-
Tweets104
-
Followers196
-
Following328
-
Likes2K
#Zer0Con2024 Endless party. ☠️ Day2 sponsored by @dfsec_com (🤫 This is the second round)
Nice series for beginners by @santaclzz for getting started with Linux kernel exploitation Getting started & BOF: santaclz.github.io/2023/11/03/Lin… Heap techniques: santaclz.github.io/2024/01/20/Lin… Exploiting race-condition + UAF santaclz.github.io/2024/01/29/Lin… #Linux #cybersecurity
Happy to announce that I am officially part of @dfsec_com !!
My 3-part Linux Kernel Exploitation series is now live! part 1: santaclz.github.io/2023/11/03/Lin… part 2: santaclz.github.io/2024/01/20/Lin… part 3: santaclz.github.io/2024/01/29/Lin… #Linux #kernel #cybersecurity
Fancy a macOS 0day local privilege escalation for GOG Galaxy? Although reported almost a year ago, there is still no patch. Full details for the vulnerability: securityintelligence.com/x-force/exploi…
hi, check out this tool for easy Linux kernel building and debugging - easylkb worked on it together with @netspooky! 💕 writeup: tmpout.sh/3/20.html repo: github.com/deepseagirl/ea…
First (and only) in neovim! My entry: :e bggp.vim|w4|cq4
Patch diffing when you have no blog post, no Github poc, only binaries! #patchdiffinginthedark Let's try CVE-2023-38140 with #ghidriff: gist.github.com/clearbluejar/b… Windows kernel, info disclosure, uninitialized memory... Maybe there were some new calls to memset?…
Web Security vs. Binary Exploitation
"The WebP 0day" -- a full technical analysis the recently patched vulnerability in the WebP image library that was exploited in the wild (CVE-2023-4863). blog.isosceles.com/the-webp-0day/
Finally visited this place :)
If you have ever wondered how to exploit a PostScript interpreter, @FidgetingBits shows this for pagemaker in Lexmark printers! conference.hitb.org/hitbsecconf202…
Check out the writeup for corCTF's daydream from @pepsipu, an unsolved pwnable that requires you to leaklessly transform a stack OOB into universal RCE on glibc 🤯 pepsipu.com/blog/daydream-…
CTF rev players discovering symbolic execution
Once upon a time, I had this crazy dream of creating epic mobile challenges with iPhone and Android devices. I reached out to @CorelliumHQ with my wild ideas, and guess what? Now With Amazing writers, they actually came true! Now, there's no way I can ever look back. #CTF
Pulling SYSTEM out of Windows GINA 🪟: a 0day vuln giving pre-auth SYSTEM shell on domain computers managed by @manageengine ADSelfService Plus
Maha Kemph @KemphMaha28112
73 Followers 5K FollowingLinda @linda_barnett_
191 Followers 3K Followinglock @lockedbyte
3K Followers 853 Following Android kernel vulnerability researcher | Mathematics studentJanetta Jitchaku @jitchaku66841
69 Followers 5K FollowingElina Mcaneny @ElinaMcane98017
73 Followers 5K FollowingChovid99 @Chovid99
639 Followers 555 Following An Ex-SWE who is currently learning everything about security via CTF. Security @osec_io | Playing with @Water_Paddler & Blue WaterMurryn Tylman @mur_tylm
75 Followers 5K Followingb33f | 🇺🇦✊ @FuzzySec
32K Followers 840 Following 意志 / Antiquarian @ IBM Adversary Services / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabsJack Jang @IFdLRx4At1WFm74
154 Followers 242 Following Android gang @dfsec_com // Mastodon @[email protected]geanderson lopes @gebralo
555 Followers 3K Following Conservador !.. BRASIL ACIMA DE TODOS DEUS ACIMA DE TUDO !!! A VAI CORINTHIANS SEMPRE !.. Jiu Jitsu na veia !Cyber Security Eng. #nft #ptvaitomarnocuMelinda Johnson @MelindaJoh21463
81 Followers 3K FollowingKwee @MiaowLab
2 Followers 14 Following_shadow @_n00b_saib0t
50 Followers 609 FollowingDarcio Costa @DarcioC0sta
139 Followers 2K FollowingAnthony (#1 Norma Dum.. @MeBoxksiilhve
533 Followers 3K Following Fighters Unite! You Have Nothing To Lose But Your Chains!somedieyoungZZ @IdaNotPro
58 Followers 154 Following Threat Hunter | Malware Analysis sudo pacman -S kimsukyackchyually @AlexInTheSouth
8 Followers 2K FollowinggiveMeWords @WordGive
56 Followers 506 FollowingKamFretoZ 🐧 @KamFrtoZ
371 Followers 2K Following Just a random nerd who loves cats, play games and consume memesKAZAMOKI @KAZAMOKI
187 Followers 2K FollowingSaif Un Noor Prottoy .. @saifnoorprottoy
285 Followers 446 Following source code reader 🐘: [email protected]Intel Night OWL 🦉�.. @IntelNightOWL
308 Followers 2K Following RT ≠ endorsements | OpenSource Researcher / Developer | OSINT COMINT SIGINT CYBINT ELINT GEOINT MetaData | ADSB AIS SAT | SDR IoT Arduino | Linux | COFFEEadam1989 @adamajl1989
20 Followers 151 FollowingPhan Thanh Duy 🇻�.. @PTDuy
1K Followers 646 Following https://t.co/3ErsOXnHtJ | https://t.co/YffDAg1BZeAshish raj @rajashish957
8 Followers 133 FollowingLeonardo Porpora | @n.. @n0sign4l
204 Followers 747 FollowingSalma Janssen @salma_jans34599
5 Followers 36 FollowingFeDEX @FetchDEX
1K Followers 1K Following { Christian Hacker } { @WreckTheLine / @PwnThyBytes } { Blockchain Security @osec_io 🦦 }Jeremy Fetiveau @__x86
4K Followers 2K Following Hacking chrome. Building new teams with @TrenchantARC. Occasional contributor to @doar_e.7dr @aosihsjsvsv458
0 Followers 999 FollowingDinesh Shetty @Din3zh
2K Followers 1K Following Mobile/IoT/Web security; Trainer & Speaker @BlackHat/DefCon/POC/OWASP/Hackfest...; Day job as Director of Security Engineering; #OSCE #OSCP #OSWE #CCISO...moiz @moiz_hehe
0 Followers 26 FollowingCW Research Lab @cwresearchlab
447 Followers 72 Following Where Good Ideas Become Reality for Better Cyber World!Water Paddler @Water_Paddler
1K Followers 27 Following International CTF Team. https://t.co/OjK0DtQXJ6. Email: wpctf#pm.meJack Jang @IFdLRx4At1WFm74
154 Followers 242 Following Android gang @dfsec_com // Mastodon @[email protected]b33f | 🇺🇦✊ @FuzzySec
32K Followers 840 Following 意志 / Antiquarian @ IBM Adversary Services / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabsPhan Thanh Duy 🇻�.. @PTDuy
1K Followers 646 Following https://t.co/3ErsOXnHtJ | https://t.co/YffDAg1BZeCrowdfense @crowdfense
2K Followers 967 Following Crowdfense is a world-leading research hub and acquisition platform for high-quality zero-day exploits and vulnerability research. We offer the highest bountiesManfred Paul @_manfp
5K Followers 279 Following Maths and cyber and stuff. Playing CTFs with @redrocket_ctf (and @Sauercl0ud). Pwn2Own Vancouver 2020..=2022, 2024. @[email protected]Pew @TheGrandPew
3K Followers 509 Following Websec dude, plays ctf with @Water_Paddler. Blackhat and Defcon 22 speaker. Building VR Goggles @dfsec_comMorning Brew ☕️ @MorningBrew
478K Followers 2K Following The latest news from Wall St. to Silicon Valley. Informative, witty, and everything you need to start your day. ☕️Rio @0x09AL
6K Followers 1K Following POC || GTFO Adversary Simulation - @IBM Founder & Organiser - @BSidesTiranaLaurieWired @lauriewired
30K Followers 204 Following Reverse engineer specializing in cross-platform malware analysis with a focus on mobile threats.Tony (@[email protected].. @amdz23
283 Followers 1K Following @Android Security @Google | Security Researcher | Bureaucracy Hacker | Team Builder | Ex: @USArmy, @US_CYBERCOM, @NSAGovBlackwing Intelligenc.. @blackwinghq
252 Followers 6 Following Security Analysis | Vulnerability Research | Reverse Engineering | R & DTracy 💎 ✨ @hackerpinup
2K Followers 687 Following Vuln Researcher and Embedded dev. Actress. Singer. Bikini fitness competitor. Pole dancer. 🏙 nyc. she/herHerbert Bos @herbertbos
3K Followers 223 Following Professor of Systems Security at @vu5ec / @VUamsterdamOto @otobrglez
3K Followers 4K Following Building impressive products w/ #Scala && incredible people. Host of Slovenian tech/dev podcast #Ogrodje - https://t.co/QGDbiHv7sDSilvio Cesare @silviocesare
11K Followers 1K Following CTO of @infosectcbr. Co-founder of @bsidescbr. Still hacking.cmpspiti @cmpspiti
865 Followers 2K Following Cyber Security Consultant | Penetration Tester | Digital Forensics | MSc | #infosec #DFIR #Bitcoin 🇬🇷🇬🇧SYSPWN @syspwnx
279 Followers 27 Following SysPWN : A place to learn more about Vulnerability Research and make yourself ready for world-class hacking competitionsvessial @vessial
2K Followers 484 Following Just security research,drones/baseband/vehicle hacking for fun.Stephen Fewer @stephenfewer
8K Followers 208 Following Principal Security Researcher @rapid7. Decompiler @relyze. Core @metasploit dev 2009 - 2013. MSRC Top 100 2015. Pwn2Own 2011 & 2021.ʎ3ʞʍoן @lowk3y
2K Followers 698 Following Hacker, critical thinker, philosopher, BOFH, co-founder of @cyberpipe hackerspace, @BSidesLjubljana organizer, FOSS enthusiast,infrastructure solution architecthardwear.io @hardwear_io
9K Followers 521 Following #HardwareSecurity Training & Conference Upcoming Conference & Training #hw_ioNL2023offensivecon @offensive_con
21K Followers 1 Following OffensiveCon is a highly technical international security conference focused on offensive security only. Organized by @bluefrostsec @offensivecon.bsky.socialLinus Henze @LinusHenze
28K Followers 22 Following macOS and iOS Fan. CTF with @allesctf and @Sauercl0ud. Founder @pinauten. they/themCsaba Fitzl @theevilbit
7K Followers 905 Following macOS Security -- Trail running 🏃 -- Mountains ⛰ -- Tolkien fanPaolo Stagno (VoidSec.. @Void_Sec
5K Followers 1K Following Director of Research @Crowdfense. Windows Vulnerability Researcher and Exploit Developer, ex-@XI_ResearchUTM @UTMapp
7K Followers 5 Following iOS: https://t.co/gxz7CSId20 Mac: https://t.co/lwa8lVHwl5 Mac App Store: https://t.co/aQUdd3m5yh Discord: https://t.co/9XXI9hijEvPhillip Tennen @phillipten
16K Followers 2K Following Static analysis, file formats, operating systems, oh my!brinly @brinlystorm
1K Followers 2K Following asking for real action on climate change. ex azimuth, now on a independent low level computering adventure... opinions can be blamed on @CimStordal.Cedric Halbronn @saidelike
4K Followers 625 Following Security researcher, Pwn2Own 2021, Pwn2Own 2022, #RE #exploitdev (Mastodon: @[email protected])Daniel Moghimi @flowyroll
3K Followers 356 Following Senior Scientist @Google. Computer and Hardware Security. Tweets are mine and not my employer's. #downfall Previously: @UCSD @Qualcomm @WPI @TalosSecurityThe State of LinkedIn @StateOfLinkedIn
308K Followers 3 Following LinkedIn is a breeding ground for lies & brown-nosing. Exposing the worst. We are in no way associated with LinkedIn.Adam Doupé @adamdoupe
5K Followers 1K Following Former DEF CON CTF organizer. Associate Professor @ASU. Web, system, and network security. Loves CTFs. Hacks w/ @shellphish. Hosts @ctfradiooo. Open DMs.Zhenpeng Lin @Markak_
3K Followers 353 Following Ph.D., CTF player @Nu1L_team, now @StrawHat_CTF. #Pwn2Own winner. Author of #DirtyCred #BadiouringAlexa Souza @w4fz5uck5
556 Followers 144 Following Co-Founder & CTO at ViperX | Speaker at H2HC & BHACK | OSCP¹⁸ʸ | OSCE¹⁹ʸ | OSWE²¹ʸ | 🏳️⚧️Faith @farazsth98
3K Followers 307 Following Security Engineer @zellic_io, Independent Vulnerability Researcher, CTF pwn+blockchain @SuperGuesser, Prev: Android Vulnerability Research @dfsec_com[email protected].. @jonpalmisc
489 Followers 278 Following Software engineer & security researcher. Present: *OS research. Past: Binary Ninja developer, @vector35.Alex Matrosov @matrosov
18K Followers 2K Following 🔬Founder & CEO @Binarly_io, #codeXplorer, #efiXplorer, @REhints and "Rootkits and Bootkits" book. Previously worked at Nvidia, Cylance, Intel, ESET, Yandex.Just saw a demo - HE DID IT! He actually got a Rust-style borrow checker embedded in a C++ compiler. I might have to reconsider going back to C++ now...
I had an ambitious goal at the start of last year--demonstrate fearless concurrency in C++. Now it's working. This is one of the coolest things in language design. No data races to shared state--statically guaranteed. shared_ptr<mutex<T>> in C++ is Arc<Mutex<T>> in Rust.
fun little vmware backdoor will cause the guest to immediately enter a suspend state 🧐
We are approaching 300,000 followers on Twitter. This is an astronomically large number that we never expected to reach. Some thoughts and feelings: When vx-underground was first created in May, 2019 the initial goal was to 'revive the VX-scene' – with the hopes that with…
The classic DOOM game over htop, the text-based process viewer github.com/0x0mer/doom-ht…
@bl4sty Remove all the ® and ™ symbols from their press releases
mitre.org/news-insights/… what was the motive? burn some 0day and get access to a plethora of n-day?
After my Brother’s iPhone 14 got stolen. His friend received a message stating that his iPhone has been found. A link was given which took him to the find device website. It asked for the Lockscreen pin that was set on stolen iphone. Only thing is, Its a Fake Fraud Website.👇
The kids are alright
Proving once again that Minecraft exploits are fundamentally more interesting than the ones targeting software people actually care about (and definitely being better for civil society): github.com/spawnmason/ran…
Authorities say NBA Youngboy was pretending to be a doctor over the phone with them while he was allegedly running a prescription drug scheme, they knew something was up when he said "axe" instead of "ask"
@mymixtapez one of my pieces of lore is that I went to high school with the guy on the left
Fault injection vs Firmware hacking
When you are logging but have no response capability.
Back to base, with my new favourite keycap from @POC_Crew 😍 Speakers presents are always the best. 💪 #zer0con2024
A 13 year old coded a botnet control framework that utilizes pastebin and github for control of hosts in red teaming… This makes the hacker in me so hopeful. Check out pastebomb when it’s dropped!
Sure , I will reach out and immediately after that I will get into your source code and fix the vulnerability. Some times I want to laugh and sometimes I want to cry with the disclosure responses...
Fixed glibc CVE-2024-2961 iconv(3) out-of-bounds write for EL9 distros via Rocky Linux SIG/Security sig-security.rocky.page/packages/glibc/ sig-security.rocky.page/issues/CVE-202… Bug found and explored by @cfreal_, exploitable via PHP, rated Important, CVSS 8.8 by Red Hat, patched in Fedora but not yet in RHEL
"On PHP [this glibc bug led] to amazing results: a new exploitation technique that affects the whole PHP ecosystem, and the compromission of several applications." openwall.com/lists/oss-secu… x.com/cfreal_/status…