Cysec Ctrl
@cysec.bsky.social
Freelance Penetration Tester. Part-Time Bug Bounty.
Reposted by Cysec Ctrl
Apple announces new payouts for certain types of bugs - company will pay up to $2 million for anyone disclosing a chain of bugs that could be abused for spyware like Pegasus, as well as bonus awards for exploits that can bypass Lockdown Mode or are found while Apple software is still in beta testing
Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits
With the mercenary spyware industry booming, Apple VP Ivan Krstić tells WIRED that the company is also offering bonuses that could bring the max total reward for iPhone exploits to $5 million.
www.wired.com
October 10, 2025 at 3:00 PM
Apple announces new payouts for certain types of bugs - company will pay up to $2 million for anyone disclosing a chain of bugs that could be abused for spyware like Pegasus, as well as bonus awards for exploits that can bypass Lockdown Mode or are found while Apple software is still in beta testing
Reposted by Cysec Ctrl
Are you a Burp Repeater power user? The latest release introduces a new feature called 'Custom actions'. With these you can quickly build your own repeater features. Here's a few samples I made for you:
April 17, 2025 at 12:48 PM
Are you a Burp Repeater power user? The latest release introduces a new feature called 'Custom actions'. With these you can quickly build your own repeater features. Here's a few samples I made for you:
Reposted by Cysec Ctrl
Much of the IT and cybersecurity infrastructure underpinning the US health system is in danger of a possible collapse following a purge of IT staff and leadership at the Dept. of Health and Human Services, four current and former agency workers tell WIRED.
HHS Systems Are in Danger of Collapsing, Workers Say
The purging of IT and cybersecurity staff at the Department of Health and Human Services could threaten the systems used by the agency’s staff and the safety of critical health data.
wrd.cm
April 19, 2025 at 10:15 PM
Much of the IT and cybersecurity infrastructure underpinning the US health system is in danger of a possible collapse following a purge of IT staff and leadership at the Dept. of Health and Human Services, four current and former agency workers tell WIRED.
Reposted by Cysec Ctrl
La légende raconte que parfois des expérimentations ne deviennent pas définitives. Mais je n’y crois pas.
Le prolongement jusqu’en 2027 de l’expérimentation de vidéosurveillance algorithmique validé en commission
Le prolongement jusqu’en 2027 de l’expérimentation de vidéosurveillance algorithmique validé en commission
Initialement prévue pour s’achever en mars 2025, cette expérience controversée devrait obtenir un sursis de deux ans, malgré un premier bilan en demi-teinte.
www.lemonde.fr
March 7, 2025 at 11:38 AM
La légende raconte que parfois des expérimentations ne deviennent pas définitives. Mais je n’y crois pas.
Reposted by Cysec Ctrl
#JeRecrute
Est ce que le Bluesky sécu peut m'aider à trouver ma/mon future collègue dans la Purple 🟣 team Lucca ?
TL;DR :
- 3 à 8 ans d'XP requis en pentest ou red team
- 63 et 75K€ fixes bruts
- Full remote possible, bureaux à Paris, Nantes, Marseille, ...
Je détaille dans le 🧵
Est ce que le Bluesky sécu peut m'aider à trouver ma/mon future collègue dans la Purple 🟣 team Lucca ?
TL;DR :
- 3 à 8 ans d'XP requis en pentest ou red team
- 63 et 75K€ fixes bruts
- Full remote possible, bureaux à Paris, Nantes, Marseille, ...
Je détaille dans le 🧵
February 28, 2025 at 11:01 AM
#JeRecrute
Est ce que le Bluesky sécu peut m'aider à trouver ma/mon future collègue dans la Purple 🟣 team Lucca ?
TL;DR :
- 3 à 8 ans d'XP requis en pentest ou red team
- 63 et 75K€ fixes bruts
- Full remote possible, bureaux à Paris, Nantes, Marseille, ...
Je détaille dans le 🧵
Est ce que le Bluesky sécu peut m'aider à trouver ma/mon future collègue dans la Purple 🟣 team Lucca ?
TL;DR :
- 3 à 8 ans d'XP requis en pentest ou red team
- 63 et 75K€ fixes bruts
- Full remote possible, bureaux à Paris, Nantes, Marseille, ...
Je détaille dans le 🧵
Reposted by Cysec Ctrl
Thanks to the recent @portswiggerres.bsky.social top 10, I finally found the motivation to finish writing the 2nd article about DOMPurify security! 😁
Before releasing it, I would like to share a small challenge 🚩
Challenge link 👇
challenges.mizu.re/xss_04.html
1/2
Before releasing it, I would like to share a small challenge 🚩
Challenge link 👇
challenges.mizu.re/xss_04.html
1/2
February 7, 2025 at 4:34 PM
Thanks to the recent @portswiggerres.bsky.social top 10, I finally found the motivation to finish writing the 2nd article about DOMPurify security! 😁
Before releasing it, I would like to share a small challenge 🚩
Challenge link 👇
challenges.mizu.re/xss_04.html
1/2
Before releasing it, I would like to share a small challenge 🚩
Challenge link 👇
challenges.mizu.re/xss_04.html
1/2
Reposted by Cysec Ctrl
IMPORTANT. Viginum publie un rapport sur les manipulations de l’information ayant ciblé l’élection présidentielle roumaine de 2024 et alerte les influenceurs français sur les risques d’instrumentalisation dont ils pourraient faire l’objet de la part d’acteurs malveillants. THREAD 1/21
February 4, 2025 at 9:27 PM
IMPORTANT. Viginum publie un rapport sur les manipulations de l’information ayant ciblé l’élection présidentielle roumaine de 2024 et alerte les influenceurs français sur les risques d’instrumentalisation dont ils pourraient faire l’objet de la part d’acteurs malveillants. THREAD 1/21
Reposted by Cysec Ctrl
An innovation regarding bug bounty disputes, by @immunefi.bsky.social
immunefisupport.zendesk.com/hc/en-us/art...
immunefisupport.zendesk.com/hc/en-us/art...
Arbitration Overview
Immunefi Arbitration is the world’s first legally binding dispute resolution system for bug bounties. This innovative system sets a new standard for security in bug bounty transactions by offering ...
immunefisupport.zendesk.com
January 22, 2025 at 7:35 PM
An innovation regarding bug bounty disputes, by @immunefi.bsky.social
immunefisupport.zendesk.com/hc/en-us/art...
immunefisupport.zendesk.com/hc/en-us/art...
Reposted by Cysec Ctrl
Somebody uploaded to SlideShare the slides of my talk at @northsec.bsky.social 2023 🌐
It’s the sequel of the first @burpsuite.bsky.social talk I ever gave, exactly 10 years before 🛠️
Enjoy these 50 slides of Burp tips 🎁🎅
It’s the sequel of the first @burpsuite.bsky.social talk I ever gave, exactly 10 years before 🛠️
Enjoy these 50 slides of Burp tips 🎁🎅
Burp suite pro tips and tricks for hacking
Burp suite pro tips and tricks for hacking - Download as a PDF or view online for free
slideshare.net
December 23, 2024 at 10:00 PM
Somebody uploaded to SlideShare the slides of my talk at @northsec.bsky.social 2023 🌐
It’s the sequel of the first @burpsuite.bsky.social talk I ever gave, exactly 10 years before 🛠️
Enjoy these 50 slides of Burp tips 🎁🎅
It’s the sequel of the first @burpsuite.bsky.social talk I ever gave, exactly 10 years before 🛠️
Enjoy these 50 slides of Burp tips 🎁🎅
Reposted by Cysec Ctrl
Introducing a new tool designed to help you install & manage BloodHound instances...🥁 BloodHound CLI!
Check out @printingprops.com's blog post to learn how this tool dramatically simplifies installation and server management. ghst.ly/40zXAxI
Check out @printingprops.com's blog post to learn how this tool dramatically simplifies installation and server management. ghst.ly/40zXAxI
Introducing BloodHound CLI
We created a new tool to help you install and manage BloodHound instances, BloodHound CLI!
ghst.ly
January 17, 2025 at 4:33 PM
Introducing a new tool designed to help you install & manage BloodHound instances...🥁 BloodHound CLI!
Check out @printingprops.com's blog post to learn how this tool dramatically simplifies installation and server management. ghst.ly/40zXAxI
Check out @printingprops.com's blog post to learn how this tool dramatically simplifies installation and server management. ghst.ly/40zXAxI
Reposted by Cysec Ctrl
Reposted by Cysec Ctrl
PSA: As Bluesky gains popularity, more trolls and bad actors will arrive.
The MOST effective way to deal with them and to help keep this space safe for your own mental health is to starve them of the only thing they crave: ATTENTION.
Don't interact. Block/report and move on. 🥳
The MOST effective way to deal with them and to help keep this space safe for your own mental health is to starve them of the only thing they crave: ATTENTION.
Don't interact. Block/report and move on. 🥳
November 22, 2024 at 10:57 AM
PSA: As Bluesky gains popularity, more trolls and bad actors will arrive.
The MOST effective way to deal with them and to help keep this space safe for your own mental health is to starve them of the only thing they crave: ATTENTION.
Don't interact. Block/report and move on. 🥳
The MOST effective way to deal with them and to help keep this space safe for your own mental health is to starve them of the only thing they crave: ATTENTION.
Don't interact. Block/report and move on. 🥳