Oli (C..1..P.H.Y)
@munz4u.de
Infosec addicted IT guy 🕵️♂️👨💻 | HTB Guru | Researcher & Pentester 🖊️ | White-Hat 🎩 | Bugs find me 🪲 | Part of the awesome #kaeferjaeger crew 💥
Just finished rooting all active @hackthebox.bsky.social machines – after not being active since 2019.
That makes 92 rooted boxes total.
Feels good to be back. 🔥🧠
That makes 92 rooted boxes total.
Feels good to be back. 🔥🧠
July 25, 2025 at 10:45 AM
Just finished rooting all active @hackthebox.bsky.social machines – after not being active since 2019.
That makes 92 rooted boxes total.
Feels good to be back. 🔥🧠
That makes 92 rooted boxes total.
Feels good to be back. 🔥🧠
I reported a single, highly critical vulnerability that earned the top payout of the event. 💥🐞
Big thanks to @exness6.bsky.social for putting together such a great virtual meetup, and a special shoutout to @lauritz-holtmann.de!
Everything was incredibly well organized! 🙌
Big thanks to @exness6.bsky.social for putting together such a great virtual meetup, and a special shoutout to @lauritz-holtmann.de!
Everything was incredibly well organized! 🙌
Hacking Meetup vol. 3 of the German @hacker0x01.bsky.social Club - supported by @exnessofficial.bsky.social - was a blast! 💥
We x6 the overall bounties of our previous meetup and scored over 94,000$ overall bounties. 🤯
Additionally, H1 swag is on the way to all attendees and will arrive soon. 🤞
We x6 the overall bounties of our previous meetup and scored over 94,000$ overall bounties. 🤯
Additionally, H1 swag is on the way to all attendees and will arrive soon. 🤞
June 26, 2025 at 5:15 PM
I reported a single, highly critical vulnerability that earned the top payout of the event. 💥🐞
Big thanks to @exness6.bsky.social for putting together such a great virtual meetup, and a special shoutout to @lauritz-holtmann.de!
Everything was incredibly well organized! 🙌
Big thanks to @exness6.bsky.social for putting together such a great virtual meetup, and a special shoutout to @lauritz-holtmann.de!
Everything was incredibly well organized! 🙌
Whoa, totally unexpected - my tool sqltimer just got featured in the latest Bug Bytes newsletter by @intigriti.com! 😍
Huge thanks for the shoutout!
Huge thanks for the shoutout!
May 23, 2025 at 6:59 PM
Whoa, totally unexpected - my tool sqltimer just got featured in the latest Bug Bytes newsletter by @intigriti.com! 😍
Huge thanks for the shoutout!
Huge thanks for the shoutout!
I was looking for a lightweight, efficient tool to detect time-based SQLi — something that doesn’t blast tons of unnecessary requests.
Couldn’t find one.
So I built sqltimer. 🛠️
👉 github.com/c1phy/sqltimer
Give it a try and let me know what you think! 🚀
Couldn’t find one.
So I built sqltimer. 🛠️
👉 github.com/c1phy/sqltimer
Give it a try and let me know what you think! 🚀
GitHub - c1phy/sqltimer: A fast, minimalistic scanner for time-based SQL injection (SQLi) detection – built in Go.
A fast, minimalistic scanner for time-based SQL injection (SQLi) detection – built in Go. - c1phy/sqltimer
github.com
April 28, 2025 at 2:14 PM
I was looking for a lightweight, efficient tool to detect time-based SQLi — something that doesn’t blast tons of unnecessary requests.
Couldn’t find one.
So I built sqltimer. 🛠️
👉 github.com/c1phy/sqltimer
Give it a try and let me know what you think! 🚀
Couldn’t find one.
So I built sqltimer. 🛠️
👉 github.com/c1phy/sqltimer
Give it a try and let me know what you think! 🚀
Recon can be exhausting, but for quick overviews and interesting parameters, why not use Google?
This Google Dorks tool helps you uncover low-hanging fruit like exposed files, admin panels, and more.
All with Pre-built queries! 🚀
Check it out: taksec.github.io/google-dorks...
This Google Dorks tool helps you uncover low-hanging fruit like exposed files, admin panels, and more.
All with Pre-built queries! 🚀
Check it out: taksec.github.io/google-dorks...
December 16, 2024 at 3:48 PM
Recon can be exhausting, but for quick overviews and interesting parameters, why not use Google?
This Google Dorks tool helps you uncover low-hanging fruit like exposed files, admin panels, and more.
All with Pre-built queries! 🚀
Check it out: taksec.github.io/google-dorks...
This Google Dorks tool helps you uncover low-hanging fruit like exposed files, admin panels, and more.
All with Pre-built queries! 🚀
Check it out: taksec.github.io/google-dorks...
Enhance your recon toolkit!
Schniggie from our #Kaeferjaeger team has developed an SNI collection service for AWS, DigitalOcean, Google, Microsoft, and Oracle.
Plus, a powerful search tool on top! Even highlighted by @jhaddix.bsky.social in one of his videos!
search.kaeferjaeger.gay
Schniggie from our #Kaeferjaeger team has developed an SNI collection service for AWS, DigitalOcean, Google, Microsoft, and Oracle.
Plus, a powerful search tool on top! Even highlighted by @jhaddix.bsky.social in one of his videos!
search.kaeferjaeger.gay
CN/SANs Search
search.kaeferjaeger.gay
November 22, 2024 at 8:59 AM
Enhance your recon toolkit!
Schniggie from our #Kaeferjaeger team has developed an SNI collection service for AWS, DigitalOcean, Google, Microsoft, and Oracle.
Plus, a powerful search tool on top! Even highlighted by @jhaddix.bsky.social in one of his videos!
search.kaeferjaeger.gay
Schniggie from our #Kaeferjaeger team has developed an SNI collection service for AWS, DigitalOcean, Google, Microsoft, and Oracle.
Plus, a powerful search tool on top! Even highlighted by @jhaddix.bsky.social in one of his videos!
search.kaeferjaeger.gay
Reposted by Oli (C..1..P.H.Y)
Any bug bounty people around? I'm creating a starter pack of people to follow but it's pretty brief currently! Let me know if you'd like to be added: go.bsky.app/GD7hKPX
November 21, 2024 at 3:23 PM
Any bug bounty people around? I'm creating a starter pack of people to follow but it's pretty brief currently! Let me know if you'd like to be added: go.bsky.app/GD7hKPX
This is still one of my favorite vids for understanding and finding IDOR vulnerabilities by @stokfredrik.bsky.social. It was the video that inspired me to dive in and get the basics of the idea!
www.youtube.com/watch?v=3K1-...
www.youtube.com/watch?v=3K1-...
Burp Suite tutorial: IDOR vulnerability automation using Autorize and AutoRepeater (bug bounty)
YouTube video by STÖK
www.youtube.com
November 21, 2024 at 6:50 PM
This is still one of my favorite vids for understanding and finding IDOR vulnerabilities by @stokfredrik.bsky.social. It was the video that inspired me to dive in and get the basics of the idea!
www.youtube.com/watch?v=3K1-...
www.youtube.com/watch?v=3K1-...
Reposted by Oli (C..1..P.H.Y)
How does the new iOS inactivity reboot work? What does it protect from?
I reverse engineered the kernel extension and the secure enclave processor, where this feature is implemented.
naehrdine.blogspot.com/2024/11/reve...
I reverse engineered the kernel extension and the secure enclave processor, where this feature is implemented.
naehrdine.blogspot.com/2024/11/reve...
Reverse Engineering iOS 18 Inactivity Reboot
Wireless and firmware hacking, PhD life, Technology
naehrdine.blogspot.com
November 17, 2024 at 9:42 PM
How does the new iOS inactivity reboot work? What does it protect from?
I reverse engineered the kernel extension and the secure enclave processor, where this feature is implemented.
naehrdine.blogspot.com/2024/11/reve...
I reverse engineered the kernel extension and the secure enclave processor, where this feature is implemented.
naehrdine.blogspot.com/2024/11/reve...
We’ve advanced to the Sweet Sixteen round of the Hacker0x01 #AWC! 🚀🌍
Excited for the challenges ahead in the next two weeks. Let’s give it our all! 💪🔥 #HackerOne #AWC2024
Excited for the challenges ahead in the next two weeks. Let’s give it our all! 💪🔥 #HackerOne #AWC2024
October 22, 2024 at 1:50 PM
We’ve advanced to the Sweet Sixteen round of the Hacker0x01 #AWC! 🚀🌍
Excited for the challenges ahead in the next two weeks. Let’s give it our all! 💪🔥 #HackerOne #AWC2024
Excited for the challenges ahead in the next two weeks. Let’s give it our all! 💪🔥 #HackerOne #AWC2024