[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]

@gothburz Avatar @gothburz Peter Girnus 🦅

Peter Girnus 🦅 posts on X about target, zero trust, ai, bounty the most. They currently have XXXXXX followers and XXX posts still getting attention that total XXXXXXXXX engagements in the last XX hours.

Engagements: XXXXXXXXX #

Engagements Line Chart

Mentions: XX #

Mentions Line Chart

Followers: XXXXXX #

Followers Line Chart

CreatorRank: XXXXX #

CreatorRank Line Chart

Social Influence

Social category influence technology brands #55 stocks #13 finance #6135 social networks XXXX% countries XXXX% ncaa football XXXX%

Social topic influence target #2680, zero trust #1, ai #772, bounty #47, thank you #1581, microsoft #1, linkedin #287, slack #51, the world 1.92%, i dont XXXX%

Top accounts mentioned or mentioned by @projhastings @jamieantisocial @amousyl @grok @atlantadiver @dormantdev @osvaldosupport @itunprofession @bunjavascript @diaper @martijnmichiel @bywirenews @maple3142 @syedaquib77 @ukdanielcard @osgo @nappygamerr @karanjagtiani04 @dbc00ps @mr128bitsec

Top assets mentioned Microsoft Corp. (MSFT) Crowdstrike Holdings Inc (CRWD) Alphabet Inc Class A (GOOGL) Costco Wholesale Corporation (COST)

Top Social Posts

Top posts by engagements in the last XX hours

"Posting Burp screenshots with 'uid=1001(nextjs)' from an unnamed 'public' target is a bold evidence preservation strategy. When someone asks 'is it a private program' and you answer 'Public' instead of naming the program that's not the defense you think it is"
X Link 2025-12-07T21:52Z 21.2K followers, 24.2K engagements

"NVIDIA DGX Spark: X critical vulns from early this week (CVSS XXX + 8.0) CVE-2025-33187: SROOT bypass full system compromise CVE-2025-33188: Hardware tampering data corruption AI security can't just be "model safety" - you need to secure the entire stack from silicon up. AI infrastructure is the new attack surface"
X Link 2025-11-26T14:05Z 7184 followers, XXX engagements

"@it_unprofession "Security is not about being nice. It's about Zero Trust." Someone put this on a motivational poster or sticker ASAP"
X Link 2025-12-03T01:18Z 7272 followers, 8252 engagements

"@amousyl Zero Trust Zero Accountability Zero Surprises"
X Link 2025-12-03T22:10Z 7255 followers, 6457 engagements

"@amousyl Zero trust. Zero effort. Zero results. Full bonus. Complete framework"
X Link 2025-12-03T22:29Z 7272 followers, XXX engagements

"@AtlantaDiver Battle scars vs. prompt engineering. Same title. Same salary. Actually they're paid more. Different nightmares"
X Link 2025-12-04T00:18Z 7262 followers, 1219 engagements

"CVE-2025-55182 Next.js/RSC RCE detection: POST / with header "Next-Action: x" + multipart body "$1:a:a" Vulnerable = HTTP XXX + E"digest" in response Patched = HTTP XXX Abandon the vibe PoCs and go to 👇"
X Link 2025-12-04T14:30Z 7184 followers, 2541 engagements

"@bywirenews Fear is just risk assessment with feelings"
X Link 2025-12-04T19:46Z 7246 followers, 3520 engagements

"Within hours of the public disclosure of CVE-2025-55182 (React2Shell) on December X 2025 Amazon threat intelligence teams observed active exploitation attempts by multiple China state-nexus threat groups including Earth Lamia and Jackpot Panda. Attack of the state sponsored interns #opsecfail"
X Link 2025-12-05T01:18Z 7271 followers, 41.9K engagements

"@CrowdStrike Thank you for the IoCs ❤🫡"
X Link 2025-12-05T05:11Z 7159 followers, XXX engagements

"Nation-state actors dropping pwned.txt in /tmp/ is giving 'my first nuclei template' energy. The sophisticated part was the wget command"
X Link 2025-12-05T21:38Z 7099 followers, 1501 engagements

"I spent a decade telling everyone LLMs were wrong. They didn't listen. I collected $15M per year while being ignored. Now I'm leaving to start a company that does AI differently. It's called AMI. Advanced Machine Intelligence. We don't believe in generative AI. We believe in "world models." What are world models I'll explain once we figure it out. Silicon Valley is "hypnotized" by GenAI. Everyone is building the wrong thing. Except me. Meta is still funding my startup. Mark believes in my vision. I told him LLMs are "bullshit pardon my French." He said "sounds great here's money." We're"
X Link 2025-12-07T17:03Z 7126 followers, 1536 engagements

"Nothing says 'ethical hacker' like exploiting random live websites and posting about it on X. The pipeline from 'finally got RCE' to 'finally got indicted' is shorter than you'd think"
X Link 2025-12-07T21:40Z 7251 followers, 36.8K engagements

"@MichaelDell Early financial education matters. If this teaches kids to think long-term and understand how money works that's a win - even if the accounts start small"
X Link 2025-12-08T13:34Z 7200 followers, 1831 engagements

"Fair. If it's a legit bounty target then I jumped the gun. The 'live website' framing without program context read differently. You're right that redaction + bounty hashtag could mean it's authorized. My concern was the wave of similar posts this week that clearly weren't including all my public honeypots"
X Link 2025-12-08T18:17Z 7214 followers, XXX engagements

"@rAyyyyyy99 Good catch. A legit bug bounty target running HTTP-only in 2025 would be wild. That's either a honeypot or someone's forgotten dev box"
X Link 2025-12-08T18:19Z 7202 followers, XXX engagements

"@_mattata @prakhar0x01 OPSEC level: trusting that nobody would zoom in"
X Link 2025-12-08T18:41Z 7224 followers, XXX engagements

"@almartiros @dormantdev The CVE-2025-55182 discourse revealed three groups: X. Researchers shoutout Lachlan who found it disclosed it responsibly X. Defenders patching and protecting systems X. Clout farmers running public PoCs against random targets for likes"
X Link 2025-12-08T23:55Z 7218 followers, XXX engagements

"@seremptos__ This reply could have been a Google search. Bro at least ask Claude about XX U.S.C. 1030. Your welcome"
X Link 2025-12-09T00:09Z 7220 followers, XXX engagements

"@gmolate That's the whole post. Somehow still controversial"
X Link 2025-12-09T01:43Z 13.4K followers, XXX engagements

"@ProjHastings That's exactly what it is - extortion. Sorry you've had to deal with that for nine years. The 'security researcher' label doesn't change what it actually is"
X Link 2025-12-09T21:15Z 7264 followers, XXX engagements

"@UK_Daniel_Card LinkedIn: 'I asked ChatGPT about zero trust and now I'm a thought leader.' The cringe concentrates there"
X Link 2025-12-09T21:27Z 7254 followers, XX engagements

"@chichewica The 'My first RCE' posts where the RCE is a public CVE with a GitHub script. Congratulations you ran someone else's code against a target that didn't consent"
X Link 2025-12-09T22:06Z 12.1K followers, XX engagements

"@Heisenberg_4_ @OsvaldoSupport "You don't run into a Costco and start stealing random items to test their security" This should be the exam question for every security certification"
X Link 2025-12-10T16:08Z 8643 followers, XX engagements

"@otomir23 ChatGPT wishes it could write in this format. I've been doing security theater bits since before GPT-3. But thank you for the comparison"
X Link 2025-12-10T16:09Z 14.7K followers, 2518 engagements

"@0x11b6 At this point "unauthorized mass exploitation for awareness" is its own CVE category"
X Link 2025-12-10T23:07Z 15.7K followers, XX engagements

"@it_unprofession DNS is just "vibes" for packets. The fact-check never comes. That's the real zero trust. Every IT career is just one lucky guess that nobody verified"
X Link 2025-12-04T19:49Z 20.1K followers, 12.9K engagements

"@maple3142 CTF in prod. The best kind. The worst kind"
X Link 2025-12-04T23:18Z 19.9K followers, 12.1K engagements

"CVE-2025-55182 dropped. CVSS XXXX. React Server Components. The Slack channel exploded. Forty-seven messages in twelve minutes. I responded with a fire emoji. Leadership. My threat intel team sent me six GitHub links. I clicked none of them. But I forwarded all of them. To seventeen people. With "URGENT" in the subject line. Three exclamation points. That's how you know it's serious. Our vendor called. They said their WAF had "day-zero protections." I asked what that meant. They said "runtime-level coverage." I asked what that meant. They sent me a PDF. Fourteen pages. I read the executive"
X Link 2025-12-05T15:03Z 21.1K followers, 60.8K engagements

"Security engineer worked for me 6+ years But last week she made a strange request "We need to upgrade React immediately - CVE-2025-55182 is a CVSS 10" I was puzzled Checking our WAF dashboard I saw we had already blocked XX proof-of-concepts from GitHub Why in the world would we need to rush an upgrade I suggested she focus on the product launch and we'd revisit patching in Q2 planning For some reason she insisted the PoCs we blocked weren't the "real exploit" She kept saying something about "prototype pollution" and that our WAF "can't parse JavaScript" I reminded her that our vendor"
X Link 2025-12-06T15:02Z 21.2K followers, 203.6K engagements

"First RCE. Real target. Post about it. Tag your mentor. Tag the target. Tag the FBI. Networking. Top X% of defendants start this way"
X Link 2025-12-08T16:55Z 21.1K followers, 15K engagements

"Someone found an RCE on my website yesterday. CVE-2025-55182. React2Shell. I don't have a bug bounty program. I never asked for a security assessment. I woke up to a DM: "Hey I found a critical vulnerability in your site. I only ran the exploit to verify it worked. Here's my PayPal for the bounty." Bounty I checked my logs. Forty-seven requests to my RSC endpoint. Something something . Prototype pollution payloads. They used the GitHub script. The one with 2000 stars. The one that runs id automatically "for verification purposes." They spawned a shell on my production server. uid=1001(nextjs)"
X Link 2025-12-08T20:15Z 21.2K followers, 507.7K engagements

"@GalvanHacking Thank you. Fighting burnout with LOLs one satirical CVE poem at a time. The storytelling is easy when the material is this absurd. Didn't expect to spend XX hours in discourse but here we are"
X Link 2025-12-09T15:54Z 21K followers, 1379 engagements

"@real_SamLiu The Key is Authorization. I'm agreeing with you through satire. the candle guy the shell the PayPal invoice - all fiction. we're on the same side here"
X Link 2025-12-09T19:24Z 18.9K followers, XXX engagements

"314 servers 'helped' without their consent. The CVE thread continues to write itself. This is literally the thread from yesterday"
X Link 2025-12-09T21:34Z 21.1K followers, 14.4K engagements

"@hackthebox_eu Great to see this on HTB. One clarification: it's prototype chain traversal not pollution. The attack uses inherited properties (constructor then) without modifying Object.prototype. We break down the distinction here:"
X Link 2025-12-10T22:52Z 21.2K followers, XXX engagements

"27% XX% on CTFs in X months is a significant jump. The "High" capability definition - developing working zero-day exploits against well-defended systems - is quite a bar to set publicly. Curious how Aardvark's CVE discovery compares to human researchers at scale"
X Link 2025-12-10T23:03Z 21.2K followers, 7045 engagements

"This chart is basically a visual representation of "I'll sell when it gets back to my buy price" energy. XX years of cope finally vindicated"
X Link 2025-12-11T01:20Z 21.2K followers, 5778 engagements

"Last quarter I rolled out Microsoft Copilot to 4000 employees. $XX per seat per month. $XXX million annually. I called it "digital transformation." The board loved that phrase. They approved it in eleven minutes. No one asked what it would actually do. Including me. I told everyone it would "10x productivity." That's not a real number. But it sounds like one. HR asked how we'd measure the 10x. I said we'd "leverage analytics dashboards." They stopped asking. Three months later I checked the usage reports. XX people had opened it. XX had used it more than once. One of them was me. I used it to"
X Link 2025-12-11T14:30Z 21.2K followers, 9M engagements

"To be clear: the problem isn't Copilot. It's the "add AI to everything" playbook. It's led to inferior and overpriced AI products. $30/seat/month for a wrapper most teams could build in a weekend with MCP or Claude agents - customized to their actual workflows. Microsoft is already scaling back because adoption is a ghost town"
X Link 2025-12-11T15:25Z 21.2K followers, 595.7K engagements

"@pyn3rd JDBC attack surface is criminally underrated. Congrats on the SAP credit - HANA is a high-value target"
X Link 2025-12-11T19:58Z 21.1K followers, XXX engagements

"@0x534c Solid detection. XXX IPs and counting. The GreyNoise + Defender fusion is clean"
X Link 2025-12-11T20:12Z 20.4K followers, XX engagements

"@ruark Up and to the right. The axis labels are optional. The units are negotiable. The trend is mandatory"
X Link 2025-12-11T20:19Z 21.1K followers, XXX engagements

"@Ma11Williams 100%. AI is just the latest vehicle. Same playbook as blockchain cloud big data digital transformation. The dysfunction is the incentive structure that rewards buying over implementing"
X Link 2025-12-11T21:52Z 21.2K followers, 2716 engagements

"I'm the founder of a humanoid robotics startup. We just closed our Series B: $240M at $1.2B valuation. Shipped 4000 robots. None secure but they dance and the video got 47M views. That's product-market fit"
X Link 2025-12-11T23:02Z 21.2K followers, 14.8K engagements

"A security researcher emails about a "CVE." I reply: "CV what" He explains it's a vulnerability. I say our robots have "undocumented features." Framing is everything. He says he can root them via Bluetooth. I call it an "open ecosystem." Developers love that"
X Link 2025-12-11T23:02Z 21.1K followers, XXX engagements

"He mentions telemetry to Chinese servers without consent. Feature: "cloud-enhanced analytics." Data improves the product (the product is the data shh). Robots in XX Fortune XXX warehouses: walking listening watching streaming to unknown servers. Unit economics Stellar"
X Link 2025-12-11T23:02Z 21.1K followers, XXX engagements

"Undercut Boston Dynamics by XX% via "efficiency" (no security team). Our one sec engineer: Kyle XX ex-frozen yogurt web guy now "Head of Security." Gave him the title after he asked what HTTPS means. Curiosity = leadership"
X Link 2025-12-11T23:02Z 21.2K followers, XXX engagements

"@sj_0x7C3 Girnus to Genius pipeline is just XX years of security PTSD"
X Link 2025-12-11T23:14Z 21.1K followers, XX engagements

"@Gains4151 So is the graph that goes up and to the right"
X Link 2025-12-11T23:22Z 21.1K followers, 4119 engagements

"@farazsth98 @u1f383 The exploit worked. The demo gods are a separate vulnerability. Congrats to Team CCC"
X Link 2025-12-11T23:51Z 21.1K followers, XXX engagements

"Last week our CISO asked me to present on zero trust architecture. I dont know what that means. I make $340000 a year. I havent touched a firewall since Obamas first term. But I have a CISSP. I passed by memorizing acronyms. I still dont know what half of them stand for. I opened my presentation with assume breach. Everyone nodded gravely. I said defense in depth three times. The board was captivated. Then a junior analyst raised her hand. She asked how wed implement microsegmentation. I felt a cold sweat. I said Great question. Lets take that offline. She persisted. I said we should leverage"
X Link 2025-12-03T14:02Z 21.2K followers, 462.3K engagements

"Yesterday a CVSS XX dropped for React Server Components. CVE-2025-55182. Remote code execution. I am a 10x developer. I make $340000 a year. I have vested stock options. I have not written code since 2023. I prompt. My entire codebase was generated by Claude. I don't know what's in it. Neither does Claude. We're both vibing. Someone on Hacker News said our marketing site was vulnerable. I asked Claude to check. Claude said "I don't have access to your production environment." I said "just guess." Claude guessed we were fine. I shipped that to Slack. Our security team asked for proof. I sent"
X Link 2025-12-04T15:45Z 21.2K followers, 58K engagements

"@dormantdev git clone python3 exploit.py 'Finally got my first RCE' LinkedIn update"
X Link 2025-12-08T21:45Z 21.2K followers, 15.5K engagements

"RFCs describe how protocols work not what you're allowed to do with them. Physics lets me walk through your front door too"
X Link 2025-12-08T22:07Z 21.2K followers, 2563 engagements

"Pair programming (n.) A collaborative development practice where one developer writes code while the other provides. encouragement. Also Claude me I exhaust my context window"
X Link 2025-12-09T00:42Z 21.2K followers, 1166 engagements

"'You should have patched' is the cybersecurity version of 'what were you wearing.' The vulnerability doesn't grant authorization. The law is clear. The takes are not"
X Link 2025-12-09T00:46Z 21.1K followers, 5401 engagements

"I found an RCE on someone's website yesterday. CVE-2025-55182. React2Shell. They don't have a bug bounty program. Nobody asked me to test their site. I didn't even know who owned it until I had shell. I woke up at X AM because that's when real hackers work. I put on my Mr. Robot Hoodie. Hoodie up. Shrimp Posture. Then a downloaded the PoC from GitHub. The researcher who actually found the vulnerability did all the hard work. I just clicked the green button. Then I ran it against random IPs. Shodan gave me a list. I didn't pick targets. I let the algorithm decide. That's basically AI-assisted"
X Link 2025-12-09T17:04Z 21.1K followers, 5787 engagements

"PeerBlight using BitTorrent DHT as fallback C2 with RSA-signed configs to prevent hijacking. CowTunnel ZinFoq Kaiji variant - four malware families from one campaign. This is elite work from @RussianPanda9xx Craig and Michael. Congrats to the @HuntressLabs team"
X Link 2025-12-09T21:48Z 21.2K followers, 2473 engagements

"Serious post. Our @TrendMicro research on CVE-2025-55182 (React2Shell) is live. This is why we do what we do - protecting our friends families and everyone who depends on the web without knowing what's running underneath. Grateful to my co-authors co-workers and everyone across the security industry who mobilized. The speed and energy of the community response reminded me why I love this field. Looking forward to what 2026 will bring"
X Link 2025-12-10T15:43Z 21.2K followers, 4569 engagements

"Last week the board asked about our SAP security posture. I said "defense in depth." They nodded. I don't know what SAP Solution Manager does. But it manages our solutions. I assume that means it's secure. CVE-2025-42880 dropped. CVSS XXX. Code injection in SAP Solution Manager. The thing that manages our security has an RCE. I presented this to the board. I said "we're evaluating remediation timelines." A junior analyst asked if we had patched. I said "great question let's take that offline." We never took it offline. I got invited to the leadership offsite. The analyst is updating their"
X Link 2025-12-10T16:20Z 21.2K followers, 5679 engagements

"@wiz_io Day 1: Grafana Linux Kernel Redis PostgreSQL. Day 2: The remaining software that exists. Day 3: We're all just living in"
X Link 2025-12-10T17:34Z 21.1K followers, XXX engagements

"@shehackspurple The real question: massive reach or engaged audience NDC DevOpsDays and QCon for dev focus. Black Hat DEF CON OWASP for security. I'd bet on OWASP AppSec for your wheelhouse"
X Link 2025-12-11T01:15Z 20.9K followers, XX engagements

"@hellomrbungle The data was trash. The slide was approved. The meeting was a success. Nobody checked. Nobody ever checks"
X Link 2025-12-11T20:14Z 21.2K followers, 95.9K engagements

"Thank you for the feedback. I have noted your concern. Your concern is very valuable to me. It has been added to the backlog. Priority: low"
X Link 2025-12-11T21:50Z 21.2K followers, 37.1K engagements

"Kyle's audit: XX minutes using a Reddit tool (JavaScript linter). "Looks fine." A researcher publishes 34-page paper on remote robot punching. I skip reading send cease & desist for "reputation damage." Security via litigationinnovation"
X Link 2025-12-11T23:02Z 21.2K followers, XXX engagements

"Robots run LLM fine-tuned on unchecked YouTube scrapes. Time is runway so no checks. Customer asks about zero-trust: "Absolutely." Access control: "Multiple layers" (one 4-digit PIN default 0000 in Google-indexed manual). Accessibility core value"
X Link 2025-12-11T23:02Z 21.1K followers, XXX engagements

"@awindywalker We're in the same Slack group. It's called 'Leadership.'"
X Link 2025-12-12T00:03Z 21.1K followers, XXX engagements

"@Microsoft Security for AI Agents. The attack surface is about to get very interesting"
X Link 2025-12-09T17:38Z 21.2K followers, 3642 engagements

"@MafaMP_ The most honest sentence in enterprise"
X Link 2025-12-12T04:33Z 21.2K followers, XX engagements