Evan

@evanricafort

loves the &

Ipil, Zamboanga Sibugay  
Joined November 2013
Born January 3, 1996

Tweets

You blocked @evanricafort

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @evanricafort

  1. Aug 28
    Undo
  2. Retweeted
    Aug 28

    Cache Poisoning via SelfXSS + Path Parameter

    Undo
  3. Aug 25

    yah boi mf is fully vaxx today 💉

    Undo
  4. Retweeted
    Aug 25

    I just published a writeup on vulnerability type which I always thought is just theoretical in real life scenario. This writeup is on ‘Websocket Hijacking’ to steal Session_ID of victim users

    Undo
  5. Retweeted
    Aug 25

    Explain buffer overflow and pwn2own 0 days to people who have never heard of any of that in under 60 seconds GO!

    Show this thread
    Undo
  6. Retweeted
    Aug 25

    Vulnerability in Bumble dating app reveals any user's exact location : credits

    Undo
  7. Retweeted
    Aug 25

    Would you like to see what a $200K RCE looks like? 😱 The link is in these , along with 's amazing insights on source code review for bug hunters & the best of this year's hacker summer camp 👇

    Undo
  8. Retweeted
    Aug 20
    Show this thread
    Undo
  9. Retweeted
    Aug 18

    After ❤️ Uploaded The Video " Common Open Redirections Mistakes " , I Said OOh I Remember I Collected A Lot Of Tips That Its Can Help Me To Get Open Redirection To Bypass The Blacklist AND Get SSRF 😂🕵️‍♂️ If You Have Any Question , DM Me

    Undo
  10. Retweeted
    Aug 16
    Show this thread
    Undo
  11. Retweeted
    Aug 16

    Let's talk about open redirections, and common mistakes beginners make when reporting them to bug bounty programs 📽️

    Undo
  12. Retweeted
    Aug 12

    Explain a bug bounty RCE on Kubernetes to people who have never heard of any of that in under 1 minute GO.

    Undo
  13. Aug 12

    Same exploit method for the bug that I found on one of paypal's parameter before (yr 2014 as I remember) which allows me to buy mobile credit/load for almost free ($0.01) from affected online shops. well done drbrix!

    Undo
  14. Retweeted
    Aug 6

    Information security is one of those scenes where you can go from nothing to a lifelong happy career without a degree or pedigree. I love it.

    Undo
  15. Retweeted
    Aug 5

    HTTP/2: The Sequel is Always Worse by

    Undo
  16. Retweeted

    Had several people ask for a write up/explanation on my recent CVE findings. This outlines my mindset in choosing this goal, some of my methodology for doing so, as well as an explanation on how to apply for a CVE if you find one.

    Undo
  17. Retweeted
    Aug 3

    Career advice: A way to become an expert is to start by being really bad at something. The shame you feel from your first stumbling steps and performances will compel you to become a master over time.

    Undo
  18. Retweeted
    Jul 29

    I just published a short writeup about an XXE found in Major Public Transport Ticketing Mobile APP based out of Germany

    Undo
  19. Retweeted
    Jul 25

    Burp Suite > Proxy > Options > TLS Pass Through. Add these: .*\.google\.com .*\.gstatic\.com .*\.mozilla\.com .*\.googleapis\.com .*\.pki\.goog No more noise in your logs!

    Undo
  20. Retweeted
    Jul 20
    Undo

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.