06it0 @06it0
#infosec, #paragliding, #anime, #rum /*not an anonymous account, DMs are open, my words are my responsibility*/ Joined March 2017-
Tweets55
-
Followers24
-
Following176
-
Likes201
#cryptojacking #coinimp #fashionrevolution fashionrevolution.org is silently mining coins in-browser.
this year, I settled on level 11th of #flareon5. life is so demanding. :(
Please be kind and patient with open source project maintainers. People contribute their time and talent to open source projects because it is enjoyable and fun to create. When you argue with them and make demands it abuses these good people and sucks all the joy out of it.
Quick yara rule for #HANCITOR DOC file. rule Hancitor_Doc {strings: $magic={D0CF11} $sig ={49454E44AE426082????????????0800??(6?|7?|8?)2C} condition: $magic at 0 and $sig}
#KRACK is going to be a long term dent on inter-networking, I wonder how non-nerds are going to update firmwares.
At last end of those sleepless nights, completed #flareon4 . Special thanks to @alex_k_polyakov for his encouragement.
Aasiyah Arkins @AasiyahArk3273
50 Followers 5K FollowingVerla Nordlinger @v_nordling
65 Followers 5K FollowingSenaida Leva @senai_le
53 Followers 5K FollowingTabitha Watts @TabithaWat7960
109 Followers 3K FollowingLisa Coleman @LisaColema72360
125 Followers 3K FollowingArcade DB @arcade_db
295 Followers 1K Following New Gen Multi-Model natively supporting Graphs, Documents, Time-Series, KV, SQL, Cypher, Gremlin, MongoDB queries. Apache 2 Open Source License.Vallabh Chole @CholeVallabh
342 Followers 869 Following Trying to Learn Malware and exploit analysis 😵 Tweets are personal.. https://t.co/9fN0Wsry6Bnguyen @nguyenl95
48 Followers 1K FollowingDaniele D'Innocenzio .. @ddinno
1K Followers 5K Following ...dall'età di 5 anni vive la sua vita fra realtà e computer (amo C=64) e adotterebbe volentieri una mucca...cicigogogo @cicigogogo1
22 Followers 1K FollowingMidBrain @MissMidBrain
222 Followers 1K Following #mentalhealthadvocate. trying to find balance though I am chaos. if I'm wrong, educate me. writing is my passion. will argue but willing to be humbled.BlackBerry Cybersecur.. @BlackBerrySpark
23K Followers 7K Following AI-Driven Cybersecurity that Works Smarter, Not Harderipfyx @manwefm
91 Followers 403 Following Cybersecurity engineer @CEA_Officiel & IT Security enthusiast. @HackademINT #InfoSecSean Lawson 🇺🇸�.. @seanlawson
3K Followers 3K Following Science, technology, security. Social Engineering book: https://t.co/VLRaRkhECQVector 35 @vector35
8K Followers 2K Following Makers of the Binary Ninja - Reverse Engineering Platform. https://t.co/opkys50srq Also posting at https://t.co/2HEfgOtSSRxingxing @x1ng_x1ng
0 Followers 12 FollowingMèo Ma @MeoMa2593
32 Followers 151 FollowingPooja @L0STV0YAG3R
2 Followers 27 FollowingZscaler ThreatLabz @Threatlabz
5K Followers 33 Following Threat intelligence and security research from @zscalerAndy Nguyen @theflow0
56K Followers 434 Following The opinions stated here are my own, not those of my company.Benoît @benoitsevens
745 Followers 134 FollowingChromium Disclosed Se.. @BugsChromium
8K Followers 0 Following Tweets publicly disclosed bugs in Chromium. Not an official Google product. Run by @SecurityMB. Mastodon: @[email protected]Alexa Souza @w4fz5uck5
557 Followers 144 Following Co-Founder & CTO at ViperX | Speaker at H2HC & BHACK | OSCP¹⁸ʸ | OSCE¹⁹ʸ | OSWE²¹ʸ | 🏳️⚧️Shodan @shodanhq
101K Followers 2 Following Monitor your external network, search the Internet of Things and perform empirical market research. You can also find us on https://t.co/nPLFbFy8R5Black Hat @BlackHatEvents
403K Followers 2K Following The World's Premier Technical Cybersecurity Conference SeriesDark Reading @DarkReading
326K Followers 47 Following One of the most widely read and trusted cybersecurity news sites, providing IT security professionals informed insights into the latest news and trends.Alex Plaskett @alexjplaskett
9K Followers 591 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Tweets about 0day, OS, mobile and embedded security.RET2 Systems @ret2systems
10K Followers 1 Following We strive to reimagine vulnerability research, program analysis, and security education as it exists today. An @RPISEC corporation.SwiftOnSecurity @SwiftOnSecurity
403K Followers 9K Following computer security person. former helpdesk.Kinnaird McQuade 💻.. @kmcquade3
5K Followers 2K Following Founder/CTO @NightVision_inc. Security Researcher, OSS author. Posts on cybersecurity and cloud. Alum @Square, @Salesforce, @Synopsys |🇵🇭🇺🇸OpenSecurityTraining2 @OpenSecTraining
8K Followers 15 Following 501(c)3 Nonprofit providing Open Source and Open Access computer security training material. #OST2 re-launched July 2021! [email protected]Chetan Nayak (Brute R.. @NinjaParanoid
27K Followers 0 Following DarkVortex Founder | https://t.co/x8K5gzt2RG | Former RedTeam @CrowdStrike/@Mandiant/@niiconsultingHossein Lotfi @hosselot
6K Followers 56 Following Vulnerability researcher at Zero Day Initiative... check #hosselot_tips for vulnerability research tips. 'A machine never faults. It reflects human's faults.'offensivecon @offensive_con
21K Followers 1 Following OffensiveCon is a highly technical international security conference focused on offensive security only. Organized by @bluefrostsec @offensivecon.bsky.socialGengming Liu @dmxcsnsbh
4K Followers 159 Following Security Researcher at @SingularSecLab. Winner of DEFCON 28 CTF, Pwn2Own, Pwnium.Jeremy Fetiveau @__x86
4K Followers 2K Following Hacking chrome. Building new teams with @TrenchantARC. Occasional contributor to @doar_e.Andrew Case @attrc
28K Followers 4K Following @Volatility Core developer, Dir. of Research @Volexity, @lsucyber, The Art Of Memory Forensics Co-AuthorMark Russinovich @markrussinovich
156K Followers 402 Following CTO of Microsoft Azure, author of novels Rogue Code, Zero Day and Trojan Horse, Windows Internals, Sysinternals tools. Opinions are my own.Yarden Shafir @yarden_shafir
19K Followers 273 Following A circus artist with a visual studio licenseBen Eater @ben_eater
22K Followers 78 Following Scaling education somehow. Formerly @khanacademy. Now making things at https://t.co/O7StbNzWXo, https://t.co/wxK2GObTmU, and sometimes https://t.co/hZEJcP4Lr9David Weston (DWIZZZL.. @dwizzzleMSFT
25K Followers 1K Following Vice President, OS Security and Enterprise @Microsoft || @CISAgov Technical Advisory CommitteeAlex Matrosov @matrosov
18K Followers 2K Following 🔬Founder & CEO @Binarly_io, #codeXplorer, #efiXplorer, @REhints and "Rootkits and Bootkits" book. Previously worked at Nvidia, Cylance, Intel, ESET, Yandex.Neo4j @neo4j
45K Followers 4K Following Leader in Graph Database & Analytics. Developers: https://t.co/XrnpLCVglr. Our community: https://t.co/mWzXAcVzve Same handle on all other platforms.Rohit Srivastwa 🇮�.. @rohit11
3K Followers 246 Following Enterprise Information Security Coach, Author, 4x Founder. Charter Member @TiE, Mentor, Investing time & money in startups. Currently also building BharatVerseSamuel Groß @5aelo
24K Followers 499 Following V8 Security technical lead. Previously Project Zero. Personal account. Also @[email protected] and https://t.co/aVitnPjBieDana Baril @dana_baril
2K Followers 1K Following Security Leader | BlackHat USA Speaker | Forbes 30 Under 30 | Runner 🇺🇸🇮🇱António Guterres @antonioguterres
2.4M Followers 219 Following Secretary-General of the @UN. We will never, ever give up making this world better for everyone, everywhere.United Nations @UN
16.5M Followers 1K Following Official account of the United Nations. For peace, dignity & equality on a healthy planet.Marc-André Moreau @awakecoding
4K Followers 2K Following Remote desktop protocol expert, OSS contributor and entrepreneur. I love designing products with Rust, C# and PowerShell. Proud to be CTO at DevolutionsPeleg Hadar @peleghd
2K Followers 1K Following Forbes 30 Under 30. Head of Research. Opinions are my own.Walied Assar @waleedassar
5K Followers 559 Following Reverse Engineer / Malware & Vulnerability Researcher / SOC Analyst / Pharmacist / FishermanShadow Chaser Group @ShadowChasing1
10K Followers 517 Following Shadow Chaser Group is a sub-group of the GcowSec team which consists of college students who love it.Shadow Chaser Group focused on APT hunt and analysisWilliam Lamiasi @WLamiasi
61 Followers 13 Following Freelance security researcher (previously held the title of Senior Threat Analyst) with a focus on Cyber-Espionage. What amazes me? The Indo-Pak cyber warfare.Night Sky @NightSky
16K Followers 40 Following The magical stargazing app from @iCandiApps for visionOS, iOS, iPadOS, tvOS, watchOS and macOS 🌌📲⌚️💻🥽Joern - the tool @joernio
731 Followers 51 Following Official account for joern. We moved away from gitter to discord: https://t.co/3mbYQWuCePNASA's Perseverance M.. @NASAPersevere
3.1M Followers 40 Following NASA Mars rover, exploring since February 2021. Hobbies: Photography, collecting rocks, off-roading. 🚀 Team HQ @NASAJPL (Verification: https://t.co/b0WrcSJeU0)David Kaplan @depletionmode
2K Followers 311 Following Security Research Lead @Microsoft Opinions and private research are my own Lover of all things JSR $F7D7allie🖤✨ @ac1dgoddess
24K Followers 4K Following queen of the cloud @redcanary ☁️👸 infosec vampire; OG linux&cloud punk🤘🏼@hacknotcrime advocate; @notasockpuppet1 is bae 💍 views are MINE 🖤✨Steve Syfuhs @SteveSyfuhs
17K Followers 2K Following Windows and Authentication at Microsoft. Developer. Mostly dog pictures. Might actually be two dogs in a trench coat. 🇺🇸 / 🇨🇦 @syfuhs.net on blue skySignal @signalapp
590K Followers 24 Following Signal is an end-to-end encrypted messaging app. Privacy isn’t an optional mode, it’s just the way that Signal works. Every message, every call, every time.Just saw that this vulnerability I reported to Microsoft was found to be exploited in the wild. Guess we are looking in the right places. Blog and exploit code to be released soon. msrc.microsoft.com/update-guide/e…
I wrote a blog post regarding the technical details of CVE-2022-31700. It's an interesting case study of attacking custom Java Bean Validators (JSR 380) for RCE: trenchant.io/vmware-workspa… The original advisory can be found here: srcincite.io/advisories/src…
Cool series about fuzzing and LibAFL (credits @epi052) 1: epi052.gitlab.io/notes-to-self/… 1.5: epi052.gitlab.io/notes-to-self/… 2: epi052.gitlab.io/notes-to-self/… 3: epi052.gitlab.io/notes-to-self/… 4: epi052.gitlab.io/notes-to-self/… 5: epi052.gitlab.io/notes-to-self/… #fuzzing #libafl #infosec #learning
WTF who codes 600k lines and releases its After 5 years and over 600,000 lines of code, I’m finally releasing Malachite, a high-performance arbitrary-precison arithmetic library for Rust. malachite.rs
So excited to finally release my blog post- Kernel Pwning with eBPF: a Love Story. I cover eBPF, the verifier, debugging, exploitation, mitigations and other cool findings! I do root cause analysis and exploit CVE-2021-3490 for LPE with PoC included. graplsecurity.com/post/kernel-pw…
Today we're publishing a follow-up post looking at the sandbox escape used by FORCEDENTRY: googleprojectzero.blogspot.com/2022/03/forced…
Awesome to see the (upcoming) V8 Sandbox already showing up in CTFs! Really enjoying those writeups by @r3tr0sp3ct2019 (x.com/r3tr0sp3ct2019…) and @ky1ebot (x.com/ky1ebot/status…)
I played DiceCTF this weekend and solved a V8 challenge. I bypassed the latest "Virtual Memory Cage" protection in V8 and here is how I achieved it XD blog.kylebot.net/2022/02/06/Dic…
In Part 2 of 3, ZDI Vuln Researcher @hosselot details the root cause of CVE-2021-21220. This was used during #Pwn2Own to exploit both #Chrome and #Edge. Today’s blog starts with how to trigger the vuln and goes on to describe why the bug occurs. zerodayinitiative.com/blog/2021/12/8…
Slides: “Advanced Exploitation of Simple Bugs: a Parallels Desktop Case Study” zerodayengineering.com/projects/slide… Technical details of the 0day bug & exploit that I developed, as demonstrated at Pwn2Own 2021 competitions
AMSI & ETW Bypasses are now baked into Cobalt Strike Reflective Loader! Credit to @mariuszbit for the awesome idea! Credit to @XPN + @offsectraining + @ajpc500 for their research, code, and sharing their awesome work! github.com/boku7/CobaltSt…
Nauz File Detector : Linker/Compiler/Tool detector for Windows, Linux and MacOS : github.com/horsicq/Nauz-F… credits @horsicq
A New Attack Surface on MS Exchange : Part 3 - ProxyShell! : blog.orange.tw/2021/08/proxys… Part 2 - ProxyOracle! : blog.orange.tw/2021/08/proxyo… Part 1 - ProxyLogon! : blog.orange.tw/2021/08/proxyl… More : zerodayinitiative.com/blog/2021/8/17… credits @orange_8361
Designing a sandbox for V8: docs.google.com/document/d/1FM…
Bypassing OS protections: kASLR + SMEP bypass fluidattacks.com/blog/hevd-smep… On HEVD (HackSys Extremely Vulnerable Driver github.com/hacksysteam/Ha…)
Wrote a scanner for PrintNightmare (CVE-2021-34527). Allows you to scan entire subnets and gives you a CSV report. Supports both MS-RPRN and MS-PAR checks. Haven't tested in a prod environment yet (just my lab). Feel free to send a PR if you see FPs. github.com/byt3bl33d3r/It…
Blogpost about ‘Sloth’ 🦥 , my binary, coverage-guided fuzzer for Android native libraries that uses libFuzzer and QEMU user-mode emulation: fuzzing.science/page/fuzzing-a…. I ported the main Skia Image harness of SKCodecFuzzer by @j00ru to ‘Sloth’. DM me for any questions or feedback:)
How I Found A Vulnerability To Hack iCloud Accounts and How Apple Reacted To It : thezerohack.com/apple-vulnerab… credits @LaxmanMuthiyah
I’m putting a WiFi router into a wall charger (Part 0) : machinehum.medium.com/im-putting-a-w… Part 1 : machinehum.medium.com/im-putting-a-w… wifiwart : Linux SBC featuring two wifi radios, masquerading as a USB charger : github.com/Machine-Hum/wi…
Pwning Home Router - Linksys WRT54G : elongl.github.io/exploitation/2… Interactive Shell : youtu.be/P015AjNWvW8 Reverse Shell : youtu.be/wmvKFE1XFXw credits @elongli