for the mind-blowing bugs found by elite hackers! GGs to the @awscloud, @amazon and @Hacker0x01 teams that did a wonderful job throughout this LHE!
4
6
91
RT @ElS1carius: Hey fellow hackers, My blog is back, starting with a deep dive into a nice SQL injection I found in SuiteCRM—CVE-2024-36412…
0
27
0
RT @kevin_mizu: I'm very happy to finally share the second part of my DOMPurify security research 🔥 This article mostly focuses on DOMPuri…
0
99
0
RT @PortSwiggerRes: The results are in! We're proud to announce the Top ten web hacking techniques of 2024!
0
275
0
RT @hackermondev: Research into a unique 0-click deanonymization exploit targeting Signal, Discord and hundreds of platform 🧵 https://t.co/…
0
537
0
1
0
4
Since everyone's posting their bug hunting recaps, here’s mine: - HackerOne LHEs : Singapore, Las Vegas, Edinburgh - $300k bounties over the year - Most Impactful Team with @DoomerOutrun💖at H1-0131 Shoutout to @Blaklis_ & @kevin_mizu for great collabs! Let’s crush it in 2025!
10
0
144
RT @Sonar_Research: 🧵 [1/4] Here is our DOMPurify 3.2.1 bypass, using a namespace confusion technique where each element is initially in a…
0
41
0
@gregxsunday It seems to me that what the OP is trying to show here is that this behaviour appears on already configured/non-attacker domains due to some cache poisoing attack. Thats pretty critical to me 🙃. Am i missing something here ?
1
0
4
0
10
0