http (@[email protected]) @SwissHttp
I tweet mainly about IT security, iOS / iPhone jailbreaking. I have a Microsoft background. Administrator on theiphonewiki․com. Blue team. Switzerland Joined April 2010-
Tweets23K
-
Followers6K
-
Following371
-
Likes17K
Decided to publish the Lexmark printer exploit + writeup + tools instead of sell it for peanuts. 0day at the time of writing: github.com/blasty/lexmark -- enjoy!
We (@winterdeaf @kientuong114 and I) took a deep dive on Threema, a Swiss-made secure messaging app. We found 6 new cryptographic vulnerabilities. Full paper at breakingthe3ma.app; mini-thread follows. #threema
Super excited to release our car hacking research discussing vulnerabilities affecting hundreds of millions of vehicles, dozens of different car companies: samcurry.net/web-hackers-vs… Contributors: @_specters_ @bbuerhaus @xEHLE_ @iangcarroll, @sshell_ @infosec_au @NahamSec @rez0__
Hi Auto Industry. It's the internet calling... (Subtitle: How to take over a Ferrari account with zero interaction.) samcurry.net/web-hackers-vs…
If you sent an API request to Twitter with an e-mail address, and an incorrect password, the API returned a JSON response containing the username associated with the account. A Threat Actor compiled 221,608,279 entries. This list includes celebrities, politicians, and more...
Does anyone have a copy or working link to original netcat 1.00 (version 951010), file nc100.tgz or is that lost forever? I can only find dead ftp links or a MinGW fork or v1.10 versions.
Reverse engineering yet another ebook format mijailovic.net/2022/12/25/hkp…
Here are some of the presentations I found the most interesting within the macOS/iOS Kernel Security research space in 2022! 🧵 alexplaskett.github.io/macos-ios-secu…
Here’s another #vulnerability #research writeup, this time about the #xnu #kernel // by @pwningsystems A tale of a simple #Apple kernel bug pwning.systems/posts/easy-app…
Today we're publishing new techniques for recovering NTLM hashes from encrypted credentials protected by Windows Defender Credential Guard. These techniques also work on victims logged on before the server was compromised. research.ifcr.dk/pass-the-chall…
cvss 10.0 linux kernel rce lol zerodayinitiative.com/advisories/ZDI…
Comic for December 22, 2022 #dilbert dilbert.com/strip/2022-12-…
🔐 ICYMI - JP Aumasson (@veorq) is teaching a free #workshop on #Cryptography! Cryptography is indispensable for protecting information in computer systems, but choosing secure protocols and parameters can become overwhelming. Sign up to learn more! 🎟️ ringzer0.training/workshops.html
The Christmas open-obfuscator challenge is live at this address: obfuscator.re/challenges/ Thank you to @vector35 @build38dotcom and @eshard for sponsoring the prizes of this challenge.
I just removed all references to the new social media site where everyone is going to and my handle name in my bio, in order to comply with Twitter’s new policies. You’ll find me anyway.
Checkout the macOS and iOS Security Internals Advent Calendar youtube.com/playlist?list=… #macos #ios #security #internals #adventcalendar #xmas
I wonder why the iOS version of the checkmark is more expensive.
Hey ChatGPT, write me an x86 binary, undetected by all AV and EDR, that contacts my C2 on IP 12.133.253.6 port 443 once per day and migrates to a legit process before calling back. Embed it into a PDF that auto-starts the binary via AdobeReader zeroday.
GeoSn0w @FCE365
120K Followers 583 Following Award-Winning YouTuber. Jailbreak Developer. https://t.co/7Kkd7MCWv6 | Bringing You Jailbreak News @ iDevice Central: https://t.co/VrSFuS1oDR✿ Karen/あけみ�.. @akemin_dayo
30K Followers 1K Following Software engineer, artist, utaite/youtaite, and VTuber tech person ✿ she/her, ⚢🏳️🌈 ✿ 🇯🇵🇹🇼 ✿ バイリンガル、プログラマー、ゲーマー ✿ 日台ハーフなので日本語も話せます!HttpOnly @ant0inet
3K Followers 2K Following Technical Lead Bug Bounty @swisscom_csirt // @[email protected] // *.cust.swisscom.ch is out of scope[email protected].. @axi0mX
64K Followers 2K Following Bootrom exploit philanthropist. Apple silicon hacker. iOS jailbreaker. Join us as we dance madly on the lip of the volcano.Stefan Esser @i0n1c
120K Followers 469 Following CEO of @Antid0tecom (former CEO of @SektionEins) (contact: [email protected])mdowd @mdowd
32K Followers 744 Following Internet Hacker. Founder of @vigilant_labs. Previously, co-founder of Azimuth Security (now L3Harris Trenchant)Adam Demasi @hbkirb
10K Followers 1K Following iOS developer, Windows tinkerer, flame repo guy, maintainer of 🔥 Chariz, Zebra, NewTerm, Legacy Update. Developer at Seraph Secure 🛡️ https://t.co/diakveIhaBCoolStar @CStar_OW
144K Followers 700 Following I make iOS apps & Windows kernel drivers. I make computers run software they weren't designed to. 3623 https://t.co/QQqWTKhhac main. 25. [email protected]Christian Folini / @f.. @ChrFolini
3K Followers 1K Following Author of the #ModSecurity Handbook 2ed, OWASP @CoreRuleSet project co-lead and trainer. Also OWASP @ModSecurity co-lead and program chair @SwissCyberStorm.Shahar Tal @jifa
7K Followers 1K Following A father and hexdump tattoo owner. Opinions are my own, except when they are my wife's. he/him.matty @moski_dev
9K Followers 563 Following Creator of @ramielapp Mostly iOS dualboots/tether booting :)😇 @anaya_padhiar
17 Followers 44 FollowingDe_isberg @Deberg2022
176 Followers 4K Following_shadow @_n00b_saib0t
49 Followers 629 FollowingMichelle Russell mich.. @MichR2311
171 Followers 1K Following #Global #Talent #Sourcing #Acquisition #Researcher #Recruiter #techrecruiter. I will source the the right candidates for you! [email protected]🌸feifix @feifix
55 Followers 107 FollowingJonathan Bender @postitpasswd
122 Followers 423 Following9327624430 @ien_malicdem
32 Followers 173 Followingmaxmedioman @maxmedioman
66 Followers 84 FollowingTheanise @Theanise438643
14 Followers 645 FollowingMichael @mikey_gc
102 Followers 160 FollowingMerc, the HTML decode.. @Vyce_Merculous
866 Followers 496 Following Fascinated about security, AI, compression, and everything IT related. Physics and Psychology are neat too.USER04725852 @user04725841960
0 Followers 2K FollowingGia Huy Nguyễn @GiaHuy0210_
0 Followers 1 FollowingBug Digger @digger_bug
78 Followers 450 Following Vulnerability research and software development Interests: reverse engineering, exploit dev, malware dev, JS Engines, virtualization, (de)obfuscation, iOSPortSys @PortSys
548 Followers 3K Following Total Access Control quickly seamlessly transforms your #ZeroTrust approach to #ITsecurity through its next-generation #reverseproxy solution. #infrastructureAmar Ali @AmarAli37857074
89 Followers 704 FollowingVikas Varshney @vikas_varshney_
65 Followers 3K FollowingDorkerthanu @dorkerthanu
5 Followers 28 FollowingKaran Kumar Paanchal .. @karanrpanchal
758 Followers 5K Following Before leaving the scene, clear your desk and your screen.David Truss @davtruss
45 Followers 2K Following A husband, a parent... An educator, a student... A thinker, a dreamer... An agent of change. ∞ Think Good Thoughts, Say Good Words, Do Good Deeds.Itisme @Itisme88732141
0 Followers 886 FollowingZeev Rabinovich @ZeevRabinovich
73 Followers 518 Followingايوه @ywh96769338
1 Followers 51 FollowingQuiet @soundofquiet
2K Followers 5K Following I solve impossible problems with childlike s̶̖̥͊t̸͙̲̊u̷̘̚p̴̟̯̀i̶̤͑̋d̵̡̨́̐i̸̭͚̍̌t̵̠̳̑̏y̶̘̿. Endearingly weird, loud shit with math, envoy. 🏳️⚧️ they/themً @3h6_1
318 Followers 1K FollowingAndrei Agape @msd0s7
1K Followers 3K Following I help companies secure their web applications - Cybersecurity strategy, pentesting and advisory | OSCP - CRTP - CARTP #cybersecurity #pentesting #webapp #apiJulie @0xbbjubjub
383 Followers 957 Following MSc. Student @EPFL — Auditoor @westhamdefence — CTF player @0rganizers — trusted setups @bsa_epfl — Maintainer @nixos_org — 26 — 🏳️⚧️♀️ — Hacker & CypherpunkMH @MorpheusH3x
654 Followers 5K Following Co-founder @securinsa & student @ ESNA • CTF @ret2school_fr • „Call My Leg Does Not Exist“ - RFC 2543 • @[email protected] #VForVictory #FreeAssangeJohn Thompson @CyberSecJT
5 Followers 179 FollowingRomain THOMAS @rh0main
4K Followers 968 Following Security engineer working on Android, reverse-engineering & obfuscation. Author of @LIEF_project and @open_obfuscatorSarah Schill @phoenix_art_co
30 Followers 230 Following 🪐Artist/painter 🪐Pencil sketches/oil painting 🪐Dm for commissions 🪐Old acct got hacked at 5k pls follow my acctБиржа Рекла.. @BirzhaReklamy
305 Followers 5K Followingcocateh @cocateh
8 Followers 250 Followingnana_success @AttaDavidYaw1
27 Followers 206 FollowingCyberfeed.io @cyberfeedio
763 Followers 686 Following AI-Enabled Daily Cybersecurity News and Jobs | by @andrewckatzoverfl0w @overfl0wsec
7 Followers 72 FollowingFarzan Karimi @jumpycastle
712 Followers 116 Following Android Red Team @ Google. Thoughts are my own.james cook @JamesCook31337
329 Followers 891 Following Cyber Ghost. fan of DLT. mt.gox survivor. Notorious, not famous. often wrong but hated when im right. "Parody Account" You don't need dialogue to tell a story.George Hotz 🌑 @realGeorgeHotz
248K Followers 174 Following President @comma_ai. Founder @__tinygrad__simo @_simo36
7K Followers 107 Followingtihmstar @tihmstar
65K Followers 215 Following Finding offsets since 2017 Email: [email protected] Patreon: https://t.co/FdMYUYWbqr[email protected].. @axi0mX
64K Followers 2K Following Bootrom exploit philanthropist. Apple silicon hacker. iOS jailbreaker. Join us as we dance madly on the lip of the volcano.LiveOverflow 🔴 @LiveOverflow
142K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeioSaar Amar @AmarSaar
18K Followers 362 Following Reversing, exploits, {Windows, Hyper-V, *OS} internals, mitigations. Apple SEAR. Opinions are my own. @[email protected]Nikias Bassen @pimskeks
62K Followers 223 Following iOS Dev & Hacker, Reverse Engineer, Security Researcher | VP of Product Security @Zimperium @zLabsProject | https://t.co/g7bFFBiUKm | @checkra1n@mikko @mikko
231K Followers 932 Following Technology speaker and author. Chief Research Officer at WithSecure.Stefan Esser @i0n1c
120K Followers 469 Following CEO of @Antid0tecom (former CEO of @SektionEins) (contact: [email protected])Matthew Green @matthew_d_green
143K Followers 1K Following I teach cryptography at Johns Hopkins. Mastodon at [email protected] and BlueSky at https://t.co/GI4QlxYTdk.mdowd @mdowd
32K Followers 744 Following Internet Hacker. Founder of @vigilant_labs. Previously, co-founder of Azimuth Security (now L3Harris Trenchant)stacksmashing @ghidraninja
47K Followers 429 Following Security researcher with a focus on hardware & firmware. I occasionally publish stuff on YouTube. Co-founder of @hextreeio. Contact: [email protected]CoolStar @CStar_OW
144K Followers 700 Following I make iOS apps & Windows kernel drivers. I make computers run software they weren't designed to. 3623 https://t.co/QQqWTKhhac main. 25. [email protected]Robert Graham 𝕏 @ErrataRob
66K Followers 2K Following Created (BlackICE,IPS,sidejacking,masscan). Doing (blog,code,cyber-rights,Internet-scanning). @[email protected]Ivan Fratric 💙💛 @ifsecure
17K Followers 192 Following Security researcher at Google Project Zero. Tweets are my own. Backup @[email protected]Corellium @CorelliumHQ
30K Followers 113 Following Mobile and IoT device virtualization on Arm. On-site and in the cloud. To sign up or learn more, visit us at https://t.co/2Sc3DIPzbXSam Curry @samwcyo
77K Followers 948 Following Hacker, bug bounty hunter. Run a blog to better explain web application security.Farzan Karimi @jumpycastle
712 Followers 116 Following Android Red Team @ Google. Thoughts are my own.Gergely Kalman @gergely_kalman
1K Followers 312 Following bug bounty hunter I guess @[email protected]Maddie Stone @maddiestone
64K Followers 847 Following Security Researcher - Google's Threat Analysis Group | 0days all day. Love all things bytes, assembly, and glitter. she/her.Vigilant Labs @vigilant_labs
2K Followers 2 Following Official account of Vigilant Labs (https://t.co/PzW4HkfAwd).@[email protected].. @_drmr_
3K Followers 89 Following member of @fail0verflow · made some things that some people knowZach Stein @synzack21
477 Followers 388 Following Red Teamer | Penetration Tester | AD Nerd | Adversary Simulation @SpecterOps🔥🌸OS Bootloader @iBootStage1
1K Followers 9 Following “The best firmware security around” - @dinodaizoviSecureROM @SecureROM
462 Followers 3 FollowingLinus Henze @LinusHenze
28K Followers 22 Following macOS and iOS Fan. CTF with @allesctf and @Sauercl0ud. Founder @pinauten. they/themWindows Insider Progr.. @windowsinsider
161K Followers 301 Following Official Twitter of the Windows Insider Program, a community of tech enthusiasts and experts, IT pros, and developers helping to shape the future of @Windows.DC4131 - DEFCON CH @defconch
1K Followers 115 FollowingJake James @Jakeashacks
84K Followers 185 Following iOS, Web & tweak developer. I like hacking. Repo: https://t.co/C2hEVx6nmA Github: https://t.co/RWyQdGci8k Talk to me in English, Italian or AlbanianTrung Nguyễn Hoàng @ntrung03
2K Followers 145 Following daytime university student, nighttime security researcher... | Also @[email protected]Brightiup @realBrightiup
7K Followers 544 FollowingSauercloud @Sauercl0ud
2K Followers 10 Following Sauercloud (a.k.a. Krautstrike, a.k.a. Germany's next ROPModel) is a cooperation of many german speaking CTF teams, first assembled for DEFCON CTF 2018.What a week, huh? all.. @whataweekhuh
388K Followers 0 Following Captain, it's wednesday. The amazing art for the profile picture was made by Blouk @bloukBloukTim Willis @itswillis
4K Followers 180 Following Long time listener, infrequent tweeter. Head of Project Zero @Google. Views are my own. Still reading: "Brown Bear, Brown Bear, What Do You See?"Randori Attack Team @RandoriAttack
3K Followers 62 Following Trusted Adversary @RandoriSecurity | Exploit Development | Offensive Operations | #InfoSec tweets only | Managed by @syndrowm @pwnpnw @aaronportnoypeterpan0927@infosec... @Peterpan980927
2K Followers 347 Following Mobile Security Researcher @starlabs_sgSolder Party @solderparty
6K Followers 16 Following We design easy to use products that help you develop your projects. All our products are open source HW and SW! Find our links at https://t.co/KquE5HDl7b🔥🌸 tjkr0wn @tjkr0wn
2K Followers 46 Following (Independent) iOS security researcher. Professional banterer.Romain THOMAS @rh0main
4K Followers 968 Following Security engineer working on Android, reverse-engineering & obfuscation. Author of @LIEF_project and @open_obfuscatorNicolas Brunner @NicolasBrunner_
20 Followers 8 Following iOS software engineer 📱 with a passion for selforg at #sbbcffffs 🚂Neill Clift @clift_m
305 Followers 596 Following Gentleman Scientist. Spend my time obsessing over the calculation of optimal addition chains. Totally useless really.NVIDIA PSIRT @NVIDIAPSIRT
251 Followers 0 Following NVIDIA Product Security Incident Response Team. To report vulnerabilities in NVIDIA products, visit https://t.co/dXN4j9BYDv. https://t.co/bobN0AVbF1muffinx @_muffinx
134 Followers 9 Following Trainer of Swiss National Hacking Team m0unt41n /mnt/ain @SHC_Challenge Security Researcher @_setuid0_Dan Kaminsky @dakami
90K Followers 442 Following We can fix it. We have the technology. OK. We need to create the technology. Alright. The policy guys are mucking with the technology. Relax. WE'RE ON IT.VUSec @vu5ec
4K Followers 138 Following Systems and Network Security Group @VUamsterdam. Co-led by @herbertbos @c_giuffrida @EKouweCan Bölük @_can1357
7K Followers 238 Following Security research | Reverse engineering | Static analysis | Deobfuscation | Windows kernel.Bug Bounty Switzerlan.. @bugbounty_ch
2K Followers 201 Following Together with Hackers we prevent Cyber Attacks and build Digital Trust for a better World.Samuel Groß @5aelo
24K Followers 499 Following V8 Security technical lead. Previously Project Zero. Personal account. Also @[email protected] and https://t.co/aVitnPjBieNikolaj Schlej @NikolajSchlej
4K Followers 86 Following Firmware Security Engineer https://t.co/HQjk1Q007KAsahi Linux (@AsahiLi.. @AsahiLinux
32K Followers 7 Following Account retired, please follow us on Mastodon: @[email protected] https://t.co/hG6ROiXY2V#FreeTheSandbox @FreeTheSandbox
7K Followers 10 Following An official account for the #FreeTheSandbox Initiative that promote local admin rights for on *our* smartphones. It's simple: Local admin = more innovation!codecolorist@infosec... @CodeColorist
5K Followers 989 Followingt8012 Development Tea.. @t8012dev
2K Followers 8 FollowingHere is my writeup for 2 Windows kernel bugs I reported to MSRC. Both are race conditions that cause Use-After-Free. As there is very few windows kernel writeups I share my research methodology and more. Hope it helps other researchers. Share it😀 dannyodler.hashnode.dev/racing-bugs-in…
We were recently made aware of reports that Twitter user data was being sold online. After a comprehensive investigation, we found no evidence that this data originated from the exploitation of our systems. Read more here:
I spent my New Years taking over a dead IoT company called NYCTrainSign. If you know someone with one of these signs send them my way! blog.kchung.co/taking-over-a-… @NYCTRAINSIGN @HelloTidbyt
New blog post: Image Stacks and iPhone Racks - Building an Internet Scale Meme Search Engine findthatmeme.com/blog/2023/01/0…
Fuzzing the Shield: CVE-2022–24548 medium.com/s2wblog/fuzzin… #Pentesting #Fuzzing #CVE #CyberSecurity #Infosec
Decided to publish the Lexmark printer exploit + writeup + tools instead of sell it for peanuts. 0day at the time of writing: github.com/blasty/lexmark -- enjoy!
We (@winterdeaf @kientuong114 and I) took a deep dive on Threema, a Swiss-made secure messaging app. We found 6 new cryptographic vulnerabilities. Full paper at breakingthe3ma.app; mini-thread follows. #threema
The biggest advantage Rust has over anything else is its fearless concurrency (threading). I've been doing a little networked audiomixer and it has 6 threads now, and 0 issues with them. In C++ it'd feel like juggling chainsaws, and python/JS whahhahah haha threading.
New blogpost! I put together a thorough survey of security mitigations && architectures from the past few years. HW solutions, SW mitigations, and safe languages. CHERI, MTE, Rust, Swift, kalloc_type, Firebloom, GuardedMemcpy, CastGuard, and more! saaramar.github.io/memory_safety_…
Flash dumping to the next level... A Fitbit Charge 5 flash @unixb0y gave me at @hardwear_io NL22 Hardpwn. See his initial flash dump attempt here: x.com/unixb0y/status… Search "probe data recovery sd card" on Ali for the setup. Still quite hard to use but easier than PCBites ;)
I forgot I built this! I made a script to parse all GET, POST, Header variables and routes from all public PHP GitHub repos. Trying adding them into your recon and fuzzing github.com/adamtlangley/g… #bugbountytips
Super excited to release our car hacking research discussing vulnerabilities affecting hundreds of millions of vehicles, dozens of different car companies: samcurry.net/web-hackers-vs… Contributors: @_specters_ @bbuerhaus @xEHLE_ @iangcarroll, @sshell_ @infosec_au @NahamSec @rez0__
Hi Auto Industry. It's the internet calling... (Subtitle: How to take over a Ferrari account with zero interaction.) samcurry.net/web-hackers-vs…
Pwn the ESP32 Secure Boot limitedresults.com/2019/09/pwn-th… #Pentesting #FaultInjection #CyberSecurity #Infosec
If you sent an API request to Twitter with an e-mail address, and an incorrect password, the API returned a JSON response containing the username associated with the account. A Threat Actor compiled 221,608,279 entries. This list includes celebrities, politicians, and more...
TheHole New World - how a small leak will sink a great browser (CVE-2021-38003) starlabs.sg/blog/2022/12-t… #Pentesting #CyberSecurity #Infosec
A Visual Guide to SSH Tunnels: Local and Remote Port Forwarding iximiuz.com/en/posts/ssh-t… #Pentesting #CyberSecurity #Infosec
Recently, it was necessary to write an RCE exploit for a remote UAF N-day vulnerability (ZDI-17-836). This post goes through root cause analysis and exploitation. Also, I present a tool / methodology to avoid heap sprays. primalcerebral.com/blog/egregious…
And set policy to disable enabling it? reg add HKLMSYSTEMCurrentControlSetControlSecurityProvidersWDigest /v UseLogonCredential /t REG_DWORD /d 0 Also applied KB2871997 on old systems?