Maher Azzouzi @maherazz2
Vulnerability Research & Exploit Development github.com/MaherAzzouzi Joined September 2022-
Tweets147
-
Followers1K
-
Following423
-
Likes747
ZDI-CAN-27262 is a Linux kernel 0-day I reported recently that allows unprivileged users to escalate privileges to root. The vulnerability is a race condition leading to a UAF in the kmalloc-196 cache. It was introduced in v4.2-rc1 and has been present in the kernel for 10 years.
I wrote an LPE for CVE-2014-3153 AKA Towelroot, a bug in the Linux Kernel that was used to root Android devices earlier. The original exploit is closed source and protected against reverse engineering. PoC + mini write-up here: git.io/Jnazk
I wrote an LPE exploit for CVE-2017-11176 for Linux Kernel version 4.8.11, I managed to bypass SMEP and SMAP (by stack pivoting inside the kernel and ROP). The vulnerability is a UAF, and the patch is only 1 line of code. Exploit and Write-up + Refs here: git.io/J0p8v
in 2025: “How the bug was found? fuzzing, auditing or LLM?”
- Heap overflow in the latest AMDGPU drivers. CVSS score: 8.8, bounty: $5k. - 7 Android kernel vulnerabilities. It wasn’t a good idea to keep these bugs documented without reporting them for three months — one of them turned out to be a duplicate.
CVE-2024-26926 Binder n-day analysis. It is labeled EoP in Android Security Bulletin (Is it really exploitable?) github.com/MaherAzzouzi/L…
Android Binder use-after-free vulnerability reported to Google by me
Found a lot of Linux kernel vulnerabilities, too little time for developing exploits, maybe im gonna pick the most interesting one and work on it. (probably report them as they are is an option 🤔?)
NULL pointer dereference can be exploited for LPE with correct analysis
Linux kernel LPE for versions 6.6 to latest (6.9.7)
it's interesting that the very first CVE ever assigned was #CVE-1999-0001 remote DoS in BSD-derived TCP/IP implementations :)
good morning, woke up to ssh and chrome vulns this morning, i have to read some technical blogposts after breakfast
good read off by one leading to free list corruption, write-what-where. Cool stuff
good read off by one leading to free list corruption, write-what-where. Cool stuff
Wrote a PoC LPE for a tiny race condition leading to UAF. CAP_NET_ADMIN is needed for the LPE. Based on my research all major distributions using a kernel > 6.6 are vulnerable including Ubuntu 24.04. I will be reporting the bug in the upcoming days - blogpost and PoC coming later
took me 2 months to find a uaf, now it will take 2 years to write an exploit
CVE-2024-26817: Identified and reported an integer overflow causing heap overflow in AMD KFD. The issue was addressed by the Linux Kernel security team in commit 3b0daec. github.com/MaherAzzouzi/C… #Cybersecurity #infosec #linux #amd #ROCm #0day #cve
I've audited the Android kernel in late 2023, and reported 10+ kernel bugs to Google, along with 2 exploits. Today, I'm releasing the first exploit, targeting the Mali GPU on Pixel devices, accessible from an untrusted_app context. github.com/0x36/Pixel_GPU…
MoEla @ShifraTech
56 Followers 781 Following Software Engineering & Security Research (Red Teaming) 🔜🔜 Youtuber soon... building @TalibAI_inc I mostly retweet to share with my future self and others 💖
stiv @stivfi
0 Followers 107 Following
Patricia @lemm_patricia
359 Followers 3K Following
Deepak Patole @patole_dee5714
0 Followers 70 Following
Mohamed Ouhra @MohamedOuhra9
0 Followers 18 Following
Ahmad | Landing Page ... @Ahmad_ezzat248
4 Followers 24 Following Crafting high-converting landing pages for fragrance brands 🌸 Persuasive copy + design. DM to start!
Clandestine @akaclandestine
50K Followers 5K Following | Security | Osint | Threat Research | Opsec | Threat Intelligence | Infosec | Threat Hunting | Humint |
Moi Kibiwot @biwot77
2 Followers 177 Following
Sublune @Sublune0
0 Followers 27 Following
Rajvardhan Agarwal @rajxnull
7K Followers 378 Following Vulnerability Researcher @Apple | CTFer forever: @SuperGuesser | Opinions my own
Alexander Popov @a13xp0p0v
7K Followers 373 Following Linux Kernel Developer / Security Researcher / Free Software Maintainer. Admin of @linkersec. This is my personal account.
icebp @icebp2
2 Followers 129 Following
ismael quina quina al... @QuinaIsmae30582
2 Followers 16 Following
Nahar @ziry4b
309 Followers 217 Following
powpowpow @mok_oko1
0 Followers 49 Following
kuvee04 @GamingFreeFire1
21 Followers 603 Following
Delphine @Yfaumir80710
44 Followers 2K Following I’m learning to love the sound of my feet walking away from things not meant for me.
execius @execius
1 Followers 43 Following Binary exploitation/exploit development , Reverse engineering. my writeups on : https://t.co/Lamr00jKkS
Advance-sec @advance_sec0
797 Followers 707 Following Advance-sec platform: is one of the top leaders in research and acquisition of vulnerabilities and 0day exploits. Email: [email protected] Wire: @advance_sec
Grant Harris @ghrssec
13 Followers 193 Following Infosec enthusiast and penetration tester. I enjoy random musings and personal development.
A @a2068869
6 Followers 359 Following
soutag @soutagx86
68 Followers 541 Following aaaaaaaaaaaaaaaaaabbbbbbbbv mostly websec blog : https://t.co/orahW4iR1r
Bryce @bbryce995
115 Followers 959 Following VMI 2017 | Literally a Professional Googler | Retweets are not marriage proposals
𝗛𝗔𝗥⚡︎�... @harsha_gv
26 Followers 2K Following Namaste ★✨ Cybersecurity | Cloud DevSecOps Engineer✨ Passionate about programming and security✨ Design Thinker✨ @vhsindia member✨ Love All, Serve All ♡✨
Gad @catpipegrep
1 Followers 192 Following
Oscar @OscarBataille
155 Followers 614 Following
Mohammed al-Ramadany @al_ramadan343
1 Followers 278 Following
Victor Donald @donaldvictorrr
3 Followers 574 Following
Freddo Espresso 🧊 @2039User
80 Followers 332 Following A bit of CTFs, Fuzzing, Exploits, Bug Bounties, Conferences, Go, Traveling and Running. Thus, a byte.
OSAMA @iosamaa7
32 Followers 1K Following
crazyman @crazyman823886
1K Followers 1K Following CTFer / APT hunter / RedTeam / BlueTeam the member of @r3kapig the leader of @ShadowChasing1 CVE:CVE-2022-30190 pre account @CrazymanArmy
Bassam Assiri🇸🇦 @BassamAssiri
7K Followers 2K Following Non Technical Account Cyber Account:@BassamAssiriSec
Dataflow Security @dfsec_com
5K Followers 4 Following
B3NNY and the JITs @_B_3_N_N_Y_
1K Followers 1K Following Hacker, Programmer, Computer Engineer 🦀 - Sec @ MS. Collector of undefined behaviours. Will read your rants. @[email protected] + @b3nny.d0n0t.click
stacksmashing @ghidraninja
48K Followers 452 Following Security researcher with a focus on hardware & firmware. I occasionally publish stuff on YouTube. Co-founder of @hextreeio. Contact: [email protected]
dinosaurlover38 @_dinolover38
342 Followers 92 Following 0-day monkey | IBM X-Force Offensive Research (XOR)
Scott Bauer @ScottyBauer1
3K Followers 605 Following I find 0 days. Android/Linux Kernel/Crap written in C. Will trade 0 days for bottles of DRC
ele7enxxh @ele7enxxh
889 Followers 49 Following Google Bughunter 2022 #1, Qualcomm Hackerone 2022 #1, Android Chip Security Reward Hackerone 2022 #1, Android/IoT/Vehicles security researcher
A2nkF | Ilias @A2nkF_
2K Followers 1K Following Breaking Apple things. CTF with @allesctf & @Sauercl0ud | 🖤
pirate.moo @apiratemoo
7K Followers 3K Following \x6d\x6f\x6f\x62\x69\x74\x63\x68 I break things for a living. Opinions are my own.
dunadan @udunadan
875 Followers 71 Following An open-eyed man falling into the well of weird warring state machines. I talk about reverse engineering, vulnerability research and exploit development.
Seokha Lee @wh1ant
922 Followers 394 Following
Major_Tom @MajorTomSec
3K Followers 378 Following Underground control to Major_Tom. Security ninja @Synacktiv CTF Player @SentryWhale
xia0o0o0o @Nyaaaaa_ovo
3K Followers 1K Following Write some shit code. CTF with @r3kapig. Do shit security research. Currently at University of California, San Diego. DEFCON 31/32/33 finalist | LOOKING FOR JOB
Jonathan Metzman @metzmanj
2K Followers 538 Following I do fuzzing on Google's Open Source Security Team. I work on OSS-Fuzz/ClusterFuzz/FuzzBench. Speaking on behalf of myself, not my employer.
Cellebrite Labs @CellebriteLabs
813 Followers 8 Following Official updates from Cellebrite Labs' experts. We craft Cellebrite extraction capabilities and accelerate justice for law enforcement organizations.
Joseph Ravichandran @0xjprx
4K Followers 546 Following PhD Student studying Microarchitectural Security @MIT
Wandering Glitch @WanderingGlitch
2K Followers 1K Following I am the wandering glitch -- catch me if you can
nedwill @NedWilliamson
16K Followers 556 Following Tesla {Autopilot, Dojo}; Previously Google Project Zero; PPP for life; SockPuppet, Soundhax, Speedcubing
@[email protected]... @qwertyoruiopz
123K Followers 867 Following I no longer use Twitter. Mastodon: @[email protected], IRC: https://t.co/Fl1O3K3DTV #chat
DGSN MAROC @DGSN_MAROC
511K Followers 26 Following La Direction Générale de la Sûreté Nationale DGSN, police marocaine, a pour missions le maintien de l’ordre public et la protection des personnes et des biens.
DeepSeek @deepseek_ai
972K Followers 0 Following Unravel the mystery of AGI with curiosity. Answer the essential question with long-termism.
Satoshi Tanda @standa_t
8K Followers 395 Following Software security engineer and trainer https://t.co/tenaquooTc
Reema Bandar Al-Saud @rbalsaud
557K Followers 320 Following The Kingdom of Saudi Arabia’s Ambassador to the United States of America. سفيرة خادم الحرمين الشريفين لدى الولايات المتحدة الأمريكية
GrapheneOS @GrapheneOS
82K Followers 0 Following Open source privacy and security focused mobile OS with Android app compatibility. Forum, Discord, Telegram, Matrix: https://t.co/C0RaJbZosj
Grant H @Digital_Cold
2K Followers 2K Following Mobile security researcher. Previously @Qualcomm product security. @UF Ph.D, @UCF B.S. Opinions my own https://t.co/VKTGUksQFd 🦋: @digitalcold
V4bel @v4bel
1K Followers 141 Following Independent Vuln. Researcher / Pwn2Own Berlin 2025 / Google kernelCTF 0-day / Pwnie Awards 2025
Off-By-One Conference @offbyoneconf
1K Followers 242 Following A premier gathering of offensive cybersecurity professionals, researchers, thought leaders and innovators from around the region.
lime @limeSec_
441 Followers 257 Following CTFer@r3kapig | Bug hunter@Google | Top5 Chrome VRP | Bug hunter@Web3
Renan Rios @hyhy_100
223 Followers 290 Following Weeb bounty hunter 🇧🇷, 2024 Top 20 Chrome VRP Researcher. Interested in browser/kernel security, GFX and AI driven text games. Miqu!
Morocco Intel @MoroccoIntel
93K Followers 39 Following Média numérique indépendant couvrant l'actualité et des informations exclusives nécessaires à la compréhension des enjeux en Afrique du Nord.
Đỗ Minh Tuấn @tuanit96
369 Followers 164 Following Pwnable warrior, web ninja, CTF - scoreboard refresher, ... at BabyPhD
CODE BLUE @codeblue_jp
6K Followers 0 Following CODE BLUE 2025: International cybersecurity conference 📆 Training: 11/16-17 |Conference: 11/18-19 📢 参加登録受付中!Now Accepting Registrations! HP https://t.co/blERauRf35
𝖙𝖆𝖑𝖘𝖔�... @Ripp3rdoc
2K Followers 470 Following «وَأُفَوِّضُ أَمْرِي إِلَى اللَّهِ إِنَّ اللَّهَ بَصِيرٌ بِالْعِبَادِ»
LU$ER 🇸🇦 @lus33r
2K Followers 1K Following Security Researcher | Penetration Tester | RE & Exploit Development | #eJPT #eCPPTv2 #eCXD #CRTP #OSED
Filip Dragovic @filip_dragovic
7K Followers 1K Following My research unless stated otherwise. My opinions are my own and do not represent the views of my employer.Trends for United States
You might like
