Antoine Roly's Avatar

Antoine Roly

@aroly.bsky.social

Hacker, Bug Bounty Hunter, Pentester,... From Namur, BE.

249 Followers  |  843 Following  |  105 Posts  |  Joined: 23.11.2023  |  1.668

Latest posts by aroly.bsky.social on Bluesky

Post image 09.01.2026 13:28 β€” πŸ‘ 24982    πŸ” 9049    πŸ’¬ 437    πŸ“Œ 277

C'est Γͺtre parent, nuance ;)

05.12.2025 08:01 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Security Research in the Age of AI Tools Learn how AI tools can support security researchers in investigating vulnerabilities and designing security checks to detect them.

I wrote a blog post about how I use Claude Code (and other models) in my work: invicti.com/blog/securit...

03.12.2025 14:33 β€” πŸ‘ 8    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0

Yeah it's totally understandable of course.

Keep up the good work, can't wait to read your next blog post :)

18.11.2025 07:33 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Trailer ? Range ? Im really curious :)

18.11.2025 06:55 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
ICE and CBP Agents Are Scanning Peoples’ Faces on the Street To Verify Citizenship Videos on social media show officers from ICE and CBP using facial recognition technology on people in the field. One expert described the practice as β€œpure dystopian creep.”

β€œWe should have banned government use of face recognition when we had the chance because it is dangerous, invasive, and an inherent threat to civil liberties,” EFF’s @MGuariglia.bsky.social told @404Media.co. www.404media.co/ice-and-cbp...

29.10.2025 20:03 β€” πŸ‘ 306    πŸ” 121    πŸ’¬ 7    πŸ“Œ 8
Video thumbnail

Β« On est en train de discuter des livres que va lire Nicolas Sarkozy en prison ? Alors qu'il a Γ©tΓ© condamnΓ© pour "association de malfaiteurs". Β»

@fabricearfi.bsky.social Journaliste d’investigation

La suite :
⏰ 22h50 sur france·tv
➑️https://bit.ly/SarkozyEnPrisonHonneurDeshonneur
🎧en podcast

21.10.2025 18:52 β€” πŸ‘ 2471    πŸ” 1161    πŸ’¬ 82    πŸ“Œ 107

🀣🀣🀣

21.10.2025 13:49 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

I’m excited to announce that I’ll be presenting The Fragile Lock: Novel Bypasses for SAML Authentication at Black Hat Europe! In this talk, I’ll show how I was able to continuously bypass security patches to achieve complete auth bypass for major libraries. #BHEU @blackhatevents.bsky.social

07.10.2025 14:55 β€” πŸ‘ 26    πŸ” 6    πŸ’¬ 0    πŸ“Œ 0

Je lance une bouteille Γ  la mer ...

Les @restosducoeur πŸ’žcherchent beaucoup d’ordinateurs portables et tiny (Linux friendly 🐧). Si votre entreprise a du stock dormant ou autre, Γ§a nous aiderait beaucoup !

Repost apprécié :)🫢🏻

06.10.2025 07:57 β€” πŸ‘ 162    πŸ” 378    πŸ’¬ 16    πŸ“Œ 3
Penetration Testing Request a penetration test for your AWS cloud infrastructure here.

In case you missed it, AWS updated its policy about pentesting, and "Amazon API Gateway" (used by the extension "IP Rotate") isn't allowed anymore

aws.amazon.com/fr/security/...

01.10.2025 09:21 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0
Post image

Nice one ! #lichess #chess @lichess.org

26.09.2025 16:03 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Video thumbnail

🚨NEW: "The Late Show with Stephen Colbert" just dropped its first response to ABC, FCC chair, and Disney firing Jimmy Kimmel.

Trump ain't sleeping tonight. 🀣

This is a must-watch. πŸ”₯

19.09.2025 03:02 β€” πŸ‘ 5799    πŸ” 2761    πŸ’¬ 153    πŸ“Œ 339
Preview
Cookie Chaos: How to bypass __Host and __Secure cookie prefixes Browsers added cookie prefixes to protect your sessions and stop attackers from setting harmful cookies. In this post, you’ll see how to bypass cookie defenses using discrepancies in browser and serve

We've just published a novel technique to bypass the __Host and __Secure cookie flags, to achieve maximum impact for your cookie injection findings: portswigger.net/research/coo...

03.09.2025 14:54 β€” πŸ‘ 13    πŸ” 14    πŸ’¬ 1    πŸ“Œ 0
Preview
a man in a cowboy hat says you can do it in front of a crowd of people ALT: a man in a cowboy hat says you can do it in front of a crowd of people
21.08.2025 12:40 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

1st time I start Burp to do bug bounty since the begining of June. Let's see if I still enjoy it or if I need more time to get back at it...

18.08.2025 16:41 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

It's probably a cool research topic then πŸ™‚

08.08.2025 17:59 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Some good collaborations on the way? πŸ™‚

08.08.2025 08:34 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

How to make $$$ from request smuggling

Step 1) Pick the right target:

11.07.2025 12:15 β€” πŸ‘ 29    πŸ” 2    πŸ’¬ 2    πŸ“Œ 0
Preview
Euro de basketΒ : les Belgian Cats brillent face Γ  l’Allemagne et filent en demi-finale (83-59) L’équipe nationale fΓ©minine belge de basket a poursuivi sur la lancΓ©e de son excellent dΓ©but de tournoi ce mercredi. Une victoire qui leur permet de rejoindre l’Italie en demi-finale.

Euro de basketΒ : les Belgian Cats brillent face Γ  l’Allemagne et filent en demi-finale (83-59)
www.lesoir.be/684043/artic... #belgiancats

25.06.2025 19:55 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Video thumbnail

"Ce qu’on est en train de vivre aujourd’hui, c’est les trajectoires qu’on avait imaginΓ©es il y a 20 ans. La communautΓ© des climatologues n’est pas du tout surprise par la vague de chaleur qui arrive. Elle est effrayΓ©e." @cassouman40.bsky.social ce matin sur @franceinfo.fr #VagueDeChaleur #DontLookUp

20.06.2025 10:34 β€” πŸ‘ 506    πŸ” 356    πŸ’¬ 8    πŸ“Œ 40

This is so cool! Congrats!

19.06.2025 11:03 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Looking forward to read the write up πŸ˜‰

18.06.2025 17:11 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

I'm thrilled to announce "HTTP/1 Must Die! The Desync Endgame" is coming to #DEFCON33! This talk will feature multiple new classes of desync attack, mass exploitation spanning multiple CDNs, and over $200k in bug bounties. See you there!

10.06.2025 14:20 β€” πŸ‘ 43    πŸ” 11    πŸ’¬ 0    πŸ“Œ 1

Mais putain 🀦

Enfin, au moins on sait pour qui ils roulent...

31.05.2025 06:39 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Bye bye full time bug bounty hunting. It's been a hell of a ride, but it's time to move on...

30.05.2025 16:33 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
a close up of a statue of yoda with the words `` thank you wise one '' written below him . ALT: a close up of a statue of yoda with the words `` thank you wise one '' written below him .
30.05.2025 14:55 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

And that would explain why the desync is so rare ? Or why it happens only in one way ?

I'm not sure to get your point here, sorry.

30.05.2025 12:09 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
AppSec Ezine

AppSec Ezine - 589th edition #AppSec #Security

pathonproject.com/zb/?33afd768...

30.05.2025 09:43 β€” πŸ‘ 5    πŸ” 5    πŸ’¬ 0    πŸ“Œ 0

And the requests I need to send to trigger the desync are reaaaaaaaaally weird, I'm really wondering what happens in the backend :)

30.05.2025 09:57 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@aroly is following 20 prominent accounts