SecGus Profile Banner
chivato Profile
chivato

@SecGus

Followers
5K
Following
3K
Statuses
3K

hacker

Lisbon, Portugal
Joined April 2015
Don't wanna be here? Send us removal request.
@SecGus
chivato
@SecGus
1 year
Here's my writeup for the @Intigriti challenge coin CTF from @DefCon and @BSidesLV. Really interesting challenge exploring how data can be hidden in closed-source third-party QR codes.
4
7
49
@SecGus
chivato
@SecGus
23 days
If anyone has a bypass requests with CSRF tokens on I have an XSS going, 50/50 split
0
0
3
@SecGus
chivato
@SecGus
2 months
Insane work from Xbow pioneering AI offensive security
@Xbow
XBOW
@Xbow
2 months
AI vs AI: How XBOW found a path traversal vulnerability (CVE-2024-53844) in LabsAI's EDDI, an open source conversational AI middleware.
0
2
7
@SecGus
chivato
@SecGus
3 months
fans
@GxlDeFekir
Golde
@GxlDeFekir
3 months
โ€œ13. SHIBATTOโ€
1
0
4
@SecGus
chivato
@SecGus
3 months
@sw33tLie @Burp_Suite @_godiego__ agrees
0
0
4
@SecGus
chivato
@SecGus
3 months
"We take the security of our customersโ€™ data very seriously." "At this stage we do not provide monetary benefit for bugs that are reported." ๐Ÿคก
0
0
10
@SecGus
chivato
@SecGus
3 months
@sec_jota @leoanggal1 @ngoedix @jesssperez95 @jfg_delafuente @xNEGO7 @h0rus3c @h1_david96 @t0t3kingpad4 @cr33pb0y @efejotahack @0_hack3r cc: @_godiego__ @0xd0m7 @hipotermia @djurado9 @_N0xi0us_ @j_zere @alexbindrei ๐Ÿ™๐Ÿ™๐Ÿ™๐Ÿ™๐Ÿ™๐Ÿ™๐Ÿ™๐Ÿ™๐Ÿ™๐Ÿ™
2
0
2
@SecGus
chivato
@SecGus
5 months
My first LHE as a hacker! Excited to see everyone in Scotland and collaborate with some great hackers targetting AWS & Amazon.
@Hacker0x01
HackerOne
@Hacker0x01
5 months
Today, we kick off #H10131! The fourth live hacking event of 2024. ๐Ÿ™Œ Throughout the event, researchers will partner with the @amazon and @AWS security teams to identify potential bugs, collaborate, and earn bounties. Which researcher will find the best bug of the event?
Tweet media one
3
2
79
@SecGus
chivato
@SecGus
8 months
RT @Specsavers: You canโ€™t just hop up onto the Pyramid Stage at Glastonbury. You have to Dua Lipa.
0
16
0
@SecGus
chivato
@SecGus
8 months
@nnwakelam @dbph Have you tried Elvanse/Vyvanse? Ritalin absolutely made me feel like a zombie, but Iโ€™ve had much more luck with Elvanse. There is now a shortage of Elvanse in the UK due to itโ€™s benefits over Ritalin.
0
0
2
@SecGus
chivato
@SecGus
8 months
@InsiderPhD @_godiego__ @Bugcrowd @arcwhite I see you popping up in the most useful places so consistently. Katie for the people
1
0
2
@SecGus
chivato
@SecGus
8 months
@exe_cut3 @Blaklis_ @na8iullin @_godiego__ @vankyv3r @alexbindrei What a terrible conclusion to draw from the whole discussion
1
0
2
@SecGus
chivato
@SecGus
8 months
RT @CalumBoal: I am happy to announce we are hiring two new Security Engineers to help build out our attack surface management platform andโ€ฆ
0
7
0
@SecGus
chivato
@SecGus
8 months
@na8iullin @_godiego__ @vankyv3r @alexbindrei Exactly Alex's point, it doesn't, and it's not fair to bypass the platform's intended retesting functionality by closing it off as resolved first. If you want the hacker to check if the bug still exists, then use the feature.
1
0
4
@SecGus
chivato
@SecGus
8 months
@na8iullin @_godiego__ @vankyv3r @alexbindrei A.K.A. a retest?
1
0
4
@SecGus
chivato
@SecGus
8 months
@Troll_13 Not an error from my experience with the team, I gave them a chance and was quite severely let down :)
1
0
0
@SecGus
chivato
@SecGus
8 months
@rez0__ Maybe *could* explain Medium/High but there is no dodging that Critical scam.
Tweet media one
0
0
2
@SecGus
chivato
@SecGus
9 months
Modified the binary to run easily locally without TLS:
0
1
2
@SecGus
chivato
@SecGus
9 months
@_godiego__ @rootedcon Es el dia que volvemos de Polanda (Polonia) :P
0
0
0
@SecGus
chivato
@SecGus
10 months
@vict0ni XSS' are high when they lead to ATO or PII leakages :)
0
0
1