Lauritz
@lauritz-holtmann.de
IT-Security Researcher, Pentester and Bug Hunter. Passionate about 💻, 🤽♂️, ⚜️, 🎸 and ⚽ #meinVfL
#Kaeferjaeger + H1 Ambassador
🏠 https://security.lauritz-holtmann.de
#Kaeferjaeger + H1 Ambassador
🏠 https://security.lauritz-holtmann.de
Pinned
Lauritz
@lauritz-holtmann.de
· Nov 15
The Flickr ATO using AWS Cognito recently turned "3" and it is still my favorite bug bounty story 😅
Check out the blog post in case you missed it: security.lauritz-holtmann.de/advisories/f...
H1 disclosure: hackerone.com/reports/1342...
Check out the blog post in case you missed it: security.lauritz-holtmann.de/advisories/f...
H1 disclosure: hackerone.com/reports/1342...
Recap of our @hacker0x01.bsky.social Hacking Meetup in September 👀
Leaderboard (still in progress): leaderboards.hackerone.live/germany-meet...
👉 h1.community/e/mbkdm3/
#BugBounty #Meetup #HackerOne
Leaderboard (still in progress): leaderboards.hackerone.live/germany-meet...
👉 h1.community/e/mbkdm3/
#BugBounty #Meetup #HackerOne
October 6, 2025 at 9:15 PM
Recap of our @hacker0x01.bsky.social Hacking Meetup in September 👀
Leaderboard (still in progress): leaderboards.hackerone.live/germany-meet...
👉 h1.community/e/mbkdm3/
#BugBounty #Meetup #HackerOne
Leaderboard (still in progress): leaderboards.hackerone.live/germany-meet...
👉 h1.community/e/mbkdm3/
#BugBounty #Meetup #HackerOne
Reposted by Lauritz
I reported a single, highly critical vulnerability that earned the top payout of the event. 💥🐞
Big thanks to @exness6.bsky.social for putting together such a great virtual meetup, and a special shoutout to @lauritz-holtmann.de!
Everything was incredibly well organized! 🙌
Big thanks to @exness6.bsky.social for putting together such a great virtual meetup, and a special shoutout to @lauritz-holtmann.de!
Everything was incredibly well organized! 🙌
Hacking Meetup vol. 3 of the German @hacker0x01.bsky.social Club - supported by @exnessofficial.bsky.social - was a blast! 💥
We x6 the overall bounties of our previous meetup and scored over 94,000$ overall bounties. 🤯
Additionally, H1 swag is on the way to all attendees and will arrive soon. 🤞
We x6 the overall bounties of our previous meetup and scored over 94,000$ overall bounties. 🤯
Additionally, H1 swag is on the way to all attendees and will arrive soon. 🤞
June 26, 2025 at 5:15 PM
I reported a single, highly critical vulnerability that earned the top payout of the event. 💥🐞
Big thanks to @exness6.bsky.social for putting together such a great virtual meetup, and a special shoutout to @lauritz-holtmann.de!
Everything was incredibly well organized! 🙌
Big thanks to @exness6.bsky.social for putting together such a great virtual meetup, and a special shoutout to @lauritz-holtmann.de!
Everything was incredibly well organized! 🙌
Hacking Meetup vol. 3 of the German @hacker0x01.bsky.social Club - supported by @exnessofficial.bsky.social - was a blast! 💥
We x6 the overall bounties of our previous meetup and scored over 94,000$ overall bounties. 🤯
Additionally, H1 swag is on the way to all attendees and will arrive soon. 🤞
We x6 the overall bounties of our previous meetup and scored over 94,000$ overall bounties. 🤯
Additionally, H1 swag is on the way to all attendees and will arrive soon. 🤞
June 26, 2025 at 4:13 PM
Hacking Meetup vol. 3 of the German @hacker0x01.bsky.social Club - supported by @exnessofficial.bsky.social - was a blast! 💥
We x6 the overall bounties of our previous meetup and scored over 94,000$ overall bounties. 🤯
Additionally, H1 swag is on the way to all attendees and will arrive soon. 🤞
We x6 the overall bounties of our previous meetup and scored over 94,000$ overall bounties. 🤯
Additionally, H1 swag is on the way to all attendees and will arrive soon. 🤞
Our @hacker0x01.bsky.social meetup (vol.2) last month was a blast! 🔥
Almost 40 signups, ~25 active remote attendees and 12 attendees from all over Germany who travelled to #Bochum and hacked together in person on Grab's assets. 🤯
#BugBounty #Meetup
Almost 40 signups, ~25 active remote attendees and 12 attendees from all over Germany who travelled to #Bochum and hacked together in person on Grab's assets. 🤯
#BugBounty #Meetup
March 27, 2025 at 7:03 AM
Our @hacker0x01.bsky.social meetup (vol.2) last month was a blast! 🔥
Almost 40 signups, ~25 active remote attendees and 12 attendees from all over Germany who travelled to #Bochum and hacked together in person on Grab's assets. 🤯
#BugBounty #Meetup
Almost 40 signups, ~25 active remote attendees and 12 attendees from all over Germany who travelled to #Bochum and hacked together in person on Grab's assets. 🤯
#BugBounty #Meetup
🧑💻 #BugBounty Meetup Vol. 2 of the German
@hacker0x01.bsky.social Club x Grab
The event is organised like a Mini-LHE:
📅 15.02. - 21.02.25 Remote Hacking
📅 22.02.25 In-Person Day
📍#Bochum (Work Inn Bochum-FiftyOne)
‼️ Signup Deadline: Wednesday, Feb 12th.
👉 h1.community/e/mgswsg/
@hacker0x01.bsky.social Club x Grab
The event is organised like a Mini-LHE:
📅 15.02. - 21.02.25 Remote Hacking
📅 22.02.25 In-Person Day
📍#Bochum (Work Inn Bochum-FiftyOne)
‼️ Signup Deadline: Wednesday, Feb 12th.
👉 h1.community/e/mgswsg/
February 4, 2025 at 6:48 AM
🧑💻 #BugBounty Meetup Vol. 2 of the German
@hacker0x01.bsky.social Club x Grab
The event is organised like a Mini-LHE:
📅 15.02. - 21.02.25 Remote Hacking
📅 22.02.25 In-Person Day
📍#Bochum (Work Inn Bochum-FiftyOne)
‼️ Signup Deadline: Wednesday, Feb 12th.
👉 h1.community/e/mgswsg/
@hacker0x01.bsky.social Club x Grab
The event is organised like a Mini-LHE:
📅 15.02. - 21.02.25 Remote Hacking
📅 22.02.25 In-Person Day
📍#Bochum (Work Inn Bochum-FiftyOne)
‼️ Signup Deadline: Wednesday, Feb 12th.
👉 h1.community/e/mgswsg/
The new year starts with a bang: #BugBounty Meetup Vol. 2 of the German @hacker0x01.bsky.social Club will take place on February 22nd in #Bochum, Germany! 🧑💻
We will organize the event like a Mini-LHE: Like last year, there will be again a collaborating H1 program and a leaderboard.
(1/3)
We will organize the event like a Mini-LHE: Like last year, there will be again a collaborating H1 program and a leaderboard.
(1/3)
January 6, 2025 at 4:35 PM
The new year starts with a bang: #BugBounty Meetup Vol. 2 of the German @hacker0x01.bsky.social Club will take place on February 22nd in #Bochum, Germany! 🧑💻
We will organize the event like a Mini-LHE: Like last year, there will be again a collaborating H1 program and a leaderboard.
(1/3)
We will organize the event like a Mini-LHE: Like last year, there will be again a collaborating H1 program and a leaderboard.
(1/3)
Just landed at #38c3 🤩
Ping me here or via ☎️5876 if you want have a chat, talk about things like #BugBounty or just want to have a Tschunk together. :)
I also have a handful of #H1 stickers with me to spread. 😏
Ping me here or via ☎️5876 if you want have a chat, talk about things like #BugBounty or just want to have a Tschunk together. :)
I also have a handful of #H1 stickers with me to spread. 😏
December 27, 2024 at 8:49 AM
Just landed at #38c3 🤩
Ping me here or via ☎️5876 if you want have a chat, talk about things like #BugBounty or just want to have a Tschunk together. :)
I also have a handful of #H1 stickers with me to spread. 😏
Ping me here or via ☎️5876 if you want have a chat, talk about things like #BugBounty or just want to have a Tschunk together. :)
I also have a handful of #H1 stickers with me to spread. 😏
Blog: #Android App Links Allowed Hijacking Arbitrary #SSO Flows
👉 security.lauritz-holtmann.de/post/sso-and...
Discover how twitter.com/_kun_19 and I uncovered a severe issue allowing hijack of SSO flows on Android… only to find we were years late to the party.
#BugBounty #Security #FuckUp
👉 security.lauritz-holtmann.de/post/sso-and...
Discover how twitter.com/_kun_19 and I uncovered a severe issue allowing hijack of SSO flows on Android… only to find we were years late to the party.
#BugBounty #Security #FuckUp
Android App Links autoVerify=false Allowed Hijacking Authentication Flows
Research is a constant process of failure and iteration. However, in most cases, you only see the one-in-a-thousand (successful) attempt. To normalize f*ck ups, and because I believe the behavior we i...
security.lauritz-holtmann.de
December 18, 2024 at 5:34 PM
Blog: #Android App Links Allowed Hijacking Arbitrary #SSO Flows
👉 security.lauritz-holtmann.de/post/sso-and...
Discover how twitter.com/_kun_19 and I uncovered a severe issue allowing hijack of SSO flows on Android… only to find we were years late to the party.
#BugBounty #Security #FuckUp
👉 security.lauritz-holtmann.de/post/sso-and...
Discover how twitter.com/_kun_19 and I uncovered a severe issue allowing hijack of SSO flows on Android… only to find we were years late to the party.
#BugBounty #Security #FuckUp
The "Dead Domain Discovery" Extension is now available from Chrome Web Store:
👉 chromewebstore.google.com/detail/opfeo...
Keep in mind that the extension needs broad permissions to work. I'd recommend to only install it to your "research browser".
Github: github.com/lauritzh/dea...
👉 chromewebstore.google.com/detail/opfeo...
Keep in mind that the extension needs broad permissions to work. I'd recommend to only install it to your "research browser".
Github: github.com/lauritzh/dea...
Dead Domain Discovery - Chrome Web Store
Scans the page for external iFrames, Scripts, and Styles, logs them to the console, and checks if their domains are resolvable.
chromewebstore.google.com
November 21, 2024 at 10:18 PM
The "Dead Domain Discovery" Extension is now available from Chrome Web Store:
👉 chromewebstore.google.com/detail/opfeo...
Keep in mind that the extension needs broad permissions to work. I'd recommend to only install it to your "research browser".
Github: github.com/lauritzh/dea...
👉 chromewebstore.google.com/detail/opfeo...
Keep in mind that the extension needs broad permissions to work. I'd recommend to only install it to your "research browser".
Github: github.com/lauritzh/dea...
The Flickr ATO using AWS Cognito recently turned "3" and it is still my favorite bug bounty story 😅
Check out the blog post in case you missed it: security.lauritz-holtmann.de/advisories/f...
H1 disclosure: hackerone.com/reports/1342...
Check out the blog post in case you missed it: security.lauritz-holtmann.de/advisories/f...
H1 disclosure: hackerone.com/reports/1342...
November 15, 2024 at 9:50 PM
The Flickr ATO using AWS Cognito recently turned "3" and it is still my favorite bug bounty story 😅
Check out the blog post in case you missed it: security.lauritz-holtmann.de/advisories/f...
H1 disclosure: hackerone.com/reports/1342...
Check out the blog post in case you missed it: security.lauritz-holtmann.de/advisories/f...
H1 disclosure: hackerone.com/reports/1342...
#BurpSuite #Bambda to detect Blind SSRF via OpenID Connect "request_uri" using out-of-bound detection (e.g. Collaborator).
The vulnerable URL is b64-encoded and included within the canary URL.
👉 gist.github.com/lauritzh/7b3...
📚 security.lauritz-holtmann.de/post/sso-sec...
The vulnerable URL is b64-encoded and included within the canary URL.
👉 gist.github.com/lauritzh/7b3...
📚 security.lauritz-holtmann.de/post/sso-sec...
November 30, 2023 at 11:37 PM
#BurpSuite #Bambda to detect Blind SSRF via OpenID Connect "request_uri" using out-of-bound detection (e.g. Collaborator).
The vulnerable URL is b64-encoded and included within the canary URL.
👉 gist.github.com/lauritzh/7b3...
📚 security.lauritz-holtmann.de/post/sso-sec...
The vulnerable URL is b64-encoded and included within the canary URL.
👉 gist.github.com/lauritzh/7b3...
📚 security.lauritz-holtmann.de/post/sso-sec...
Got my ticket for #37c3 - see you there! 🚀
November 29, 2023 at 7:25 PM
Got my ticket for #37c3 - see you there! 🚀