Become a member

  • Support my work on a monthly basis.

  • You’ll be notified by email when new members-only posts (Brutal Secrets) are published.

Already a member? Log in here


In 2015 I started @brutalsecrets, a private Twitter account designed to share some of the most sensitive Cross-Site Scripting (XSS) disclosures that I have found. It fueled my research and more amazing things started to come, payloads, techniques and bypasses.

Join us here as I share all my original and borrowed research on offensive computer security fields, specially Web Hacking with injections and bypasses. Included are techniques to discover and exploit mind-bending attack vectors, HTML + Javascript payloads, filter/firewall evasion and any other useful tips and tricks related to Web Hacking.

A lot of people joined this very project in the past and they are doing it right now again or for the first time. Gaining access to this knowledge base has brought them some competitive advantage. It helped noobs and professionals dive deep into the practical understanding of above subjects and have even won bug bounties from examples I share.

So, if you got interested and want to get access to that premium content go for the membership option. But before, see these testimonials:

Hope to see you next on this list!


Rodolfo Assis - Brute

FlawTECH is now a member.
Someone bought 12 coffees.
NS bought 12 coffees.
Instant is now a member.
@dracutdashf bought 2 coffees.