Michael Stepankin @artsploit.com

Latest posts by artsploit.com on Bluesky

Last year, I committed to uncovering critical vulnerabilities in Maven repositories. Now it’s time to share the findings: RCE in Sonatype Nexus, Cache Poisoning in JFrog Artifactory, and more! github.blog/security/vul...

22.01.2025 18:16 — 👍 28 🔁 16 💬 1 📌 0

Remote Code Execution with Spring Properties Recently a past student came to me with a very interesting unauthenticated vulnerability in a Spring application that they were having a hard time exploiting...

I just wrote a new blog post! This is how I (ab)used a jailed file write bug in Tomcat/Spring. Enjoy!

Remote Code Execution with Spring Properties :: srcincite.io/blog/2024/11...

26.11.2024 23:57 — 👍 76 🔁 36 💬 1 📌 2

How's your day going?

15.11.2024 08:53 — 👍 26 🔁 2 💬 2 📌 0

@artsploit.com is following 20 prominent accounts

@mogwailabs

d4d
@zakfedotkin

Zak Fedotkin All thought are mine and mine alone

Orange Tsai
@orange.tw

This is 🍊

Mastering Burp Suite
@mastering-burp.agarri.fr

Tips and tricks for Burp Suite Pro 🛠️ Not affiliated with @portswigger.net ©️ Managed by @agarri.fr 🇫🇷 Additional free resources 🎁 http://hackademy.agarri.fr/freebies

dmnk
@dmnk

【ＤΞＣＯＭＰＩＬΞ　ＮΣＶΞＲ】 Android Red Team @google Fuzzing @aflplusplus.bsky.social CTF @enoflag (opinions my own)

Azeria
@azeria-labs.com

Founder of Azeria Labs, Trainer, Author of Blue Fox: Arm Assembly Internals & Reverse Engineering

The Dustin Childs
@dustinchilds

Just a simple information security gnome trying to make his way through the universe. Part-time patch wrangler. Tweets are just my opinion and such. Got questions about patches or bug bounties? My DMs are open. Signal: DustinChilds.17

b33f
@fuzzysec

意志 / Antiquarian @ IBM Adversary Services / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching at labs.calypso.pub

chompie
@chompie.rip

hacker, poster, weird machine mechanic https://chompie.rip

the grugq
@thegrugq

b1ack0wl
@b1ack0wl.com

0day Researcher @ ████████████ / Baker / 0wl // I post random things on here

Matthias Kaiser
@matthiaskaiser

Java/Android Vulnerability Researcher. 0xACED. Ex-Apple. Posts are my own.

hypr
@hyprdude

vuln researcher+exploit dev | bordeaux enjoyer | friend of all cats | him/he | https://blog.coffinsec.com

Trend Zero Day Initiative
@thezdi

Trend Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.

Richard Johnson
@richinseattle

Fuzzing; Vulnerability Research; Deep Learning; Reverse Engineering Training & Publications @ http://fuzzing.io Hacking the planet since 1995 Undercurrents.io BOFH I'll stop the world and melt with you

Grant H
@digitalcold

Android and baseband vulnerability researcher. Computer engineering PhD. 🇺🇸 (Washington, DC) || https://hernan.de/z

shubs
@shubs.io

Co-founder, security researcher. Building an attack surface management platform, @assetnote.io

Ivanlef0u
@ivanlef0u

ivanlef0u.fr

@0xjdow

Incoherent offsec retweets, hacking @ Scorpion Labs

Nicolas Grégoire 🔜 WHY2025
@agarri.fr

Web hacker 😈 Burp Suite Pro trainer 👨‍🏫 Maintainer of @mastering-burp.agarri.fr 🛠️