Itamar @_r1fl
Israel Joined March 2016-
Tweets103
-
Followers131
-
Following557
-
Likes1K
I decided to analyze a VirtualBox VM Escape Vulnerability I found a few years ago - and walk through my younger self's research process! Interesting insights and a cute bug! :) j0nathanj.github.io/Dusting-off-th…
Here are the resources for my talk "Racing Against the Lock: Exploiting Spinlock UAF in the Android Kernel" at @offensive_con today. Write-up: 0xkol.github.io/assets/files/R… Slides: 0xkol.github.io/assets/files/O… PoC for CVE-2022-20421: github.com/0xkol/badspin #OffensiveCon2023
Working on a huge function and the pseudocode listing is too long? Learn how to hide away parts you've already analyzed and not spend time reading it again. hex-rays.com/blog/igors-tip… #IgorsTipOfTheWeek #IDAtips #IDAPro #HexraysDecompiler
The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I) @1ce0ear published an article describing the root cause of a race condition in the garbage collection for SCM_RIGHTS. This bug is used for Android exploitation in the wild. googleprojectzero.blogspot.com/2022/08/the-qu…
Attacking Titan M with Only One Byte Code execution and exfiltration of encryption keys from Google Pixel phone's Secure Element now being presented by @DamianoMelotti and @max_r_b at @BlackHatEvents #BHUSA Full details are now public in their blog post: blog.quarkslab.com/attacking-tita…
This Thursday @BlackHatEvents , I will be presenting our research on a kernel exploitation method named #DirtyCred. With DirtyCred, you could write an #DirtyPipe liked exploit that works on different kernels and ARCHs without code changes. Check it out tinyurl.com/DirtyCred
New Blog Post: jhftss.github.io/CVE-2022-26712… PoC in One Line: sudo /System/Library/PrivateFrameworks/PackageKit.framework/Versions/A/Resources/shove -X /tmp/crafted.db /Library/Application\ Support/com.apple.TCC/TCC.db
Since we demo'ed our attack on Tesla Model 3, we are more than eager to explain to everyone how we did it. @hexacon_fr will be the perfect setting for this! Get ready for @_p0ly_ and @vdehors presentation. hexacon.fr/conference/spe…
Since we demo'ed our attack on Tesla Model 3, we are more than eager to explain to everyone how we did it. @hexacon_fr will be the perfect setting for this! Get ready for @_p0ly_ and @vdehors presentation. hexacon.fr/conference/spe…
Log4Harmony: we've heard that vulns in Android log device drivers are cool, so here are some UAF, race condition, and KASLR leak bugs in Huawei's hwlog from @gymiru, reachable from untrusted and isolated app: labs.taszk.io/blog/post/78_h… labs.taszk.io/blog/post/77_h… labs.taszk.io/blog/post/79_h…
I've improved my blog with articles and my conference talks about OS kernel development and security: -> Vulnerability discovery, -> Exploitation techniques, -> Defensive technologies. a13xp0p0v.github.io
I've just discovered this amazing document showing super clearly the relation between the opcode and the instruction 🤯 pnx.tf/files/x86_opco…
Had a blast presenting together with @Digital_Cold at #CanSecWest. Here are our slides on FirmWire, our baseband emulation tool which allowed us to find several critical bugs: docs.google.com/presentation/d… - Lot's of practical examples on how to use parts of the framework in there!
Happy to release a neat little plugin for IDA Pro! Bitfield and bitflag accesses have been an annoyance that requires another window open and constant fiddling. You can now fix that with just a few key presses! github.com/JustasMasiulis…
not-fun fact: Iterating through the bits of a python bigint "the obvious way", via shifting, is O(n^2) - because each bigint shift is O(n). funner fact: if you convert the int to bytes first (O(n)), you can index them in O(1), making the overall iteration O(n).
RCE in MediaTek basebands: in today's blogpost, we explore more CSN1 parsing bugs, this time in MTK's basebands running on MIPS16e2, and analyze how to exploit heap overflows in this baseband OS! labs.taszk.io/articles/post/…
Our baseband analysis platform FirmWire is FINALLY open sourced! Happy bug hunting🪲github.com/FirmWire/FirmW…
Dirty Pipe is a nasty upstream Linux kernel vulnerability affecting Linux >= 5.8, found by Max Kellermann: dirtypipe.cm4all.com It allows writing to arbitrary read-only files, similar to DirtyCoW. #grsecurity backported the silent fix in all patches after February 22nd.
Okay @gamozolabs just blew my mind with this knowledge that x86 is an octal machine. How is this not more commonly understood. The opcode mods use values that are obvious enums when you see them displayed as octal. gist.github.com/seanjensengrey…
The slides for the @offensive_con talk “Bug Hunting S21's 10ADAB1E FW” of @ffmenarini and myself can be found here: dropbox.com/s/2f14ga52jguu… Enjoy! We are still around at the conference so stop by and say hi.

Ieblono @Ieblono209
9 Followers 237 Following
Yehudit @Yehudit_20
0 Followers 23 Following
Amikam @Amikam51942466
189 Followers 905 Following
EllaTracy @1p45mnQeDHqzO
37 Followers 2K Following
Boaz Touitou @BoazTouitou
36 Followers 195 Following
Itay Vishnevetsky @ItayV2896
2 Followers 88 Following
Efi Weiss @Valmarelox
19 Followers 169 Following
Miepo @Miepo72809
17 Followers 2K Following
LordRibblesdale @LordRibblesdale
52 Followers 452 Following Forex Trader | Tech Enthusiast | Quantitative Analyst |Algorithmic Trader |Specialized Developer|Web3 developer|Vuln Researcher
Swifty Fade @SwiftyFade68352
0 Followers 10 Following
Slareroosh @SlarerooshQq3c
50 Followers 4K Following
[email protected] @pengyandriver
129 Followers 2K Following
AI @arbelfs3
748 Followers 533 Following Build Chrome Extensions by chatting with AI 👉 @robomonkey_io
Ditithee @Ditithee3yqria
23 Followers 2K Following
Louis-Étienne Girard @louisetiennedev
649 Followers 4K Following Co-founder (https://t.co/Eqggkf72oN) | SaaS Alara | Build in public 🚧 | Next.js developer ⏶ I tweet about my projects
Tomer Eizenberg @EizenbergT47800
5 Followers 328 Following
Orene Bahar @OreneB46646
16 Followers 63 Following
cyber_shubham @truth_speck
54 Followers 836 Following My Goal is Change My Country India is super powerful country of World HELP INDIA PUBLIC 🇮🇳JAI HIND JAI BHARAT 🇮🇳 I LOVE MY INDIA
Shift @Shiftreduce
2K Followers 1K Following
George Karchemsky @gkarchemsky
93 Followers 1K Following interested in reverse engineering, vulnerability research and exploit development
CrowdCyber 🌐 @CrowdCyber_Com
275 Followers 1K Following The idea is to create big opportunities in Cybersecurity. Meanwhile we’re Revolutionizing and Democratizing Cybersecurity information.
Eladm @Eladm7
36 Followers 2K Following
エドワード🇮�... @DTR4K
1K Followers 2K Following
Lit3r4lly @Lit3r4lly
166 Followers 246 Following
Tomer @Tomer57794547
1 Followers 74 Following
xtxtxtx @xtxtxtx2
0 Followers 494 Following
Tom Hatskevich @TomHatskevich
122 Followers 411 Following Technology & Vulnerability Research & Development & Innovation & Entrepreneurship & Cool stuff
Ido Halamit @idohalamit
67 Followers 658 Following
F4zi @0xf4zi
15 Followers 123 Following Infosec and software nerd • addicted to lifting and snowboarding.
Moshe Kol @0xkol
2K Followers 476 Following Security Researcher. Android kernel Research Team Lead at Paragon.
Itay Hury @0xitay
93 Followers 679 Following
Daniel Shapiro @wimpypolo
492 Followers 2K Following
Yair Weinberger @yairwein
6K Followers 489 Following יזם, אבא ל-3, משקיע ואוהד הפועל ירושלים (לא בהכרח בסדר הזה). טק, פוליטיקה וכדורסל, תלוי בעונה. לא עונה למי שמדבר אלי ב ״אתם״
Nir Gazit @nir_ga
2K Followers 1K Following CEO @traceloopdev (YC W23). Ex @Google, ex-chief architect @Fiverr. Tweets mostly in Hebrew
Anysphere @anysphere
8K Followers 7 Following We're building AI tools to help humans focus on bigger problems. In particular: @cursor_ai
clem 🤗 @ClementDelangue
157K Followers 5K Following Co-founder & CEO @HuggingFace 🤗, the open and collaborative platform for AI builders
gabriel @GabrielPeterss4
38K Followers 499 Following research sora at @OpenAI, previously at midjourney, swedish high school dropout
Founders Fund @foundersfund
152K Followers 172 Following technology, science, venture capital // what does the future look like?
Andrew Ng @AndrewYNg
1.3M Followers 1K Following Co-Founder of Coursera; Stanford CS adjunct faculty. Former head of Baidu AI Group/Google Brain. #ai #machinelearning, #deeplearning #MOOCs
sferrini @Simone_Ferrini
5K Followers 1K Following *OS Security Researcher & Director at @prdgmshift. Passionate about RE, fuzzing, hardware and low-level binary stuff. ʚଓ
Itay Vishnevetsky @ItayV2896
2 Followers 88 Following
fast.ai @fastdotai
128K Followers 17 Following Deep learning R&D: https://t.co/cGBcDU8wJ9; Education: https://t.co/bNXBttRAuR; Software: https://t.co/0z7Ws3SHDt; Book: https://t.co/lVEDyioBtg; @math_rachel @jeremyphoward
Answer.AI @answerdotai
6K Followers 81 Following A new kind of AI R&D lab which creates practical end-user products based on foundational research breakthroughs
Boaz Touitou @BoazTouitou
36 Followers 195 Following
Trelis Research @TrelisResearch
1K Followers 496 Following 👷Work for Trelis: https://t.co/tAts18SIfB 🎥 Watch on Youtube: https://t.co/BPo1FyRuz9 💡 Book a Consultation: https://t.co/DqFajF3fV0
Gil Kaminker @kaminker
472 Followers 840 Following VP R&D, Cellebrite Labs, father of 3 cats and a girl, NBA fan, amateur musician ** English, Hebrew and dad jokes
Linux Kernel Security @linkersec
9K Followers 0 Following Links related to Linux kernel security and exploitation. Maintained by @andreyknvl and @a13xp0p0v. Also on https://t.co/GVE11dpBb8 and https://t.co/YpxPWXnA6Z.
Vladimir Gurevich @VladimirGurevi2
141 Followers 1K Following Data Scientist, NLP/ML Engineer https://t.co/FXz4CjSvXl
Efi Weiss @Valmarelox
19 Followers 169 Following
Firecrawl @firecrawl_dev
33K Followers 22 Following Turn websites into LLM-ready data. Built by @mendableai team Open source: https://t.co/gDdKjUfoQo
Nikita Bier @nikitabier
606K Followers 2K Following head of product @x, advisor @solana, venture partner @lightspeedvp, ex-founder @gasappteam (acq by discord), ex-founder @thetbhapp (acq by facebook)
Project Sekai CTF @ProjectSEKAIctf
7K Followers 104 Following Project SEKAI, yet another CTF team. Recruiting: https://t.co/2ahLBWEYpZ Sponsorship & Partnership: [email protected]
Dinesh Shetty @Din3zh
3K Followers 2K Following Mobile/IoT/Web security; Trainer & Speaker @BlackHat/DefCon/POC/OWASP/Hackfest...; Day job as Director of Security Engineering; #OSCE #OSCP #OSWE #CCISO...
Off By One Security @offby1security
1K Followers 1 Following This is the X page for the Off By One Security YouTube channel and Discord server. Streams every Friday at 11AM PT. https://t.co/Q8qt342Nhx
Dor Attias @dorattias
10 Followers 24 Following Focusing on solving the biggest problems in cyber-security
Alon Leviev @alon_leviev
1K Followers 183 Following Vulnerability Researcher at Microsoft | Researcher, Speaker, BJJ Black Belt, Former BJJ World and Euro Champion
Yotam Salmon @yotam__s
77 Followers 246 Following CS + Neuroscience @ TAU, Tech, Entrepreneurship. Here mostly for the jibber jabber.
Pliny the Liberator �... @elder_plinius
135K Followers 989 Following ⊰•-•⦑ latent space steward ❦ prompt incanter 𓃹 hacker of matrices ⊞ breaker of markov chains ☣︎ ai danger researcher ⚔︎ bt6 ⚕︎ architect-healer ⦒•-•⊱
Amir Zak @AmirZak6
343 Followers 300 Following i build https://t.co/CBcDBM5PEe | bootstrap my way to early retirement
Jonathan Roizin @jonathanroizin
1K Followers 789 Following Co-founder & CEO at Flow Security (acq. by CrowdStrike)
Dan ⚡️ @d4m1n
28K Followers 993 Following This guy shipped 14+ startups that people actually use? I'd follow him if I were you 😃 Latest: 🤖 https://t.co/WmDPZwSGqT 👇 +13 others
דג הכסף @NBhgdrh
24K Followers 181 Following כלכלה, פיננסים, היסטוריה, תמונות, קריקטורות ומוזיקה; דעות אישיות ומחשבות, אין המלצות
Navot Volk @NavotV
15K Followers 542 Following Venture Partner at @GroundUpVC Tech, startups, and Biggie Smalls.
Yam Peleg @Yampeleg
38K Followers 2K Following The only AI researcher they sent a missile for 🇮🇱 | Co-host @thursdai_pod • AI news every Thursday
idan levin @0xidanlevin
5K Followers 1K Following co-founder & product @nekuda_ai 🔨 techno-optimist 👨🚀 standing on the shoulders of giants 🌌
alex saint @alexsssaint
4K Followers 394 Following building apps with ai just dropped https://t.co/4rIdYgwDkL to connect devs and beta testers founder of fail in public hosting spaces, shipping weird stuff say hey
Nirel Nemirovsky @Nirel_Nemirov
48 Followers 452 Following fixing AI during runtime @ https://t.co/eLJJSTDH3r
Alex Plaskett @alexjplaskett
12K Followers 572 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.