Davide Ornaghi @TurtleARM97
A pentester doing security research while dumping NTDS github.com/TurtleARM Milan Joined June 2022-
Tweets74
-
Followers386
-
Following71
-
Likes53
Here is a more up-to-date syz description of your favorite subsystem nftables, happy fuzzing! github.com/google/syzkall…
🎫 No hat Computer Security Conference 2024 tickets are NOW AVAILABLE on nohat.it 🎫 See you in Bergamo, Italy on Oct 19th! #NoHat #Computer #Security #Conference #Community #Cybersecurity #NoHat2024
While testing and fixing a couple of NPDs in nftables, I found that reusing the subsystem after crashing triggers a UAF read on the previously freed task_struct when reacquiring the commit mutex, maybe worth a look? github.com/torvalds/linux…
Syzkaller being mad about my custom grammar
I've written my first blog post on exploiting the Linux kernel, with bonus digressions on internals and rabbit holes. Hope you enjoy the fancy graphics! betrusted.it/blog/64-bytes-… betrusted.it/blog/64-bytes-…
Exciting news! 🚀 Just dropped my blogpost unveiling the universal Linux kernel LPE PoC for CVE-2024-1086 (working on v5.14 - v6.7) used for pwning Debian, Ubuntu, and KernelCTF Mitigation instances, including novel techniques like Dirty Pagedirectory 🧵 pwning.tech/nftables
Added two less known PE payloads to the project: core_pattern overwrite and syscall hooking (inspired by CVE-2022-0435)! github.com/TurtleARM/CVE-…
Experimenting with mappable zero pages and privesc techniques for my DECnet vuln, still a WIP github.com/TurtleARM/CVE-…
CVE-2023-3338 represents a series of issues I found in the Linux DECnet Layer (a 20-year-old protocol) that caused it to be removed from all LTS releases, the most obvious one being this NPD openwall.com/lists/oss-secu…
Quick gdb tip to access per-cpu variables in case lx_per_cpu doesn't work: x __per_cpu_offset[$lx_current().cpu] + (unsigned long) var
Great opportunity to have fun with Linux pwning in the beautiful Bergamo!
Great opportunity to have fun with Linux pwning in the beautiful Bergamo!
Spent hours trying to mask timer interrupts on gdb to prevent LAPIC events when all I had to do was update QEMU
#HITB2023AMS #VIDEO #COMMSEC D2 - The Return of Stack Overflows in the Linux Kernel - Davide Ornaghi - conference.hitb.org/hitbsecconf202…
Writing CodeQL queries that actually do what you expect feels like magic
When your UAF read reallocation isn't behaving
Why is SystemTap so hard to run on custom kernels ☹️
I will be at @HITBSecConf #HITB2023AMS this week, if you are around, pull up, they have a free CommSec track too!
#HITB2023AMS COMMSEC: The Return of Stack Overflows in the Linux Kernel - Davide Ornaghi - conference.hitb.org/hitbsecconf202…
Looks like I’ll be speaking at @HITBSecConf about kernel (in)security and other exciting stuff!
So far the most comprehensive & clear post on the topic I've found, go check it out! #linux #internals
So far the most comprehensive & clear post on the topic I've found, go check it out! #linux #internals
Uiquieuixaw @Uiquieuixaw226
11 Followers 1K Following
Whumnu @Whumnu475480
41 Followers 2K Following
Rotem Zucker @RotemZucker
6 Followers 92 Following
c1bero @c1bero
21 Followers 254 Following Vulnerability Researcher at Exodus Intelligence. Former Mathematician. https://t.co/QKcxndAFFu
Troy Miller @troy_mille34200
35 Followers 286 Following
kiks @kiks7_7
297 Followers 192 Following
Yonatan Amiga @AmigaYonatan
2 Followers 63 Following
Ojaswi Kumar Mishra�... @0xojaxwi
74 Followers 2K Following Old-school Malware & Offensive Security REsearcher | ⚡Kernel Pwner⚡
Metro Olografix @MetroOlografix
842 Followers 134 Following Account ufficiale della Metro Olografix | Associazione Culturale Telematica
^.Übermensch @_foobarr
25 Followers 2K Following
Johny.M @Johny_M_007
20 Followers 459 Following “Every deep thinker is more afraid of being understood than of being misunderstood.” ― Friedrich Nietzsche
d3vmzw5n @d3vmzw5n
18 Followers 847 Following Focus on android and linux vulnerability.All opinions are my own.
M4Lw4R3v3Rs3 @0_g_u_z
316 Followers 5K Following CE 4/4 Interested in Cyber Security & Physics Only learning everyday! Neyi FEDA etmeye hazırsın?
AlexRadu @AlexRad14030664
18 Followers 682 Following
AjMaChInE @ajblane0612
60 Followers 3K Following
Z80 and beyond @_rac01
2K Followers 7K Following Admires those who "cut holes in fences" (just listen to the pinned video / sound track), loves all kind of cool (old, Z80 but also new) technology too
pipironi @pipironio
6 Followers 304 Following
Leonardo Porpora | @n... @n0sign4l
231 Followers 1K Following
...and that was how w... @HowWeLostTheWar
247 Followers 2K Following Behind every wooden horse is a woodshop
mathis @mathis_lm_92
64 Followers 761 Following
crazyman @crazyman823886
1K Followers 1K Following CTFer / APT hunter / RedTeam / BlueTeam the member of @r3kapig the leader of @ShadowChasing1 CVE:CVE-2022-30190 pre account @CrazymanArmy
bobby b @bbrodbk
73 Followers 390 Following
Intré @intre_it
246 Followers 215 Following Software House #scrumteam, we do #iot #javascript #customplatforms and #automation. Technologies: #nodejs #java #scala #angularjs #react #nosql #cplusplus #cpp
luca cruciani @crucio14
118 Followers 242 Following Dev, Agile passionate, Social Media Manager & Beer Lover
jovial @grepNstep
352 Followers 8K Following Retweet ≠ endorsement. Trust those who seek the truth, doubt those who find it
Kevin Carli @CarliKevin
4 Followers 856 Following Security engineer at Orange Cyberdefense Switzerland
ice @ice98079542
93 Followers 3K Following
zzzz @fafa91_
3 Followers 431 Following
İlham Bayramov @azsecured
113 Followers 506 Following Linux and DevOps Engineer💻 | RHCSA & RHCE & CKA & CKAD | Radio amateur📡 4K6BI #linux #opensource
Aleksei Kulaev @flat_z
12K Followers 1K Following Console hacker, former Kaspersky Team Lead of Exploits & Network Threat Detection, security researcher. For tips (thx!): https://t.co/VxJMiawFpP
kiks @kiks7_7
297 Followers 192 Following
sferrini @Simone_Ferrini
5K Followers 1K Following *OS Security Researcher & Director at @prdgmshift. Passionate about RE, fuzzing, hardware and low-level binary stuff. ʚଓ
LukeGix @LukeGix
487 Followers 574 Following Computer science student @ Unimi. Professional n00b. He/Him
Diego Zaffaroni @Xenomit_
129 Followers 378 Following Security Engineer @Google | CTF player @mHACKeroni and @towerofhanoi
Mauro Baluda @mbaluda
120 Followers 662 Following
Andrey Konovalov @andreyknvl
7K Followers 783 Following Security engineer at https://t.co/027VXUlgOx. Focusing on the Linux kernel. Maintaining @linkersec. Trainings at https://t.co/D5MrxmYimS.
Lorenzo Franceschi-Bi... @lorenzofb
52K Followers 3K Following Senior reporter @TechCrunch, writing a book on Hacking Team and the industry of government spyware. ☎️ +1 917 257 1382
Andrea Continella @_conand
829 Followers 944 Following Associate Prof. in CS @UTwente | Security researcher | Hacker @shellphish | Proud Sicilian 🌋🍻
David Weinstein @insitusec
3K Followers 5K Following CTO, software, code archaeology, security, mobile apps, startups, NP Hard, AI Things
Rick de Jager @rdjgr
1K Followers 606 Following CyberSecurity student at @TUeindhoven - CTF with Superflat / @0rganizers / ICC team Europe 22/23/24/25
David Wang @planetbeing
129K Followers 126 Following Chief Architect @quantummetric, ex-@corelliumhq, retired security researcher. Formerly of evad3rs, iPhone Dev Team, iPhone Linux. Views are my own.
Linus Henze @LinusHenze
26K Followers 22 Following macOS and iOS Fan. CTF with @allesctf and @Sauercl0ud. Founder @pinauten. they/them
l33tdawg @l33tdawg
7K Followers 2K Following That HITB guy (@hackinthebox @HITBSecConf) and now OOTB guy (@OOTBconf), Music Producer @dhankasounds, & VP of Global Strategy and Growth @verichains
Joshua Hill @p0sixninja
134K Followers 2K Following CTO/Co-Founder VivaSecuris. Supervillain Mad Scientist Hacker. 🥷 Chaotic Neutral
Tarjei Mandt @kernelpool
17K Followers 565 Following
Nikias Bassen @pimskeks
60K Followers 223 Following iOS Dev & Hacker, Reverse Engineer, Security Researcher | VP of Product Security @Zimperium @zLabsProject | https://t.co/g7bFFBiUKm | @checkra1n
Marcus Botacin @MarcusBotacin
615 Followers 385 Following CS Assistant Professor at Texas A&M @TAMUEngineering; PhD @SECRET_UFPR @UFPR; CE/CS Master @Unicamp_IC; #Malware Research; Also: @[email protected]
HITBSecConf @HITBSecConf
17K Followers 4K Following The official Twitter stream for the HITBSecConf conference series held annually in Europe (Amsterdam), Asia (Bangkok), & The Middle East (Abu Dhabi)
Trend Zero Day Initia... @thezdi
83K Followers 16 Following Trend Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
0xor0ne @0xor0ne
81K Followers 514 Following | CyberSecurity | Reverse Engineering | C and Rust | Exploit | Linux kernel | PhD | My Tweets, My Opinions :) |
Berghem-in-the-Middle... @BITM_HACKLAB
544 Followers 1 Following No-profit association, security & privacy, sharing and freedom. Organizers of @nohatcon
Antonio Cocomazzi @splinter_code
9K Followers 327 Following offensive security - windows internals | BlueSky: https://t.co/ytvJCoaF2c | Mastodon: https://t.co/hNIHa6L14d
C:\hristina @divinetechygirl
23K Followers 7K Following Information Security Leader & Published Author • Leading InfoSec & Cyber @ 🏈 • Love a fitted but I don’t 🧢
Nicolas Krassas @Dinosn
146K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
LuemmelSec @theluemmel
8K Followers 552 Following I speak BloodHound. Husband, Father, IT-Guy, Security-Noob Blog: https://t.co/PXB35KEqs6 GitHub: https://t.co/Unp9jZOpBn
Charlie Bromberg « ... @_nwodtuhs
15K Followers 653 Following Trying to hack the way we hack things 🏴☠️
Andrea Palazzo @cogitoergor00t
840 Followers 475 Following Android researcher & Director @prdgmshift. prev: LIST_POISON2 (dead000000000200), list_del corruption. Founder @truel_it
Hexacon @hexacon_fr
5K Followers 1 Following Offensive security conference in the heart of Paris. 10-11th October 2025 Join our Discord server! https://t.co/Btl15G8LsI
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
RandoriSec @RandoriSec
2K Followers 154 Following Cybersecurity company founded by security experts providing the following services: Security audits, Vulnerability research, SecOps, SecArch and Trainings
David Bouman @pqlqpql
1K Followers 352 Following vuln research (mostly kernels) & ctf w/ @0rganizers
Alex Plaskett @alexjplaskett
12K Followers 571 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.
Rado RC1 @RabbitPro
5K Followers 658 Following Exploitation, hardware, embedded, reverse engineering, automotive security. Pwn2Own Master of Pwn Flashback team (@FlashbackPwn).
devtooligan (ai arc) @devtooligan
10K Followers 847 Following security+ai 🧐 building @zerocool_ai 🥶 cto @round_ai_media 👁️ TOUCH GRASS EVERY DAY 👉 🌱 You're absolutely right!
sn🥶vvcr💥sh @snovvcrash
12K Followers 488 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Black Hat @BlackHatEvents
420K Followers 2K Following The World's Premier Technical Cybersecurity Conference Series
Black Hills Informati... @BHinfoSecurity
48K Followers 2K Following Specializing in pen testing, red teaming, and Active SOC. We share our knowledge through blogs, webcasts, open-source tools, and Backdoors & Breaches game.
X-Technobro @vendetce
501 Followers 695 Following
n00py @n00py1
13K Followers 963 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
OffSec @offsectraining
325K Followers 119 Following Empowering the world to fight cyber threats with indispensable cybersecurity skills and resources. Build the path to a secure future with OffSec.Trends for United States
You might like
