Itamar @_r1fl
Israel Joined March 2016-
Tweets103
-
Followers129
-
Following551
-
Likes1K
I decided to analyze a VirtualBox VM Escape Vulnerability I found a few years ago - and walk through my younger self's research process! Interesting insights and a cute bug! :) j0nathanj.github.io/Dusting-off-th…
Here are the resources for my talk "Racing Against the Lock: Exploiting Spinlock UAF in the Android Kernel" at @offensive_con today. Write-up: 0xkol.github.io/assets/files/R… Slides: 0xkol.github.io/assets/files/O… PoC for CVE-2022-20421: github.com/0xkol/badspin #OffensiveCon2023
Working on a huge function and the pseudocode listing is too long? Learn how to hide away parts you've already analyzed and not spend time reading it again. hex-rays.com/blog/igors-tip… #IgorsTipOfTheWeek #IDAtips #IDAPro #HexraysDecompiler
The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I) @1ce0ear published an article describing the root cause of a race condition in the garbage collection for SCM_RIGHTS. This bug is used for Android exploitation in the wild. googleprojectzero.blogspot.com/2022/08/the-qu…
Attacking Titan M with Only One Byte Code execution and exfiltration of encryption keys from Google Pixel phone's Secure Element now being presented by @DamianoMelotti and @max_r_b at @BlackHatEvents #BHUSA Full details are now public in their blog post: blog.quarkslab.com/attacking-tita…
This Thursday @BlackHatEvents , I will be presenting our research on a kernel exploitation method named #DirtyCred. With DirtyCred, you could write an #DirtyPipe liked exploit that works on different kernels and ARCHs without code changes. Check it out tinyurl.com/DirtyCred
New Blog Post: jhftss.github.io/CVE-2022-26712… PoC in One Line: sudo /System/Library/PrivateFrameworks/PackageKit.framework/Versions/A/Resources/shove -X /tmp/crafted.db /Library/Application\ Support/com.apple.TCC/TCC.db
Since we demo'ed our attack on Tesla Model 3, we are more than eager to explain to everyone how we did it. @hexacon_fr will be the perfect setting for this! Get ready for @_p0ly_ and @vdehors presentation. hexacon.fr/conference/spe…
Since we demo'ed our attack on Tesla Model 3, we are more than eager to explain to everyone how we did it. @hexacon_fr will be the perfect setting for this! Get ready for @_p0ly_ and @vdehors presentation. hexacon.fr/conference/spe…
Log4Harmony: we've heard that vulns in Android log device drivers are cool, so here are some UAF, race condition, and KASLR leak bugs in Huawei's hwlog from @gymiru, reachable from untrusted and isolated app: labs.taszk.io/blog/post/78_h… labs.taszk.io/blog/post/77_h… labs.taszk.io/blog/post/79_h…
I've improved my blog with articles and my conference talks about OS kernel development and security: -> Vulnerability discovery, -> Exploitation techniques, -> Defensive technologies. a13xp0p0v.github.io
I've just discovered this amazing document showing super clearly the relation between the opcode and the instruction 🤯 pnx.tf/files/x86_opco…
Had a blast presenting together with @Digital_Cold at #CanSecWest. Here are our slides on FirmWire, our baseband emulation tool which allowed us to find several critical bugs: docs.google.com/presentation/d… - Lot's of practical examples on how to use parts of the framework in there!
Happy to release a neat little plugin for IDA Pro! Bitfield and bitflag accesses have been an annoyance that requires another window open and constant fiddling. You can now fix that with just a few key presses! github.com/JustasMasiulis…
not-fun fact: Iterating through the bits of a python bigint "the obvious way", via shifting, is O(n^2) - because each bigint shift is O(n). funner fact: if you convert the int to bytes first (O(n)), you can index them in O(1), making the overall iteration O(n).
RCE in MediaTek basebands: in today's blogpost, we explore more CSN1 parsing bugs, this time in MTK's basebands running on MIPS16e2, and analyze how to exploit heap overflows in this baseband OS! labs.taszk.io/articles/post/…
Our baseband analysis platform FirmWire is FINALLY open sourced! Happy bug hunting🪲github.com/FirmWire/FirmW…
Dirty Pipe is a nasty upstream Linux kernel vulnerability affecting Linux >= 5.8, found by Max Kellermann: dirtypipe.cm4all.com It allows writing to arbitrary read-only files, similar to DirtyCoW. #grsecurity backported the silent fix in all patches after February 22nd.
Okay @gamozolabs just blew my mind with this knowledge that x86 is an octal machine. How is this not more commonly understood. The opcode mods use values that are obvious enums when you see them displayed as octal. gist.github.com/seanjensengrey…
The slides for the @offensive_con talk “Bug Hunting S21's 10ADAB1E FW” of @ffmenarini and myself can be found here: dropbox.com/s/2f14ga52jguu… Enjoy! We are still around at the conference so stop by and say hi.

EllaTracy @1p45mnQeDHqzO
24 Followers 2K Following
Boaz Touitou @BoazTouitou
25 Followers 176 Following
Itay Vishnevetsky @ItayV2896
2 Followers 81 Following
Efi Weiss @Valmarelox
19 Followers 168 Following
Miepo @Miepo72809
16 Followers 2K Following
Okoruinim @Okoruinim23491
33 Followers 1K Following
LordRibblesdale @LordRibblesdale
54 Followers 451 Following Forex Trader | Tech Enthusiast | Quantitative Analyst |Algorithmic Trader |Specialized Developer|Web3 developer|Vuln Researcher
Joobui @Joobui2523387
7 Followers 341 Following
Swifty Fade @SwiftyFade68352
0 Followers 10 Following
Slareroosh @SlarerooshQq3c
45 Followers 4K Following
[email protected] @pengyandriver
131 Followers 2K Following
AI @arbelfs3
732 Followers 577 Following Build Chrome Extensions by chatting with AI 👉 @robomonkey_io
Ditithee @Ditithee3yqria
19 Followers 2K Following
Louis-Étienne Girard @louisetiennedev
640 Followers 4K Following Co-founder (https://t.co/Eqggkf72oN) | SaaS Alara | Build in public 🚧 | Next.js developer ⏶ I tweet about my projects
Tomer Eizenberg @EizenbergT47800
6 Followers 328 Following
Orene Bahar @OreneB46646
15 Followers 59 Following
cyber_shubham @truth_speck
52 Followers 827 Following My Goal is Change My Country India is super powerful country of World HELP INDIA PUBLIC 🇮🇳JAI HIND JAI BHARAT 🇮🇳 I LOVE MY INDIA
Shift @Shiftreduce
2K Followers 1K Following
George Karchemsky @gkarchemsky
83 Followers 1K Following
CrowdCyber 🌐 @CrowdCyber_Com
275 Followers 1K Following The idea is to create big opportunities in Cybersecurity. Meanwhile we’re Revolutionizing and Democratizing Cybersecurity information.
Eladm @Eladm7
37 Followers 2K Following
エドワード🇮�... @DTR4K
1K Followers 2K Following
Lit3r4lly @Lit3r4lly
167 Followers 246 Following
Tomer @Tomer57794547
1 Followers 74 Following
xtxtxtx @xtxtxtx2
0 Followers 494 Following
Tom Hatskevich @TomHatskevich
122 Followers 411 Following Technology & Vulnerability Research & Development & Innovation & Entrepreneurship & Cool stuff
Ido Halamit @idohalamit
66 Followers 658 Following
F4zi @0xf4zi
15 Followers 123 Following Infosec and software nerd • addicted to lifting and snowboarding.
Moshe Kol @0xkol
2K Followers 472 Following Security Researcher. Android kernel Research Team Lead at Paragon.
Itay Hury @0xitay
93 Followers 679 Following
Daniel Shapiro @wimpypolo
492 Followers 2K Following
kfirgolan @kfirgolan1
25 Followers 122 Following אני משורר וקומיקאי. כותב את חיי עם הומור וכאב. מנהל עמוד הפייסבוק "משורר מדורות".
Founders Fund @foundersfund
149K Followers 170 Following technology, science, venture capital // what does the future look like?
Andrew Ng @AndrewYNg
1.3M Followers 1K Following Co-Founder of Coursera; Stanford CS adjunct faculty. Former head of Baidu AI Group/Google Brain. #ai #machinelearning, #deeplearning #MOOCs
sferrini @Simone_Ferrini
5K Followers 1K Following *OS Security Researcher & Director at @prdgmshift. Passionate about RE, fuzzing, hardware and low-level binary stuff. ʚଓ
Itay Vishnevetsky @ItayV2896
2 Followers 81 Following
fast.ai @fastdotai
128K Followers 17 Following Deep learning R&D: https://t.co/cGBcDU8wJ9; Education: https://t.co/bNXBttRAuR; Software: https://t.co/0z7Ws3SHDt; Book: https://t.co/lVEDyioBtg; @math_rachel @jeremyphoward
Answer.AI @answerdotai
6K Followers 81 Following A new kind of AI R&D lab which creates practical end-user products based on foundational research breakthroughs
Boaz Touitou @BoazTouitou
25 Followers 176 Following
Trelis Research @TrelisResearch
1K Followers 491 Following 👷Work for Trelis: https://t.co/tAts18SIfB 🎥 Watch on Youtube: https://t.co/BPo1FyRuz9 💡 Book a Consultation: https://t.co/DqFajF3fV0
Gil Kaminker @kaminker
472 Followers 838 Following VP R&D, Cellebrite Labs, father of 3 cats and a girl, NBA fan, amateur musician ** English, Hebrew and dad jokes
Linux Kernel Security @linkersec
9K Followers 0 Following Links related to Linux kernel security and exploitation. Maintained by @andreyknvl and @a13xp0p0v. Also on https://t.co/GVE11dpBb8 and https://t.co/YpxPWXnA6Z.
Vladimir Gurevich @VladimirGurevi2
137 Followers 1K Following Data Scientist, NLP/ML Engineer https://t.co/FXz4CjSvXl
Efi Weiss @Valmarelox
19 Followers 168 Following
Firecrawl @firecrawl_dev
30K Followers 22 Following Turn websites into LLM-ready data. Built by @mendableai team Open source: https://t.co/gDdKjUfoQo
Nikita Bier @nikitabier
583K Followers 2K Following head of product @x, advisor @solana, venture partner @lightspeedvp, ex-founder @gasappteam (acq by discord), ex-founder @thetbhapp (acq by facebook)
Project Sekai CTF @ProjectSEKAIctf
7K Followers 104 Following Project SEKAI, yet another CTF team. Recruiting: https://t.co/2ahLBWEYpZ Sponsorship & Partnership: [email protected]
Dinesh Shetty @Din3zh
3K Followers 2K Following Mobile/IoT/Web security; Trainer & Speaker @BlackHat/DefCon/POC/OWASP/Hackfest...; Day job as Director of Security Engineering; #OSCE #OSCP #OSWE #CCISO...
Off By One Security @offby1security
1K Followers 1 Following This is the X page for the Off By One Security YouTube channel and Discord server. Streams every Friday at 11AM PT. https://t.co/Q8qt342Nhx
Dor Attias @dorattias
10 Followers 23 Following Cybersecurity expert focused on AI security and all kinds of vulnerability research.
Alon Leviev @alon_leviev
1K Followers 182 Following Vulnerability Researcher at Microsoft | Researcher, Speaker, BJJ Black Belt, Former BJJ World and Euro Champion
Yotam Salmon @yotam__s
69 Followers 236 Following CS + Neuroscience @ TAU, Tech, Entrepreneurship. Here mostly for the jibber jabber.
Pliny the Liberator �... @elder_plinius
131K Followers 985 Following ⊰•-•⦑ latent space steward ❦ prompt incanter 𓃹 hacker of matrices ⊞ breaker of jails ☣︎ ai danger researcher ⚔︎ red team bt6 ⚕︎ architect-healer ⦒•-•⊱
Amir Zak @AmirZak6
324 Followers 469 Following Build Chrome Extensions by chatting with AI 👉 @robomonkey_io
Jonathan Roizin @jonathanroizin
1K Followers 794 Following Co-founder & CEO at Flow Security (acq. by CrowdStrike)
Dan ⚡️ @d4m1n
28K Followers 989 Following Shipped 14+ profitable products over the past 2 years. Follow along so you can do it too. 🤖 https://t.co/WmDPZwSGqT 👇 +13 others
דג הכסף @NBhgdrh
24K Followers 186 Following כלכלה, פיננסים, היסטוריה, תמונות, קריקטורות ומוזיקה; דעות אישיות ומחשבות, אין המלצות
Navot Volk @NavotV
15K Followers 540 Following Venture Partner at @GroundUpVC Tech, startups, and Biggie Smalls.
Yam Peleg @Yampeleg
38K Followers 2K Following The only AI researcher they sent a missile for 🇮🇱 | Co-host @thursdai_pod • AI news every Thursday
idan levin @0xidanlevin
5K Followers 1K Following co-founder & product @nekuda_ai 🔨 techno-optimist 👨🚀 standing on the shoulders of giants 🌌
alex saint @alexsssaint
4K Followers 384 Following building apps with ai just dropped https://t.co/4rIdYgwDkL to connect devs and beta testers founder of fail in public hosting spaces, shipping weird stuff say hey
Alex Plaskett @alexjplaskett
12K Followers 571 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.
Haim Bender @HaimBender
61 Followers 325 Following
ScrapingBee @ScrapingBee
5K Followers 3 Following Tweeting about all things web-scraping. We're also an API that handles headless browsers and rotates proxies for you. @TinySeedFund 2020
Cyburger @Cyburgerim
4K Followers 308 Following Cyber. M&A. Investments. Trends. Product. Nonsense. English RTs @Cyburgerzz
Delve @getdelve
4K Followers 50 Following Compliance in days, security that lasts. AI-native compliance trusted by 500+ of the fastest-growing companies.
Uri Eliabayev @urieli17
18K Followers 1K Following AI Consultant and lecturer, Founder of the Machine & Deep learning Israel community (41K members)
Or Lev-Cohen | Trophy... @the_lightheart
2K Followers 401 Following Founder at Trophy: Class A Manhattan office property branding. Whether you think you can, or you think you can't -- you're right.