Ciarán Cotter (@monkehack) / X

Ciarán Cotter

1,521 posts

Ciarán Cotter

@monkehack

• Irish/Japanese web/AI hacker from Cork, living in Scotland • Founder @StarstrikeAI • Researcher @ctbbpodcast • BT6 Member • Hacker Newsletter @ monke.ie

Edinburgh, Scotland

Joined March 2021

Pinned
Ciarán Cotter
@monkehack
Feb 3
Excited to launch this with @busf4ctor. We'll be posting some of our research over the next few weeks 😁 so make sure to follow. Really looking forward to seeing where this goes!
Starstrike AI
@StarstrikeAI
Feb 3
Today, we (@busf4ctor and @monkehack), are launching Starstrike: an AI pentesting and research startup. We'll be releasing our first few research articles over the next few weeks, detailing several bugs that helped us net over $100k in total. Follow to ensure you don't miss them!
7.9K
Ciarán Cotter
@monkehack
Aug 23, 2024
📖 Monke's Guide to Bug Bounty Methodology An exhaustive article answering pretty much everything you ever wanted to know about methodology. Enjoy :) #bugbounty
Monke's Guide to Bug Bounty Methodology
From monke.ie
23K
Ciarán Cotter
@monkehack
Nov 11, 2025
> Be me, age 13 > Dad has implemented time limit restrictions on wifi > discover that you can reset the restrictions by turning the TP-Link device off and on again a few times > Play Pokémon a lot, and curiosity to learn game dev kicks off > Flight to Japan with mom and little
48K
Ciarán Cotter
@monkehack
Apr 24, 2024
I’m starting full-time bug bounty soon. Bug bounty has been life-changing for me and I’ve only recently built the confidence to commit to this full-time. I’ll be tracking the challenges I encounter, and the progress I make. Stay tuned!
17K
Ciarán Cotter
@monkehack
Aug 18, 2022
New writeup! 🐵 This was a fun XSS. I hope you learn something from it :) monke.ie/xss-by-javascr…
Ciarán Cotter
@monkehack
Nov 28, 2023
🔎 In June, I took part in H1-4420 and found a neat business logic bug on Zoom with @jayesh25 . This blog post explains how we did it:
Claiming Zoom Rooms Service Accounts to Gain Access to Zoom Tenants
From appomni.com
37K
Ciarán Cotter
@monkehack
Feb 20, 2022
Here is my new writeup on API issues: monke.ie/api-vulns-case…
Ciarán Cotter
@monkehack
Dec 29, 2023
My 2023 in a nutshell: • Around 40k in bounties on @Hacker0x01, in my third year as a hacker. • Attended H1-4420 and 1337UP1023 live hacking events. • I was published in outlets such as Forbes and Techradar! • Finished university with a degree in Computer Science and am
17K
Ciarán Cotter
@monkehack
Jun 12, 2025
definitely one of the nicer spots I’ve hacked from ✌️#NewZealand #bugbountylife
7.9K
Ciarán Cotter
@monkehack
Dec 30, 2021
Since everyone seems to be flexing, here's mine in my first year in infosec: - Did my first pentest - $20k in bounties - Became H1 Brand Ambassador - Visited Prague with the Irish ECSC team - Accepted to H1 Clear - Developed my automation to be cloud-based It's been a wild year
Ciarán Cotter
@monkehack
Jun 14, 2024
I found a fun bug involving sandboxed Javascript documents during a collab with @DoomerOutrun. This is my first technical blog in a while. More on the way 🫡 monke.ie/p/exfiltrating… #bugbountytips #bugbounty
Exfiltrating Data from Sandboxed Documents
From monke.ie
9.4K
Ciarán Cotter
@monkehack
Jul 7, 2022
New writeup! And some notes on productivity. 🐵 monke.ie/case-study-par…
Ciarán Cotter
@monkehack
Mar 7, 2022
Today was my first day at work as a security researcher! 😁
Ciarán Cotter
@monkehack
Apr 11, 2024
Can we talk about @bebiksior ‘s work for a sec? He’s single-handedly built a decent plugin system for Caido, adding a theming system and built-in SSRF pingback support among more features, AND built cvssadvisor.com and its SSRF tool? Where can we buy you a coffee?
11K