Oli (C..1..P.H.Y)'s Avatar

Oli (C..1..P.H.Y)

@munz4u.de

Infosec addicted IT guy πŸ•΅οΈβ€β™‚οΈπŸ‘¨β€πŸ’» | HTB Guru | Researcher & Pentester πŸ–ŠοΈ | White-Hat 🎩 | Bugs find me πŸͺ² | Part of the awesome #kaeferjaeger crew πŸ’₯

776
Followers 315
Following 9
Posts 22.10.2024
Joined
Posts Following

Latest posts by Oli (C..1..P.H.Y) @munz4u.de

Post image Post image

Had an amazing time at the #1337UP1125 hacking event in Belgium! Great challenges, great people, and lots of fun.
Even more special: I received @intigriti.com ’s Silver (250) and Gold (500) achievement coins - plus a beautifully written, signed card. Super grateful! πŸ₯ˆπŸ₯‡πŸ”₯

#HackWithIntigriti

23.11.2025 10:43 πŸ‘ 5 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Post image Post image

Just finished rooting all active @hackthebox.bsky.social machines – after not being active since 2019.
That makes 92 rooted boxes total.
Feels good to be back. πŸ”₯🧠

25.07.2025 10:45 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

I reported a single, highly critical vulnerability that earned the top payout of the event. πŸ’₯🐞

Big thanks to @exness6.bsky.social for putting together such a great virtual meetup, and a special shoutout to @lauritz-holtmann.de!
Everything was incredibly well organized! πŸ™Œ

26.06.2025 17:15 πŸ‘ 6 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0

Whoa, totally unexpected - my tool sqltimer just got featured in the latest Bug Bytes newsletter by @intigriti.com! 😍
Huge thanks for the shoutout!

23.05.2025 18:59 πŸ‘ 9 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
GitHub - c1phy/sqltimer: A fast, minimalistic scanner for time-based SQL injection (SQLi) detection – built in Go. A fast, minimalistic scanner for time-based SQL injection (SQLi) detection – built in Go. - c1phy/sqltimer

I was looking for a lightweight, efficient tool to detect time-based SQLi β€” something that doesn’t blast tons of unnecessary requests.
Couldn’t find one.
So I built sqltimer. πŸ› οΈ

πŸ‘‰ github.com/c1phy/sqltimer

Give it a try and let me know what you think! πŸš€

28.04.2025 14:14 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Recon can be exhausting, but for quick overviews and interesting parameters, why not use Google?
This Google Dorks tool helps you uncover low-hanging fruit like exposed files, admin panels, and more.
All with Pre-built queries! πŸš€

Check it out: taksec.github.io/google-dorks...

16.12.2024 15:48 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
CN/SANs Search

Enhance your recon toolkit!

Schniggie from our #Kaeferjaeger team has developed an SNI collection service for AWS, DigitalOcean, Google, Microsoft, and Oracle.
Plus, a powerful search tool on top! Even highlighted by @jhaddix.bsky.social in one of his videos!

search.kaeferjaeger.gay

22.11.2024 08:59 πŸ‘ 7 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

Any bug bounty people around? I'm creating a starter pack of people to follow but it's pretty brief currently! Let me know if you'd like to be added: go.bsky.app/GD7hKPX

21.11.2024 15:23 πŸ‘ 95 πŸ” 30 πŸ’¬ 45 πŸ“Œ 2
Burp Suite tutorial: IDOR vulnerability automation using Autorize and AutoRepeater (bug bounty)
Burp Suite tutorial: IDOR vulnerability automation using Autorize and AutoRepeater (bug bounty) YouTube video by STΓ–K

This is still one of my favorite vids for understanding and finding IDOR vulnerabilities by @stokfredrik.bsky.social. It was the video that inspired me to dive in and get the basics of the idea!

www.youtube.com/watch?v=3K1-...

21.11.2024 18:50 πŸ‘ 17 πŸ” 2 πŸ’¬ 1 πŸ“Œ 0
Preview
Reverse Engineering iOS 18 Inactivity Reboot Wireless and firmware hacking, PhD life, Technology

How does the new iOS inactivity reboot work? What does it protect from?

I reverse engineered the kernel extension and the secure enclave processor, where this feature is implemented.

naehrdine.blogspot.com/2024/11/reve...

17.11.2024 21:42 πŸ‘ 279 πŸ” 107 πŸ’¬ 12 πŸ“Œ 11
Post image

We’ve advanced to the Sweet Sixteen round of the Hacker0x01 #AWC! πŸš€πŸŒ
Excited for the challenges ahead in the next two weeks. Let’s give it our all! πŸ’ͺπŸ”₯ #HackerOne #AWC2024

22.10.2024 13:50 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0