I'm thrilled to announce "Can AI Do Novel Security Research? Meet the HTTP Terminator" will premiere at Black Hat USA! Check out the abstract:
blackhat.com/us-26/briefi...

blog.mondediplo.net/les-collabor...

C'est être parent, nuance ;)

Security Research in the Age of AI Tools Learn how AI tools can support security researchers in investigating vulnerabilities and designing security checks to detect them.

I wrote a blog post about how I use Claude Code (and other models) in my work: invicti.com/blog/securit...

Yeah it's totally understandable of course.

Keep up the good work, can't wait to read your next blog post :)

Trailer ? Range ? Im really curious :)

ICE and CBP Agents Are Scanning Peoples’ Faces on the Street To Verify Citizenship Videos on social media show officers from ICE and CBP using facial recognition technology on people in the field. One expert described the practice as “pure dystopian creep.”

“We should have banned government use of face recognition when we had the chance because it is dangerous, invasive, and an inherent threat to civil liberties,” EFF’s @MGuariglia.bsky.social told @404Media.co. www.404media.co/ice-and-cbp...

« On est en train de discuter des livres que va lire Nicolas Sarkozy en prison ? Alors qu'il a été condamné pour "association de malfaiteurs". »

@fabricearfi.bsky.social Journaliste d’investigation

La suite :
⏰ 22h50 sur france·tv
➡️https://bit.ly/SarkozyEnPrisonHonneurDeshonneur
🎧en podcast

🤣🤣🤣

I’m excited to announce that I’ll be presenting The Fragile Lock: Novel Bypasses for SAML Authentication at Black Hat Europe! In this talk, I’ll show how I was able to continuously bypass security patches to achieve complete auth bypass for major libraries. #BHEU @blackhatevents.bsky.social

Je lance une bouteille à la mer ...

Les @restosducoeur 💞cherchent beaucoup d’ordinateurs portables et tiny (Linux friendly 🐧). Si votre entreprise a du stock dormant ou autre, ça nous aiderait beaucoup !

Repost apprécié :)🫶🏻

In case you missed it, AWS updated its policy about pentesting, and "Amazon API Gateway" (used by the extension "IP Rotate") isn't allowed anymore

aws.amazon.com/fr/security/...

Nice one ! #lichess #chess @lichess.org

🚨NEW: "The Late Show with Stephen Colbert" just dropped its first response to ABC, FCC chair, and Disney firing Jimmy Kimmel.

Trump ain't sleeping tonight. 🤣

This is a must-watch. 🔥

Cookie Chaos: How to bypass __Host and __Secure cookie prefixes Browsers added cookie prefixes to protect your sessions and stop attackers from setting harmful cookies. In this post, you’ll see how to bypass cookie defenses using discrepancies in browser and serve

We've just published a novel technique to bypass the __Host and __Secure cookie flags, to achieve maximum impact for your cookie injection findings: portswigger.net/research/coo...

1st time I start Burp to do bug bounty since the begining of June. Let's see if I still enjoy it or if I need more time to get back at it...

It's probably a cool research topic then 🙂

Some good collaborations on the way? 🙂

How to make $$$ from request smuggling

Step 1) Pick the right target:

Euro de basket : les Belgian Cats brillent face à l’Allemagne et filent en demi-finale (83-59) L’équipe nationale féminine belge de basket a poursuivi sur la lancée de son excellent début de tournoi ce mercredi. Une victoire qui leur permet de rejoindre l’Italie en demi-finale.

Euro de basket : les Belgian Cats brillent face à l’Allemagne et filent en demi-finale (83-59)
www.lesoir.be/684043/artic... #belgiancats

"Ce qu’on est en train de vivre aujourd’hui, c’est les trajectoires qu’on avait imaginées il y a 20 ans. La communauté des climatologues n’est pas du tout surprise par la vague de chaleur qui arrive. Elle est effrayée." @cassouman40.bsky.social ce matin sur @franceinfo.fr #VagueDeChaleur #DontLookUp

This is so cool! Congrats!

Looking forward to read the write up 😉

I'm thrilled to announce "HTTP/1 Must Die! The Desync Endgame" is coming to #DEFCON33! This talk will feature multiple new classes of desync attack, mass exploitation spanning multiple CDNs, and over $200k in bug bounties. See you there!

Mais putain 🤦

Enfin, au moins on sait pour qui ils roulent...

Bye bye full time bug bounty hunting. It's been a hell of a ride, but it's time to move on...