Shielder
@ShielderSec
InfoSec boutique.
Owning things since 2014.
We love to go for the extra mile, where we usually find the best 🦟🐞🪲🪳🐛🐜🕷 the others miss.
ID:2601330848
https://www.shielder.com 03-07-2014 09:03:07
442 Tweets
1,4K Followers
2 Following
In early 2023 we (TheZero - @[email protected] & smaury) collaborated with SecureDrop to start designing and prototyping the #E2EE messaging protocol for a future version of SecureDrop.
📄 blog post: securedrop.org/news/introduci…
💻 poc code: github.com/freedomofpress…
A couple of weeks ago I was in Paris sponsored by YesWeHack ⠵ to hack Louis Vuitton - it has been GREAT!
I scored the 5th place, even though some stuff might still change 👀
Leaderboard: event.yeswehack.com/events/hack-me… #LHE #BugBounty
📰 Featuring articles by Malcolm Stagg, Microsoft, Ozgur Alp, Shielder, Synacktiv
🧵 Trending threads by Justin Gardner, Critical Thinking - Bug Bounty Podcast, Intigriti, YesWeHack ⠵
📽️ Videos by @0xlupin, @JohnHammond, Bug Bounty Reports Explained
Our audit with Shielder, Bref, was published today! Thanks to Amazon Web Services for their sponsorship of this work, and Matthieu Napoli for his contributions to bref and this audit. Read more at ostif.org/bref-audit-com…
We recently partnered with OSTIF Official to perform a security audit sponsored by Amazon Web Services on Bref. The audit resulted in 5 findings promptly addresses by Matthieu Napoli.
The report is now public, check the details here: shielder.com/blog/2024/03/b…
This year NULLCON was a blast full of great talks!
Our team had much fun and even managed to score the 🥇 (@smaury92) and 🥈 (@suidpit) place in the Intigriti Live Hacking Event.
Thanks Antriksh (Yoda) #Nullcon Berlin, Inti De Ceukelaire, r0adrunn3r, et al!
Hey hackers - attending NULLCON? Pop to say hi and talk about AppSec and VR!
You can find smaury TheZero - @[email protected] Pit Francesco Enrietti around 🖖🏿
During a recent Red Team Assessment TheZero - @[email protected] and smaury discovered a vulnerability in PostgreSQL's #PgAdmin which in the worst case allows unauthenticated attackers to run arbitrary server-side code.
Check out the #RCE advisory and patch now!
shielder.com/advisories/pga…
Hey hackers! Are you attending FOSDEM @[email protected]?
If you want to talk about open-source software and hardware security make sure to hit up smaury and TheZero - @[email protected]!