New video covering the solution to the Mother Printers challenge I created for @hackinghub.bsky.social 💜 Tried to make it as beginner friendly as possible as I know many players aren't familiar with rev/pwn 😇 youtu.be/ebNYtX_8lOY

Didn't get chance to solve my "Mothers Printers" challenge on @hackinghub.bsky.social? 🖨 Here's the official writeup ➡ book.cryptocat.me/blog/ctf/mon... Prefer video? Stay tuned for a beginner-friendly walkthrough on YT next week ▶

Time to drop a couple of hints for my @hackinghub.bsky.social challenge! 1️⃣ First flag is on the website (you need to find it before flag 3/4/5) 2️⃣ The chall is inspired by some cool research I read (go find it) Writeups will be published once we hit 10 solves ➡ app.hackinghub.io/hubs/mother-...

Congratulations to Bhavya for being the first to capture all 5 flags on my @hackinghub.bsky.social challenge! 🥳🎉 We've released a small patch. If you were stuck on flag 3, please re-download files! Good time to practice your patch-diffing 👀 app.hackinghub.io/hubs/mother-...

So, who's gonna blood my new @hackinghub.bsky.social challenge? 😼 Challenge 🔗 app.hackinghub.io/hubs/mother-... First 3 solves will earn the "Hacker Cat" role in my discord server ➡️ discord.cryptocat.me #ctf #capturetheflag #ethicalhacking #cybersecurity #infosec #offsec

The "Ultimate Calculator 3000" challenge is over! ⏳ You can watch the video walkthrough here ➡ youtu.be/lRJno96za5A I'll leave everything online for another week or so 🙂

My writeup for the September Dojo challenge on @yeswehack.bsky.social - Chainfection ⛓ The challenge combined multiple CVEs, creating a chain of vulnerabilities: SQL injection -> file write + path traversal -> SSTI (RCE) Read the full writeup ➡️ book.cryptocat.me/blog/ctf/mon...

I made a new CTF challenge! It will run until the 30th of October 🎃 There's no prizes, but the first 3 solves will earn themselves the "Hacker Cat" rank in my discord server 😸 Download "Ultimate Calculator 3000" to get started ➡ discord.cryptocat.me

Recapping Day One of #Pwn2Own Ireland 2025. Join @dustinchilds.bsky.social (and Maude) as he covers the highlights of the first day of the competition. We awarded $522,500 for 34 unique 0-day bugs, and more is to come. youtu.be/tiM_StSFvow

We just posted our AttackerKB @rapid7.com Analysis for the recent Cisco 0day chain; CVE-2025-20362 and CVE-2025-20333. Full technical root cause analysis of both the auth bypass and buffer overflow are here: attackerkb.com/topics/Szq5u...

New video looking at some interesting printer vulnerabilities, found by @stephenfewer.bsky.social (@rapid7.com) 🖨 ▶ youtu.be/--SaQKmcyiU

One week until @bsidesbelfast.bsky.social, Who's going? 👀 As always, I've got stickers - come say hi! 👋

Video walkthrough for the "Fancy Login Form" web challenge from the @why2025.bsky.social CTF 🚩 Learn how to exfiltrate data via CSS injection ➡️ youtu.be/jUjlj2z5jJk

Played the @why2025.bsky.social CTF over the weekend 💜 Here's some web challenge writeups 👇 book.cryptocat.me/ctf-writeups...

Famous beef noodle soup (broth simmering continously for over 50 years!) in one of my all time favourite cities - Bangkok! 🇹🇭 Any hackers here wanna hang out, hmu 🤙

I've done a lot of awesome hacker meetups but this one was next level! So nice to meet brutecat, dreyand and IDlSSEVERYTHING🔥 These guys have some crazy skills (and stories), hope to meet again in the future 💜

I'll be in Singapore this weekend! I know there's lots of cool hackers there so hmu if you wanna get some coffee/food/drinks 🥰

Finally back in #KualaLumpur 🙏 Meeting some of my favourite Malaysian hackers for food/drinks tomorrow night. If you wanna join, let me know! 🥰

🍉

My OSWE review, tips/tricks.. general ramblings 👀😅 youtu.be/IK4t-i5lDEs

Just finished my OSWE exam 👀 Today I write up the report.. while watching #NahamCon 😌

Here is the official writeup of my XSS challenge on Intigriti. I think it contains some fun browser trivia even for those who did not look at the chall joaxcar.com/blog/2025/05...

The legendary @joaxcar.bsky.social made a really interesting XSS challenge this month for Intigriti. My solution involved winning a race condition with 100 <iframe>s to utilize a DOM Clobbering gadget after bypassing a RegEx. Check out the writeup below: jorianwoltjer.com/blog/p/hacki...

Heading back to SE-Asia next month.. Any hackers wanna hang out? 👀 Join my discord to keep up with the travel plans / arrange meetups: cryptocat.me/discord 😇 #cybersecurity #ethicalhacking #infosec #bugbounty #ctf #asia

I'm thrilled to announce "HTTP/1 Must Die! The Desync Endgame", at #BHUSA! This is going to be epic, check out the abstract for a teaser ↓

Video walkthrough for the web challenges from Tsuku CTF 💜 youtu.be/qGd4d0zmhy8

We already know that any Web server listening on the loopback interface is a security risk, because it may be accessed by a browser or its extensions. But the impact may be way bigger if this Web server is a MCP server 😱 blog.extensiontotal.com/trust-me-im-...

Have YOU joined my discord server yet? Click the link below and let's talk about hacking stuff 💜 discord.cryptocat.me

Added a video walkthrough for the web challenges from the recent CTF@CIT 💜 youtu.be/ZBdApaw0r0M #capturetheflag #ctf #websecurity #bugbounty #cybersecurity #ethicalhacking #infosec

Made writeups for the web challs featured in the CTF@CIT competition this weekend 🚩 1) SQL injection 2) Git repo dumping 3) Local file read with basic filter bypass 4) Flask session cookie tampering + SSTI 5) Credential reuse / HTTP method tampering book.cryptocat.me/ctf-writeups...

Video for the HackDonalds Challenge by @intigriti.com 💜 youtu.be/KwD_TKZr0YY

My YouTube channel has reached a new milestone; 3 million views! 🥳🎉 Next up - 50k subscribers! Help me get there 🥺 yt.cryptocat.me

Who wants a bonus @intigriti.com challenge? Easier than usual 👀 First blood + best writeup win a €50 swag voucher 😎 Find the flag before 15/04/25 👇 hackdonalds.intigriti.io

London 🇬🇧🏙🎨

Check out the walkthrough for the fourth (and currently final) @portswigger.net lab on NoSQL injection by @cryptocat.me 😼 youtu.be/aSXlmJ3lN4o

Almost 600 hackers at ZeroDays CTF in #Dublin this year!! 💜 #ZeroDays #CTF #CaptureTheFlag #CyberSecurity #EthicalHacking #InfoSec #BugBounty #Ireland

As promised, I've updated my YouTube playlist with a walkthrough for the new API testing module in @digi.ninja's Damn Vulnerable Web Application (DVWA) 💜 www.youtube.com/watch?v=c_6R...

Met so many cool hackers over the past few days in Kuala Lumpur! 💜

Attending the amazing @1ns0mn1h4ck.bsky.social to represent @intigriti.com today! Hit me up if you want to chat. I've got stickers and invite codes to hand out 😉.

New @portswigger.net video released over on the @intigriti.com channel! 💜 youtu.be/mVYu_3b_dOE

Yay, another hacker hangout! So nice to finally meet @taeluralexis.bsky.social 💜

When I saw @digi.ninja announced a new API testing module for the DVWA, I figured it was a good time to update my YouTube series! Turns out I missed a crypto module (😭) so let's get it over with 😆 Stay tuned for the API module 😎 youtu.be/7WySPRERN0Q

Met one of my favourite @intigriti.com hackers today! ngyostuan 💜

With @gelu.chat, we created a challenge for the @pwnmectf inspired by a bug he found in bug bounty a year ago! 🚀 If you have some time this weekend, give it a try! 👀 👉 pwnme.phreaks.fr

Amazing writeups and crazy chain of bugs 🤯 Well worth a read 💯 vitorfalcao.com/posts/hackin...

I hit the 40k subscribers milestone on YouTube this week 🥳🎉 Thank you to everyone who has checked out my content 🙏🥰 If you haven't yet and are interested in CTF walkthroughs; web, pwn, rev etc Hope you will take a look and help me get to 50k! 😎 yt.cryptocat.me

Here's the second @portswigger.net lab on NoSQL Injection by @intigriti.com 💜 It covers NoSQL injection using MongoDB operators, leading to an authentication bypass 😎 youtu.be/DBNmAJaWcGk

How Chinese cyber companies report on US APT groups 🇺🇸👀🇨🇳 www.inversecos.com/2025/02/an-i...

For me, Shadow Repeater is AI in web security done right - taking full advantage of the users' manual testing skills, and providing an extra edge on top without changing their workflow

Articles worth reading discovered last week: 📚 mizu.re/post/explori... ☁️ devanshbatham.hashnode.dev/fragility-of... 🫙 www.wiz.io/blog/nvidia-... 🐍 www.reversinglabs.com/blog/rl-iden... 🎥 brutecat.com/articles/lea...