Rob @Rogunix
Joined August 2010-
Tweets4K
-
Followers1K
-
Following444
-
Likes6K
New blog from me on using CLR customizations to improve the OPSEC of your .NET execution harness. This includes a novel AMSI bypass that I identified in 2023. By taking control of CLR assembly loads, we can load assemblies from memory with no AMSI scan. securityintelligence.com/x-force/being-…
I've been getting questions about this again recently, so I wrote a small post. Patching .NET functions from an unmanaged CLR harness: outflank.nl/blog/2024/02/0…
We just released Reflective Call Stack Detections and Evasions! This was co-authored by our @XForce Red intern Dylan Tran @d_tranman! Dylan is wicked smart and it was fun working with him! Check it out!🥷 securityintelligence.com/x-force/reflec…
New blogpost by @0vercl0k: "Competing in Pwn2Own ICS 2022 Miami: Exploiting a zero click remote memory corruption in ICONICS Genesis64" doar-e.github.io/blog/2023/05/0…
Wrote a blog post for my company on how we implement obfuscation for our C# post-exploitation arsenal. Discussing some detection opportunities and our ways around them. Special thx to @Flangvik for his video on SharpCollection, which is our pipelines base r-tec.net/r-tec-blog-net…
Ready to rock! The last few months have definitely been a journey from high to low for me. I challenged myself once again by creating this workshop for @RedTeamVillage_ at @defcon 31 and presenting my biggest project yet to the #infosec community. I hope it is useful and a…
I have posted the slides for the #BlackHat talk @chompie1337 and I gave yesterday -> Close encounters of the advanced persistent kind: Leveraging rootkits for post-exploitation github.com/FuzzySecurity/…
Lo prometido es deuda, el research sobre el CVE-2023-28252 ya esta publicado con su PoC junto a la explicacion detallada del reversing que hicimos con mi amigo @SolidCLT. github.com/fortra/CVE-202… Mas dificil que barrer escaleras para arriba. Ojala les sirva.
With my new blog post "Direct Syscalls: A journey from high to low" I try to explain what a syscall is, what a direct syscall is, why an attacker (red team) uses it, etc. I also try to explain how to build and understand your own shellcode dropper step by step, starting with…
Short write-up on baby's first UAF challenge h0mbre.github.io/PAWNYABLE_UAF_…. Post is meant to serve more as an advertisement for pawnyable.cafe/linux-kernel/. It was a great resource for me to get started on Linux Kernel exploitation. Also I need a new blog layout yikes
Today I am finally releasing a new 3-part browser exploitation series on Chrome! This was written to help beginners break into the browser exploitation field. Part 1 covers V8 internals such as objects, properties, and memory optimizations. Enjoy! jhalon.github.io/chrome-browser…
a beautiful write-up : CVE-2022-1786 A Journey to the Dawn blog.kylebot.net/2022/10/16/CVE…
This is probably the most complex exploit I've done so far. A UAF in Android kernel freed by kfree_rcu (introduces a delay) in a tight race + kCFI + Samsung RKP. Yet its still possible to gain arbitrary kernel RW, disable SE and root from untrusted app. github.blog/2022-06-16-the…
Up your security research skills: This Windows LoadLibrary port for Linux by @taviso is a great project to contribute to. You'll learn how *both* OS's work internally. Use it to fuzz Win binaries faster on Linux github.com/taviso/loadlib…
Do you want to learn how to find vulnerabilities in Google Chrome? @Nosoynadiemas just released the last exercise of Fuzzing101! github.co/3s8m12H
I just released more details about the recent Samba (pwn2own) vulnerability. #CVE-2021-44142. as hot 🔥 as still being reserved on Mitre. 🙃 writeup: 0xsha.io/blog/a-samba-h… PoC (level-0) : gist.github.com/0xsha/0859033e… 1/2
Here are the slides from the "Attacking JavaScript Engines in 2022" talk by @itszn13 and myself @offensive_con. It's a high-level talk about JS, JIT, various bug classes, and typical exploitation flows but with lots of references for further digging! saelo.github.io/presentations/…
Check my first blog about alternative process injection without allocating new memory to bypass EDR. netero1010-securitylab.com/eavsion/altern…
Morning! Just pushed a new blog post that's intended to be the first in a series using LibAFL to solve Fuzzing101 exercises. I've been wanting to dig in to LibAFL for awhile and learning the library "in the open" seemed like a fun idea. epi052.gitlab.io/notes-to-self/…
SecureAuth #Impacket 0.9.24 is now available. Discover the new features including ways to dig deeper into #ADCS, a more hardened #SMB server and delegation features. Read the blog by @0xdeaddood: ow.ly/ZB4550GzycC #offensivehacking
hackplayers @hackplayers
55K Followers 1K Following Hacking ético e in-seguridad informática: it's time to play!
Rob Fuller @mubix
79K Followers 25K Following Dad / Husband / Marine / Student / Teacher / @Hak5 / @NoVAHackers / @SiliconHBO / @NationalCCDC / @MARFORCYBER Auxiliary
Pup0x @pup0x44313
1 Followers 11 Following
Keanu Nys @RedByte1337
896 Followers 74 Following Offensive Security Lead @ Spotit. Creator of GraphSpy
EZ @IAMERICAbooted
2K Followers 1K Following Yesterday is history. Tomorrow is a mystery. Cloud Solutions Engineer at Contoso. Hacktive Directory admin. Posts don't represent my employer(s).
parzel @parzel2
952 Followers 290 Following Hacker based in Berlin | Working at @mod0 | https://t.co/6MZdC7Pcsk | he/him
Andrew Baji @baji_andrew
3 Followers 5K Following
Ivan @micronn_386
5 Followers 332 Following
Soumyani1 @reveng007
1K Followers 2K Following Content absorber | CRTO | CRTP | @BlackHatEvents Asia, USA, SecTor, Europe 2024 Arsenal and @WWHackinFest 2024 Presenter
Lorrie @lorrievaldez65
221 Followers 3K Following
[email protected]... @KyanHexagon
437 Followers 3K Following Honest but earnest. Doing my best and trying to do good recklessly. A slow burner. Computers?! ペネトレーションテストエンジニア
Andrea @andrea8schroede
320 Followers 3K Following
Peter Winter-Smith @peterwintrsmith
6K Followers 3K Following Security researcher & implant developer @mdseclabs; developing SAST @wsastsupport; malware, code analysis, appsec, cryptography. Trying to follow Christ.
Bath8Pid @Bath8P
30 Followers 474 Following
Geoffrey Royer 🇫�... @ge0_dev
246 Followers 604 Following I eat bugs for breakfast. J’écris du code et des histoires. Mon roman « Un pétale dans la braise » : https://t.co/9aen7mkjBM Adhérent @Nouv_Energie
say2 @say___2
636 Followers 264 Following SeHee Kim / iOS / Browser (safari/chrome sbx) / VR @dfsec_com 💪 / keep integrity
𝚝𝚑𝚎𝚜𝚎�... @T_0_r_nado
65 Followers 5K Following
VeritasLuxMea @Veritas88630278
109 Followers 5K Following "A single day in Hell will be worse than a whole life spent in carrying the cross."-J.C. Ryle
Don M @TheDonMcKenzie
276 Followers 917 Following
Oluwatosin Emmanuel A... @tosetech
6 Followers 3K Following Tech consultant | Cyber analyst | Digital forensics investigator | CISO | Software quality assurance engineer | #TechExpert #CyberSecurity #DigitalForensics
Injectyll-HIDe @Injectyll_HIDe
125 Followers 406 Following Injectyll-HIDe is an open-source hardware implant that is being released soon. Stay tuned for more to come...
OliverMames @qqalipayds
59 Followers 1K Following There are thousands of miles to meet each other and not meet each other
不一样的少年 @youthallen
46 Followers 1K Following
Rust Security 🦀 �... @RustSecurity
4K Followers 4K Following News about #Rustlang Security & Fuzzing. Not affiliated with @rustlang core team. 🎉 #Rust security Audit and Fuzzing training is now available 🥳
FuzzingLabs @FuzzingLabs
8K Followers 4K Following Research-oriented Cybersecurity startup specializing in #fuzzing, Vulnerability Research & Offensive security on Mobile, Browser, AI/LLM, Network & Blockchain.
CyberSecuritySalesMan @CSSalesMan
574 Followers 3K Following Cybersecurity sales-man. I sell the best cyber cyber stuff. Words of wisdom. The most in-depth analysis of the cyber-world. I failed my own Turing test.
Ramdhan @n0psledbyte
2K Followers 786 Following CTF @SuperGuesser (pwn), Security Researcher @starlabs_sg
The Red Operator @TheRedOperator
21 Followers 280 Following Last famous words: “… , but in our threat model …”
Bad Sector Labs @badsectorlabs
8K Followers 502 Following Cybersecurity news, techniques, exploits, and tools every week at https://t.co/UgKmeEEjIV 🐘 @[email protected]
ᚢᚾᚳᚾᚩᚹᚾ... @hexslaughter
0 Followers 1K Following Anything done on a computer will be done by a computer.
Blue. @leileis20
0 Followers 4K Following
Ownternet @ownternet
0 Followers 6K Following
SkyNet Tools @SkyNetTools
7K Followers 5K Following Providing the Latest #Infosec #News, #Tools, and #Exploits #BugBounty
⠝⠁⠃⠑⠑⠇ �... @rogue_kdc
4K Followers 299 Following Self-proclaimed Security Researcher. I live on 0days. All tweets are ████████!
Roberto Gómez Vázqu... @RobertoGmezVzq1
0 Followers 1 Following
ZhangHan @kolinzh
5 Followers 304 Following
kanpol @kanpol9
11 Followers 1K Following
0xor0ne @0xor0ne
81K Followers 514 Following | CyberSecurity | Reverse Engineering | C and Rust | Exploit | Linux kernel | PhD | My Tweets, My Opinions :) |
cts🌸 @gf_256
61K Followers 820 Following Co-founder and hacker @zellic_io & @pb_ctf | https://t.co/nlNai6iiMP | 24 Intern @egirl_capital slow to reply to DMs
ippsec @ippsec
119K Followers 353 Following
kmkz @kmkz_security
19K Followers 2K Following Offensive Security, pom-pom girl... Who cares ?? Bourbon Offensive Security Services | BOSS
Tavis Ormandy @taviso
130K Followers 631 Following Vulnerability researcher at Google. This is a personal stream, opinions expressed are mine. I'm also @[email protected]
Ange @angealbertini
25K Followers 908 Following Reverse engineer, file formats expert. Corkami, CPS2Shock, PoC||GTFO, Sha1tered, Magika... Security engineer @ Google. He/him.
stephen @_tsuro
10K Followers 527 Following @v8js security, CTFs and CPU vulnz. LCHL. @[email protected]
Project Zero Bugs @ProjectZeroBugs
35K Followers 0 Following A bot that posts the latest blog posts and disclosures from Google's Project Zero
Intigriti @intigriti
193K Followers 658 Following Bug bounty & VDP platform trusted by the world’s largest organisations! 🌍
Samuel Groß @5aelo
24K Followers 501 Following Working on Project Zero, Big Sleep, and V8 Security. Personal account. Also @[email protected] and https://t.co/aVitnPjBie
stacksmashing @ghidraninja
48K Followers 452 Following Security researcher with a focus on hardware & firmware. I occasionally publish stuff on YouTube. Co-founder of @hextreeio. Contact: [email protected]
James Forshaw @tiraniddo
49K Followers 339 Following Security researcher in Google Project Zero. Author of Attacking Network Protocols. Tweets are my own etc. Mastodon: @[email protected]
Trend Zero Day Initia... @thezdi
83K Followers 16 Following Trend Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
Julien | MrTuxracer �... @MrTuxracer
37K Followers 443 Following Freelancer | #BugBounty | @Hacker0x01 H1-Elite | $1,500,000 Overall Bounties | ❤️ Reversing | Mobile Hacker | https://t.co/pcWduPOt0n
Synacktiv @Synacktiv
20K Followers 271 Following Offensive security company. Dojo of many ninjas. Red teaming, reverse engineering, vuln research, dev of security tools and incident response.
Angelo @lem0nSec_
8 Followers 76 Following Security Researcher @SentinelOne | Windows Exploits & Anti-Tampering Research
BlackSnufkin @BlackSnufkin42
655 Followers 483 Following #RedTeam & #MalwareDev | #CRTL Just a pirate in the Cyber sea 🏴☠️
Microsoft Threat Inte... @MsftSecIntel
187K Followers 1K Following We are Microsoft's global network of security experts. Follow for security research and threat intelligence.
Dennis Kniep @dennis_kniep
226 Followers 235 Following
Keanu Nys @RedByte1337
896 Followers 74 Following Offensive Security Lead @ Spotit. Creator of GraphSpy
Cerbersec @cerbersec
4K Followers 203 Following I make things to break things | non-Blue Team @NVISOSecurity | Opinions are my own
Atsika @_atsika
614 Followers 490 Following Red Team enthusiast | Malware development enjoyer | Adversary Simulation at @quarkslab
EZ @IAMERICAbooted
2K Followers 1K Following Yesterday is history. Tomorrow is a mystery. Cloud Solutions Engineer at Contoso. Hacktive Directory admin. Posts don't represent my employer(s).
Shawn @anthemtotheego
2K Followers 390 Following Adversary Sim @ X-Force Red | Head of Capability R&D | Offensive AI | Implant Dev | Work In Progress | Thoughts My Own | https://t.co/eNspx7jLvm
- @Wh1t3Rh1n0
303 Followers 26 Following
Emeric Nasi @EmericNasi
5K Followers 427 Following CyberSecurity researcher and founder of BallisKit. I have a passion for all infosec subjects especially redteam and writing offensive tools!
PixiePoint Security @pixiepointsec
741 Followers 0 Following A Cybersecurity Consultancy Boutique that Provides Niche & Bespoke Research Services
s1r1us @S1r1u5_
11K Followers 2K Following aham nityaṃ śiṣyaḥ, jagat mama guruḥ. {~hacker~} {founder @ElectrovoltSec, @HacktronAI}
Cedric Owens @cedowens
3K Followers 659 Following Proud Husband to @sgowens0716 and Father | Offensive Security Engineer | https://t.co/CQv4PZcuvG
S4ntiagoP @s4ntiago_p
3K Followers 852 Following Infosecing at @MDSecLabs, ex @CoreSecurity CVEs: -1
RedTeamTacticsAcademy @RedTeamTactics
5K Followers 435 Following Outsmart, Outmaneuver, Redefine the Tactics blog 👉 https://t.co/jBrypEoM7c learn 👉 https://t.co/llylzGEs0D
Oddvar Moe @Oddvarmoe
19K Followers 1K Following Red Teamer @TrustedSec | MS MVP | Speaker | Security Researcher | Blogger | Total n00b & always learning | UNC1194 | Tinkerer | Gamer I try to inspire!
Cody Thomas @its_a_feature_
7K Followers 310 Following Mythic Developer (https://t.co/Uz4fOxIUbe) | @SpecterOps @[email protected] | @its-a-feature.bsky.social
Yehuda Smirnov @yudasm_
759 Followers 531 Following Security Researcher @Microsoft, opinions are my own.
NULL @NUL0x4C
9K Followers 393 Following Windows Malware Researcher | co-founder of https://t.co/1YRk2CEjaO
XBOW @Xbow
10K Followers 6 Following Bringing AI to offensive security by autonomously finding and exploiting web vulnerabilities. Watch XBOW hack things: https://t.co/D5Mco1u8zM
AmberWolf @AmberWolfSec
425 Followers 0 Following Offensive Cyber, Risk Management & Governance, Vulnerability Research and Technical Due Diligence
TrustedSec @TrustedSec
77K Followers 765 Following End-to-end Cybersecurity consulting team leading the industry, supporting organizations, and giving back. #Hacktheplanet Blogs, news, webinars, and tools!
Jason Lang @curi0usJack
16K Followers 200 Following @TrustedSec Red Team lead | Hi-Fidelity trolling | Privacy Enthusiast | Putting the "no" in nano | Avatar: https://t.co/3XHmKR8nCk
CICADA8Research @CICADA8Research
858 Followers 111 Following Welcome to the official Twitter for CICADA8! Your premier destination for cutting-edge research and development in the cybersecurity field
Josh @passthehashbrwn
10K Followers 332 Following Adversarial Simulation at IBM, tweets are mine etc.
Marc Smeets @MarcOverIP
5K Followers 434 Following Does a thing or two with red teaming @OutflankNL | part time race and drift car instructor
parzel @parzel2
952 Followers 290 Following Hacker based in Berlin | Working at @mod0 | https://t.co/6MZdC7Pcsk | he/him
watchTowr @watchtowrcyber
9K Followers 13 Following watchTowr enables organizations to get ahead of in-the-wild exploitation with Preemptive Exposure Management technology.
NVISO Labs @NVISO_Labs
4K Followers 371 Following NVISO Labs is the research arm of @NVISOSecurity, focused on infosec research. This is where our lab rats share the results! 🐀
hextree.io @hextreeio
8K Followers 2 Following 🌱 Grow your cybersecurity skills with concise and well-edited video courses - in early-access, sign-up now! Created by @LiveOverflow and @ghidraninja.
Soumyani1 @reveng007
1K Followers 2K Following Content absorber | CRTO | CRTP | @BlackHatEvents Asia, USA, SecTor, Europe 2024 Arsenal and @WWHackinFest 2024 Presenter
Nick Powers @zyn3rgy
2K Followers 224 Following Adversary Simulation @SpecterOps | Previously @Rapid7 & @Protiviti
Andrea P @decoder_it
8K Followers 290 Following Security Consultant @semperistech . Independent Security Researcher. Cyclist & Scubadiver. MSRC MVR 2022. "So di non sapere"
Filip Dragovic @filip_dragovic
7K Followers 1K Following My research unless stated otherwise. My opinions are my own and do not represent the views of my employer.
ulisses @foolisses
391 Followers 640 Following Mathematician gone InfoSec. Interested in the Linux kernel, vulnerability research & reverse engineering.
Volexity @Volexity
8K Followers 7 Following A security firm providing Incident Response, Proactive Threat Assessments, Trusted Advisory, and Threat Intelligence
BINARLY🔬 @binarly_io
4K Followers 428 Following ⛓️Binarly is the world’s most advanced automated software supply chain security platform.
Mandiant (part of Goo... @Mandiant
127K Followers 4K Following We’re determined to make organizations secure against cyber threats and confident in their readiness.
Zero Day Engineering @zerodaytraining
8K Followers 1 Following State-of-the-Art Exploit R&D • @alisaesageTrends for United States
You might like
