Jobert Abma

@jobertabma

I tweet about security and my experience as a hacker. Co-founder of HackerOne ().

San Francisco, CA
Vrijeme pridruživanja: svibanj 2009.

Tweetovi

Blokirali ste korisnika/cu @jobertabma

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @jobertabma

  1. Prikvačeni tweet
    17. ožu 2019.

    Hackers, I've built a small game that helps improve your XSS skills! It dynamically generates (increasingly more difficult) levels for you to exploit XSS vulnerabilities. No level is the same. Let me know what you think. Happy hacking!

    Poništi
  2. proslijedio/la je Tweet
    30. sij

    ’s all-hands through the ages. We’ve grown up (and we’re still growing)!

    Poništi
  3. 28. sij

    Because authorization checks often only happen on write, you can come back after the ID was created. Because the model references a model that isn’t yours, you may be able to bypass authorization, often leading to information disclosure. (2/2)

    Prikaži ovu nit
    Poništi
  4. 28. sij

    Hacker tip: when you’re looking for IDORs in a model that references another model, try storing IDs that don’t exists yet. I’ve seen a number of times now that, because the model can’t be found, the system will save the ID. (1/2)

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    25. sij

    We are screaming congratulations to our SEVENTH million-dollar hacker! sprinted across the 7-figure payout mark, bringing in almost $300K in bounties over the last 90-days. You're incredible! Thank you for the work you do in security. Thank you for being you! ❤️🎇

    Poništi
  6. 15. sij

    I haven’t looked at the CTF, but I’m going to give it a try this week. If anyone get a hold of my document before I do, I’ll give the first person a $500 bounty!

    Poništi
  7. proslijedio/la je Tweet
    9. sij

    We want to hear from you, hackers! 📣 Fill out our brief survey and you will be entered to win a $100 Amazon gift card. 💰💳 Submission closes Monday, January 13th, at 3:00 PM PST. Let's go!

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    8. sij

    One of the most requested features is now live 🎉: privacy control on exposing bounty amounts in hacktivity feed 💸

    Poništi
  9. 8. sij

    My team at is hiring Staff and Senior Application Security Engineers in San Francisco! We’re all builders with a passion for breaking and apply our engineering mindsets to scale security across the organization. If you’re interested, apply at: !

    Poništi
  10. 1. sij

    Hacky New Year to all of you around the world!

    Poništi
  11. 30. pro 2019.
    Poništi
  12. 26. pro 2019.

    Please stop asking for the perfect hacker mentor for Christmas. Three times this week Santa has tried to kidnap , , and .

    Poništi
  13. 11. pro 2019.

    security.txt, aiming to solve this problem, is a step in the right direction and would support the continued growth and evolvement of the internet and would overall improve security and privacy as we know it today.

    Prikaži ovu nit
    Poništi
  14. 11. pro 2019.

    The adoption of CVD principles has made this better, but this is by no means a solved problem. As the world starts to accept that everyone has security vulnerabilities, we need a better way for organizations to point people to the right place.

    Prikaži ovu nit
    Poništi
  15. 11. pro 2019.

    People are still struggling finding the right people to report a security vulnerability to today. Thousands of potential security vulnerabilities have been submitted through HackerOne’s Disclosure Assistance service because they don't know how to reach the right people.

    Prikaži ovu nit
    Poništi
  16. 11. pro 2019.

    security.txt: the founders struggled reaching the right people when we wanted to report vulnerabilities back in 2012. Structuring and making this information available for everyone was one of the problems we wanted to solve with H1. (thread)

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    10. pro 2019.
    Poništi
  18. 6. pro 2019.

    Transparency builds trust: a blog from yours truly about public disclosure, vulnerability, culture, trust, and hackers.

    Poništi
  19. 3. pro 2019.

    Cookies, credentials, and tokens are manually redacted in comments every single day. Sometimes, people accidentally forget. Because of that we've introduced a new feature that warns you and offers best-effort redaction before you submit. Happy █████████!

    Poništi
  20. proslijedio/la je Tweet

    In the San Francisco area? Come visit our new digs and enjoy a fireside chat with and 's Kelly Ann (who also recently spoke at ). See you soon! Register here:

    Prikaži ovu nit
    Poništi
  21. 3. pro 2019.

    On November 24, one of our Security Analyst accidentally posted their H1 session cookie to a HackerOne report while reproducing a potential vulnerability. Here is how we handled the incident: !

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·