McCaulay @_mccaulay
Senior Security Researcher | OSCP | CRT | Pwn2Own mccaulay.co.uk Joined June 2020-
Tweets357
-
Followers4K
-
Following216
-
Likes491
only 3 seats left for the "Advanced .NET Exploitation" September edition at RomHack (@cybersaiyanIT), come on lads, make it happen, wanna go brag about selling out 😅 grab your seat 🪑 🪑 🪑 summoning.team
Bypassing TLS Verification on Nintendo Switch by Yannik Marchand reversing.live/sslbypass.html
Come join @rapid7! I’m hiring for a Senior Security Researcher to join our team. You'll get to work on n-day analysis, zero-day research, exploit development, and more - focusing on enterprise software and appliances. Fully remote in the UK, details here: careers.rapid7.com/jobs/senior-se…
enojoy the writeup folks ^-^, this was some fun reversing, as always, another falls!
enojoy the writeup folks ^-^, this was some fun reversing, as always, another falls! https://t.co/xofkDKqWcF
NICE!!! Laps3c0re (Lapse + Mast1c0re) is now released! It's beginning to look a lot like Christmas... github.com/iMrDJAi/laps3c…
No Tokens Required: A Movie Power Virtual Reality Breakout Exploit - mccaulay.co.uk/no-tokens-requ…
For those who were interested I've published the first part of my write up on the PS4 debugger. I'll continue to work on the next parts as I get some free time. 😀 hackingadventures.ca/blog/ps4-retai…
Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot by Aim Labs - aim.security/lp/aim-labs-ec…
What does it take to hack a @Sonos Era 300 for Pwn2Own? Take a look at our process of adapting existing research, establishing a foothold, and exploiting media parsers for unauthenticated RCE over the network🔥👇 blog.ret2.io/2025/06/11/pwn…
Oh you thought surprises were over for @BSidesTirana 2025 ? This year, we’re bringing Sina Kheirkhah - Pwn2Own "Master of Pwn" (@SinSinology) to run a full-day workshop on Advanced .NET Exploitation based on his course that normally goes for €4,000. He’s been kind enough to…
Launching a student-only free workshop: ".NET Exploitation Basics" 🪲 If you're a student (or know one), let's write some deserialization exploits, Manchester, July 12. 10 seats. summoning.team/free-training-…
"Advanced .NET Exploitation" June edition at @reconmtl is confirmed! We've hit 10 registered students, so the class is happening for sure. If you’ve been thinking about joining, there’s 5 more space to learn some deserialization Magic! summoning.team
In Berlin for @offensive_con with @alexjplaskett 🇩🇪
Going to be at @offensive_con this year, see you there if you are going
Going to be at @offensive_con this year, see you there if you are going
NCC Group EDG @alexjplaskett and @_mccaulay will present Pioneering Zero Days at Pwn2Own Automotive 2024 where they will describe their Pioneer Pwn2Own chain and demonstrate a proof-of-concept vehicle spyware implant
Looks like we have a confirmation that Cellebrite uses memory corruptions in Linux kernel USB drivers to unlock Android phones. First 2 bugs seem easily discoverable by syzkaller/syzbot with a bit of extra descriptions. 3rd one is likely as well ⤵️
Looks like we have a confirmation that Cellebrite uses memory corruptions in Linux kernel USB drivers to unlock Android phones. First 2 bugs seem easily discoverable by syzkaller/syzbot with a bit of extra descriptions. 3rd one is likely as well ⤵️
✨Ready for Insomni’hack 2025? Don’t miss Alex Plaskett & McCaulay Hudson’s insightful session, "Pioneering zero days at Pwn2Own Automotive 2024". 👩💻 Details & registration: insomnihack.ch/talks/pioneeri… #INSO25 #Cybersecurity #EthicalHacking #Switzerland
🔥💀My Advanced .NET Exploitation training is now open for register! bit.ly/4hwNFyM 32-hours of intense .NET exploitation (PoC||GTFO) We'll be exploiting 15+ remote code execution chains (25 bugs in total) 🪲 I’d truly appreciate your support, your RT would mean a lot!🙏
Marvel Rivals Remote Code Execution on PC and PlayStation 5 shalzuth.com/Blog/IFoundAGa…

chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
SinSinology @SinSinology
13K Followers 674 Following Pwn2Own 20{22,23,24,24.5,25,25.5}, i look for 0-Days but i find N-Days & i chase oranges 🍊
Alex Plaskett @alexjplaskett
12K Followers 571 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.
NCC Group Research & ... @NCCGroupInfosec
20K Followers 2K Following Technical account for global cyber security & resilience provider, NCC Group. This account is run alongside the @NCCGroupplc corporate account.
Rado RC1 @RabbitPro
5K Followers 658 Following Exploitation, hardware, embedded, reverse engineering, automotive security. Pwn2Own Master of Pwn Flashback team (@FlashbackPwn).
b33f | 🇺🇦✊ @FuzzySec
33K Followers 1K Following 意志 / Antiquarian @ IBM X-Force / t501 / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
Cedric Halbronn @saidelike
4K Followers 662 Following Security researcher, Pwn2Own {2021, 2022}, #VR #RE #ED (Mastodon: @[email protected])
Piotr Bazydło @chudyPB
4K Followers 307 Following Principal Vulnerability Researcher at watchTowr | Previously: Zero Day Initiative | @[email protected]
Pedro Ribeiro @pedrib1337
9K Followers 342 Following Reverse Engineer | Director @ https://t.co/KuU3tiG1Om | Exploit Chef @FlashbackPwn
kmkz @kmkz_security
19K Followers 2K Following Offensive Security, pom-pom girl... Who cares ?? Bourbon Offensive Security Services | BOSS
Mobile Security @mobilesecurity_
32K Followers 1K Following Mobile Security ✌🏻 #MobileSecurity #AndroidSecurity #iOSsecurity
Rick de Jager @rdjgr
1K Followers 606 Following CyberSecurity student at @TUeindhoven - CTF with Superflat / @0rganizers / ICC team Europe 22/23/24/25
RET2 WarGames @ret2wargames
2K Followers 2K Following Our industry-leading platform is the most effective solution for learning modern binary exploitation through a world-class curriculum developed by @RET2Systems
MHK MAGWANG @Magwizi254
55 Followers 121 Following
Federico @fcucino_
4 Followers 160 Following
marouan_ @z_marouan
13 Followers 576 Following
ergoproxy @_erg0sum
2K Followers 2K Following 16 year old whimsical wizard and part time fintech phantom. Red Team & Bug Bounty. CPTS,CRTP | Views are my own. Not affiliated with my employer.
alivic carlito @AlivicCarl53629
3 Followers 118 Following
Drongo @Drongo85901248
7 Followers 378 Following
De Paula Contreras @Groungsite
100 Followers 230 Following
satoken@飲フラSRE @ken5owata
2K Followers 6K Following 脱原発より脱童貞のアニオタ&声オタインフラエンジニア。Yes!!るるきゃん!!クラフトビールと電子工作が好き
Abir-عبير @AbirForstudy
36 Followers 725 Following they plan, and Allah plans. And Allah is the best of planners - Surah Al-Anfal | Ayah 30
Oheneba Ventures @Nana1_Taifa
1 Followers 8 Following
M M @MM80450097
6 Followers 194 Following
NN @notmenothem
9 Followers 518 Following
John @John0545351083
3 Followers 445 Following
ЕЯЯОЯ @deNable_D
90 Followers 1K Following waanabe haxor || explo!t dev❤ || aim for impossible || web/mobile security
modrobert @modrobert
414 Followers 1K Following -"When the going gets weird, the weird turn pro." PGP: 0x09208346d9245e65 Bitcoin: bc1qtxmtnc225p767x78k0xwcnhr0u64r655kqvc69
choeytheeaaa @choeytheea92586
7 Followers 252 Following
tomato @tomato1931030
20 Followers 561 Following
Guhan Raja @havocgwen
1K Followers 580 Following Google VRP Top Researcher | Penetration Tester | OSCP | Bug Bounty Hunter
DBS @kwt911
9 Followers 1K Following Love to faults is always blind, always is to joy inclined. Lawless, winged, and unconfined, and breaks all chains from every mind.
Imagineer de andar po... @k4rliky
702 Followers 847 Following Look for the helpers. Heal the world. @ladyCircus and me
GilgaTheConqueror @nemesis7789
50 Followers 584 Following
Bheema @Bheema_0x01
20 Followers 734 Following
Sourav Kalal @Ano_F_
211 Followers 322 Following Building @interceptsuite | https://t.co/KNimY7W1mw | Security Engineer | Opensource |
gitdown @gitdown489064
4 Followers 544 Following
hxdef hxdef @HHxdef
117 Followers 2K Following
moshegreen @delightfum
6 Followers 202 Following
Mike Freeman @comicfans44
59 Followers 1K Following
NIMA NIKJOO @N_Nikjoo
956 Followers 1K Following Security consultant, Threat intelligence, Malware analyst. Exploit Developer. Ex-Political-Security (IRGC & MOIS) prisoner in the Islamic Republic Regime.
Senhor Linguica @SenhorLinguica
27K Followers 953 Following Games, tecnologia e PROMOÇÕES! Siga @linguicapromo Contato: [email protected] Minhas redes e grupos: https://t.co/heNdyhtog1
threathunterxx @threathuntxx
45 Followers 1K Following This account is for threat research purposes 😬 (not affiliated with any account) | For personal use
jaix @jaiixx___
6 Followers 409 Following
The_Maxu @The_Maxu
79 Followers 62 Following
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
0xor0ne @0xor0ne
81K Followers 514 Following | CyberSecurity | Reverse Engineering | C and Rust | Exploit | Linux kernel | PhD | My Tweets, My Opinions :) |
Trend Zero Day Initia... @thezdi
83K Followers 16 Following Trend Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
SinSinology @SinSinology
13K Followers 674 Following Pwn2Own 20{22,23,24,24.5,25,25.5}, i look for 0-Days but i find N-Days & i chase oranges 🍊
Alex Plaskett @alexjplaskett
12K Followers 571 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.
NCC Group Research & ... @NCCGroupInfosec
20K Followers 2K Following Technical account for global cyber security & resilience provider, NCC Group. This account is run alongside the @NCCGroupplc corporate account.
LiveOverflow 🔴 @LiveOverflow
155K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio
Rado RC1 @RabbitPro
5K Followers 658 Following Exploitation, hardware, embedded, reverse engineering, automotive security. Pwn2Own Master of Pwn Flashback team (@FlashbackPwn).
Synacktiv @Synacktiv
20K Followers 271 Following Offensive security company. Dojo of many ninjas. Red teaming, reverse engineering, vuln research, dev of security tools and incident response.
b33f | 🇺🇦✊ @FuzzySec
33K Followers 1K Following 意志 / Antiquarian @ IBM X-Force / t501 / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
Filip Dragovic @filip_dragovic
7K Followers 1K Following My research unless stated otherwise. My opinions are my own and do not represent the views of my employer.
ippsec @ippsec
119K Followers 353 Following
Cedric Halbronn @saidelike
4K Followers 662 Following Security researcher, Pwn2Own {2021, 2022}, #VR #RE #ED (Mastodon: @[email protected])
offensivecon @offensive_con
26K Followers 2 Following OffensiveCon Berlin is a technical international security conference focused on offensive security only. Organised by @Binary_Gecko. Stay tuned #OffensiveCon26.
Axel Souchet @0vercl0k
13K Followers 544 Following ¯\_(ツ)_/¯, blogging on https://t.co/36oOc8Mgha and posting codes on https://t.co/P83Oen94Rc.
kylebot @ky1ebot
6K Followers 319 Following CTF player @Shellphish | PhD Student @ASU | @angrdothorse dev | Author of how2heap | Vulnerability Research Hobbyist | @[email protected]
Stephen Fewer @stephenfewer
9K Followers 245 Following Senior Principal Security Researcher @rapid7. Decompiler @relyze. Core @metasploit dev 2009 - 2013. MSRC Top 100 2015. Pwn2Own 2011, 2021, 2024.
hypr @hyprdude
2K Followers 772 Following vuln researcher+exploit dev | pwn2own '24 winner | 0x4141414141 enthusiast | bordeaux enjoyer | friend of all cats | him/he
Ryan Dewhurst @ethicalhack3r
21K Followers 747 Following Head of Threat Intelligence at watchTowr | Founder of @_WPScan_ (acquired by Automattic) | Founder of DVWA | Ethical Hacking Graduate
Mehdi @MehdiHacks
16K Followers 327 Following Engineering manager by day, hacker by night. Sharing my ideas and learnings about RF, SDR, Hardware Security, Radar, Electronic Warfare, and books. DF2HF
watchTowr @watchtowrcyber
9K Followers 13 Following watchTowr enables organizations to get ahead of in-the-wild exploitation with Preemptive Exposure Management technology.
BruCON @brucon
9K Followers 2K Following Belgian Information Security Conference | #BruCON0x11 (17th edition) Spring Training 23-25 April 2025 | Training 22-24 Sept - Conference 25-26 Sept 2025
BSides MCR @BSidesMCR
4K Followers 262 Following The BSides Manchester (MCR) Official Twitter Feed - See https://t.co/uJA92Ssq7k for the gory details and follow for the latest news!
GrapheneOS @GrapheneOS
80K Followers 0 Following Open source privacy and security focused mobile OS with Android app compatibility. Forum, Discord, Telegram, Matrix: https://t.co/C0RaJbZosj
Perri Adams @perribus
7K Followers 993 Following @Dartmouth ISTS Fellow & @SAISHopkins Adjunct Prof., inter alia. Former @DARPA, @DEFCON CTF, etc. @DistrictCon, @hexacon_fr, @LABScon_io is CFP Review Boards
Brian Gorenc @MaliciousInput
3K Followers 495 Following Leader of the Zero Day Initiative. Pwn2Own organizer and adjudicator. Trafficker of export-controlled intrusion software. Bug Hunter.
Yarden Shafir @yarden_shafir
24K Followers 309 Following A circus artist with a visual studio license
Kylie McDevitt @kylieengineer
5K Followers 937 Following Founder & organiser of Au hackercon @BSidesCbr | Tech startup founder @infosectcbr | Network Engineering & Infosec Researcher
Sam Thomas @_s_n_t
2K Followers 86 Following Security researcher at Oracle. Speaker at Blackhat USA 2018, Successful entries at pwn2own IOT/Mobile 2021,2022,2023,2024, ICS 2022. Opinions are my own etc..
exploits.club @exploitsclub
2K Followers 110 Following A VR, RE, and Exploit Dev weekly newsletter | Join the club Contact: [email protected]
Bruno @BrunoPujos
651 Followers 357 Following CEO & Founder @Reverse_Tactics | Tweets are from my employer.
REverse_Tactics @Reverse_Tactics
795 Followers 2 Following Software reverse engineering & vulnerability discovery company.
joernchen @joernchen
8K Followers 524 Following Your mom's favorite hacker. Also at @[email protected]
Matteo Rizzo @_MatteoRizzo
3K Followers 589 Following Security engineer, CTF player for @0rganizers. Mastodon: @[email protected]
Dillon Franke @dillon_franke
1K Followers 398 Following Fuzzing, MacOS, vuln research @Google. Jesus Follower
Silvio Cesare @silviocesare
11K Followers 1K Following CTO of @infosectcbr. Co-founder of @bsidescbr. Still hacking.
POC_Crew 👨👩�... @POC_Crew
7K Followers 677 Following Organizer of Zer0Con, MOSEC and #POC2025 (https://t.co/LP1W4KC4vY)
Yves Bieri @yves_bieri
357 Followers 330 Following Security enthusiast and pentester 👨💻 Pwn2Own 2023/24/25 👾 CTF with PPP 🖥
Christian Lindenmeier @_chli_
32 Followers 75 Following
Marcel @0ddc0de
226 Followers 295 Following PostDoc @HexhiveEPFL working on mobile security. CTF-Enthusiast @polygl0ts/@0rganizers. Former @shellphish and @fausecteam. Co-founder of @faustctf.
Benjamin Harris @benwatchtowr
416 Followers 13 Following Everything is compromised until proven otherwise. Founder & CEO @watchTowrcyber.
Josh @boredpentester
779 Followers 738 Following Embedded device security researcher / VR / Pwn2Own / RE
SummoningTeam @SummoningTeam
679 Followers 2 Following Independent Security Research Team managed by @SinSinology
Marcus Maciel @underlinux
6K Followers 168 Following Head of Cybersecurity @Ubiquiti . My tweets are my own. (auto delete after 30 days)
nSinus-R (@nsr@infose... @nSinusR
2K Followers 446 Following Captures flags with @TeamTasteless. Assistant Professor at @unibirmingham and maintainer of FirmWire & avatar2.
hextree.io @hextreeio
8K Followers 2 Following 🌱 Grow your cybersecurity skills with concise and well-edited video courses - in early-access, sign-up now! Created by @LiveOverflow and @ghidraninja.
Tim Willis @itswillis
4K Followers 199 Following Long time listener, infrequent tweeter. Head of Project Zero @Google. Views are my own. Still reading: "Brown Bear, Brown Bear, What Do You See?"
Fox-IT @foxit
14K Followers 301 Following IT-Security company creating special security, intelligence and forensics solutions. Fox-IT is part of NCC Group.
National Coal Mining ... @NCMME
6K Followers 1K Following Open Wednesday - Sunday. Visit for a unique all-weather adventure! Meet a miner on an Underground Tour, explore exhibitions and enjoy the great outdoors.
Insomni'hack @1ns0mn1h4ck
9K Followers 37 Following Security conference and hacking contest founded and organized by @orangecyberch since 2008 in Lausanne, Switzerland.
Byte Insight @ByteInsight
198 Followers 246 Following Embedded Security Researcher, pwn2own contestant 2022/2023/2024, Senior Vulnerability Researcher at Trend Micro 2024
GreHack @GrehackConf
5K Followers 1K Following GreHack is a hacking & scientific infosec conference in Grenoble, France. Nov. 28 & 29, 2025
The Dustin Childs @dustin_childs
2K Followers 352 Following Parked account. I usually post stuff over where the sky is blue.
D_K @D_K_Dev
221 Followers 138 Following IT-Security Student, @allesctf Member, Co-Founder and Security Researcher @neodyme
Neodyme @Neodyme
5K Followers 47 Following We secure software with deep-dive audits, cutting-edge research, and in-depth trainings. Secure your solana program with Riverguard @ https://t.co/VmxVHzx2U2 🏞️💂
Matt Brown @nmatt0
5K Followers 862 Following Founder & Principal Consultant @ Brown Fine Security | IoT Security Researcher | Soli Deo Gloria
RET2 Systems @ret2systems
12K Followers 1 Following We strive to reimagine vulnerability research, program analysis, and security education as it exists today. An @RPISEC corporation.