Katie Paxton-Fear
@insider.phd
Dr, apparently. Security Adovcate @semgrep & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/her
Check out the latest Paged Out! Zine (page 22 under hardware) and you’ll find an article written by me about my little eink labelling project and the highs and lows of learning to CAD, solder and program an ESP32, how hard can it be?
October 4, 2025 at 7:49 PM
Check out the latest Paged Out! Zine (page 22 under hardware) and you’ll find an article written by me about my little eink labelling project and the highs and lows of learning to CAD, solder and program an ESP32, how hard can it be?
This course is 100% new content, designed for all skill levels. We start with "What is an API?" and go all the way from recon to reporting.
It includes videos, written guides, exercises, and a new, realistic lab environment to practice in. The hands-on lab is free on GitHub!
It includes videos, written guides, exercises, and a new, realistic lab environment to practice in. The hands-on lab is free on GitHub!
October 4, 2025 at 5:02 AM
This course is 100% new content, designed for all skill levels. We start with "What is an API?" and go all the way from recon to reporting.
It includes videos, written guides, exercises, and a new, realistic lab environment to practice in. The hands-on lab is free on GitHub!
It includes videos, written guides, exercises, and a new, realistic lab environment to practice in. The hands-on lab is free on GitHub!
I've spent a lot of time thinking about the best way to teach API security from the ground up for beginners.
Today, I'm excited to launch the result: My brand new API Hacking course on JHT. It's built to give you a deep, foundational understanding of how to test modern APIs. 🧵
Today, I'm excited to launch the result: My brand new API Hacking course on JHT. It's built to give you a deep, foundational understanding of how to test modern APIs. 🧵
October 4, 2025 at 5:02 AM
I've spent a lot of time thinking about the best way to teach API security from the ground up for beginners.
Today, I'm excited to launch the result: My brand new API Hacking course on JHT. It's built to give you a deep, foundational understanding of how to test modern APIs. 🧵
Today, I'm excited to launch the result: My brand new API Hacking course on JHT. It's built to give you a deep, foundational understanding of how to test modern APIs. 🧵
This course is 100% new content, designed for all skill levels. We start with "What is an API?" and go all the way from recon to reporting.
It includes videos, written guides, exercises, and a new, realistic lab environment to practice in. The hands-on lab is free on GitHub!
It includes videos, written guides, exercises, and a new, realistic lab environment to practice in. The hands-on lab is free on GitHub!
October 3, 2025 at 5:01 PM
This course is 100% new content, designed for all skill levels. We start with "What is an API?" and go all the way from recon to reporting.
It includes videos, written guides, exercises, and a new, realistic lab environment to practice in. The hands-on lab is free on GitHub!
It includes videos, written guides, exercises, and a new, realistic lab environment to practice in. The hands-on lab is free on GitHub!
I've spent a lot of time thinking about the best way to teach API security from the ground up for beginners.
Today, I'm excited to launch the result: My brand new API Hacking course on JHT. It's built to give you a deep, foundational understanding of how to test modern APIs. 🧵
Today, I'm excited to launch the result: My brand new API Hacking course on JHT. It's built to give you a deep, foundational understanding of how to test modern APIs. 🧵
October 3, 2025 at 5:01 PM
I've spent a lot of time thinking about the best way to teach API security from the ground up for beginners.
Today, I'm excited to launch the result: My brand new API Hacking course on JHT. It's built to give you a deep, foundational understanding of how to test modern APIs. 🧵
Today, I'm excited to launch the result: My brand new API Hacking course on JHT. It's built to give you a deep, foundational understanding of how to test modern APIs. 🧵
Tomorrow I'll be live on this webinar chatting about Hacker Summer Camp with my boss. We'll recap everything that happened and all the talks we did, share our top moments and our highlights from this year as well as share Jayson's experience at his first hacker con!
1/2
1/2
September 2, 2025 at 5:21 PM
Tomorrow I'll be live on this webinar chatting about Hacker Summer Camp with my boss. We'll recap everything that happened and all the talks we did, share our top moments and our highlights from this year as well as share Jayson's experience at his first hacker con!
1/2
1/2
MCP is all anyone can talk about right now, but uhh what is it? And what do you actually need to know about the latest hyped AI thing? Join me tomorrow as I dig into it as we cover a TL;DR for security teams and perhaps why it might actually be industry changing
August 18, 2025 at 5:34 PM
MCP is all anyone can talk about right now, but uhh what is it? And what do you actually need to know about the latest hyped AI thing? Join me tomorrow as I dig into it as we cover a TL;DR for security teams and perhaps why it might actually be industry changing
How to get rid of cash at DEFCON? Buy patches! Here are my DEFCON purchases (combined with a few I already had!
August 18, 2025 at 3:37 PM
How to get rid of cash at DEFCON? Buy patches! Here are my DEFCON purchases (combined with a few I already had!
How do you find Reflected XSS in real programs? Well I'm glad you asked! This episode we're diving DOM-first into Javascript and covering how to find XSS in highly interactive applications like Angular!
August 13, 2025 at 2:18 PM
How do you find Reflected XSS in real programs? Well I'm glad you asked! This episode we're diving DOM-first into Javascript and covering how to find XSS in highly interactive applications like Angular!
Thank you everyone for coming to my DEEPLY unserious vibe coding talk, hopefully it inspires you to just learn how to program ESP32 rather than spend 4-5 hours trying to get it to produce working YAML
August 9, 2025 at 3:11 AM
Thank you everyone for coming to my DEEPLY unserious vibe coding talk, hopefully it inspires you to just learn how to program ESP32 rather than spend 4-5 hours trying to get it to produce working YAML
Sat 9th Aug @ 3pm Ill be sharing my brand new API hacking 2hour workshop at the Red Team Village, new labs, new methodologies and new content, it’s a one-stop-shop for API hacking!
August 7, 2025 at 4:59 PM
Sat 9th Aug @ 3pm Ill be sharing my brand new API hacking 2hour workshop at the Red Team Village, new labs, new methodologies and new content, it’s a one-stop-shop for API hacking!
Sat 9th Aug @ 2pm I’ll be running an interactive experience at the Blue Team Village Nook, part RPG, part improv show and part fun making threat modelling fun! Come join us
August 7, 2025 at 4:59 PM
Sat 9th Aug @ 2pm I’ll be running an interactive experience at the Blue Team Village Nook, part RPG, part improv show and part fun making threat modelling fun! Come join us
Fri 8th Aug @ 5:30pm I’ll be doing a talk about vibe eletronics-ing, and vibe coding and sharing some of my forays into the world of hardware hacking as a noob!
August 7, 2025 at 4:59 PM
Fri 8th Aug @ 5:30pm I’ll be doing a talk about vibe eletronics-ing, and vibe coding and sharing some of my forays into the world of hardware hacking as a noob!
Fri 8th August @ 1:30pm I will be chatting about bug bounty + content creation with fellow creators NahamSec and Rhynorater at the Bug Bounty Village talking all things content, education and hacking (and how to balance the 3!)
August 7, 2025 at 4:59 PM
Fri 8th August @ 1:30pm I will be chatting about bug bounty + content creation with fellow creators NahamSec and Rhynorater at the Bug Bounty Village talking all things content, education and hacking (and how to balance the 3!)
Fri 8th Aug @ 12:30pm my colleague Eaton will be presenting his API hack that allowed him to remotely start a car, check it out at the Car Hacking Village on creator stage 3 (I’ll be in the audience)
August 7, 2025 at 4:58 PM
Fri 8th Aug @ 12:30pm my colleague Eaton will be presenting his API hack that allowed him to remotely start a car, check it out at the Car Hacking Village on creator stage 3 (I’ll be in the audience)
Also on Thurs 7th Aug @ 8pm I’ll be at the Semgrep party at Level Up @ the MGM Grand, registration is still open and we should have space for those who register on the day semgrep.dev/events/l...
August 7, 2025 at 4:58 PM
Also on Thurs 7th Aug @ 8pm I’ll be at the Semgrep party at Level Up @ the MGM Grand, registration is still open and we should have space for those who register on the day semgrep.dev/events/l...
Also on Wednesday 6th Aug, I will be on a panel at BlackHat: Bug Bounty Group Therapy: Confessions, Concerns, and Community Solutions at 1:30 pm located at Lagoon G, Level 2 to chat about what works (and doesn't) for bug bounty hunters www.blackhat.com/us-...
7/9
7/9
August 3, 2025 at 11:25 PM
Also on Wednesday 6th Aug, I will be on a panel at BlackHat: Bug Bounty Group Therapy: Confessions, Concerns, and Community Solutions at 1:30 pm located at Lagoon G, Level 2 to chat about what works (and doesn't) for bug bounty hunters www.blackhat.com/us-...
7/9
7/9
On Wednesday 6th Aug, I will be joining my colleague @shehackspurple for her coffee meet and greet, please do swing by 8:00 am - 10:00 am at the big Starbucks, Mandalay Bay, the big one, right next to the convention center!
6/9
6/9
August 3, 2025 at 11:25 PM
On Wednesday 6th Aug, I will be joining my colleague @shehackspurple for her coffee meet and greet, please do swing by 8:00 am - 10:00 am at the big Starbucks, Mandalay Bay, the big one, right next to the convention center!
6/9
6/9
Also on Tuesday 5th Aug, I will be at the Semgrep event at Omega Mart, selfishly I didn't finish it last year, and Semgrep has bought out the entire space soooo if anyone wants to come do it with me, please do! semgrep.dev/events/o...
5/9
5/9
August 3, 2025 at 11:25 PM
Also on Tuesday 5th Aug, I will be at the Semgrep event at Omega Mart, selfishly I didn't finish it last year, and Semgrep has bought out the entire space soooo if anyone wants to come do it with me, please do! semgrep.dev/events/o...
5/9
5/9
Also on Monday 4th Aug at 12:00 I will be at the Lineaje Software Supply Chain Summit at the panel AI is Writing Code – But Who’s Watching the Machines at 12:50 chatting about what security looks like in the age of vibe coding and AI generated code
www.lineaje.com/soft...
3/9
www.lineaje.com/soft...
3/9
August 3, 2025 at 11:25 PM
Also on Monday 4th Aug at 12:00 I will be at the Lineaje Software Supply Chain Summit at the panel AI is Writing Code – But Who’s Watching the Machines at 12:50 chatting about what security looks like in the age of vibe coding and AI generated code
www.lineaje.com/soft...
3/9
www.lineaje.com/soft...
3/9
Recommended simply for the worlds weirdest souvenirs
July 21, 2025 at 7:59 PM
Recommended simply for the worlds weirdest souvenirs
Wondering where I'll be speaking this Hacker Summer Camp? Well here's the official schedule! I'll be speaking at the @BugBountyDEFCON, @IoTvillage @ DEFCON on friday. Then on saturday I'll be delivering a 2hr workshop on everything API hacking at the @RedTeamVillage
1/2
1/2
July 17, 2025 at 4:48 PM
Wondering where I'll be speaking this Hacker Summer Camp? Well here's the official schedule! I'll be speaking at the @BugBountyDEFCON, @IoTvillage @ DEFCON on friday. Then on saturday I'll be delivering a 2hr workshop on everything API hacking at the @RedTeamVillage
1/2
1/2
What kind of Hackybara are you? Come find me at Hacker Summer Camp and say hi for one (or an entire set) of these little guys, I’ll be at BlackHat, BSidesLV and DEFCON
July 8, 2025 at 10:53 AM
What kind of Hackybara are you? Come find me at Hacker Summer Camp and say hi for one (or an entire set) of these little guys, I’ll be at BlackHat, BSidesLV and DEFCON
I am delighted to be apart of this panel at the @RUSI_org on the 7th of July, we'll be exploring @joetidy's world of teenager cyber criminals and answer the key question, how do we prevent teenage boys down this path in the first place
1/2
1/2
June 26, 2025 at 5:30 PM
I am delighted to be apart of this panel at the @RUSI_org on the 7th of July, we'll be exploring @joetidy's world of teenager cyber criminals and answer the key question, how do we prevent teenage boys down this path in the first place
1/2
1/2
Today I am at @BSidesLeeds as a special guest no pressure 😅 I’ll be talking about AI, APIs and the four horsemen of the AI apocalypse
June 21, 2025 at 8:55 AM
Today I am at @BSidesLeeds as a special guest no pressure 😅 I’ll be talking about AI, APIs and the four horsemen of the AI apocalypse