murks @_murks
Joined January 2017-
Tweets75
-
Followers64
-
Following297
-
Likes153
@_murks @BinjaDevs Sure, select the function name and press `y` to change the prototype, including types and argument names.
Looking forward to this. Happy to have provided the first step by uncovering CVE-2018-16621 initially. Blogpost ( insinuator.net/2018/11/multip… ) from the initial disclosure was way back in 2018.
Looking forward to this. Happy to have provided the first step by uncovering CVE-2018-16621 initially. Blogpost ( insinuator.net/2018/11/multip… ) from the initial disclosure was way back in 2018.
Is there a convenient way to rename function parameters from the call site in Binary Ninja? Every time entering the function, changing the parameter name, forgetting the next one, pressing ESC, and repeating the process is tedious. CC @BinjaDevs
I released AFL Queue eXplorer afl-qx. It allows you to explore AFL(++) output directories. You can browse the hex dump of single files or view a diff showing the mutations. Can be used to observe the output folder while #fuzzing or post mortem github.com/murx-/afl-qx
Sneek peek of cstrnfinder Binary Ninja plugin getting a Qt GUI. I really like the MarkdownReport of Binary Ninja, but most of the time, I prefer a side by side view and not the tabbed view.
Analysis of a heap-based buffer overflow I found in GNU readline. Root cause analysis with rr and some @fridadotre shenanigans for crash amplifications.
Analysis of a heap-based buffer overflow I found in GNU readline. Root cause analysis with rr and some @fridadotre shenanigans for crash amplifications.
Other #SolarWinds news:
In case you‘re interested in Bluetooth on iOS and some of Apple‘s proprietary BT protocols, I uploaded my thesis to the ToothPicker repo github.com/seemoo-lab/too…
Wrote a blog post with some examples of how fuzzers deduplicate crashes and some thoughts on crash bucketing/initial triage of crashes. The next post will go into more detail on manual triaging with rr and some Frida shenanigans.
Wrote a blog post with some examples of how fuzzers deduplicate crashes and some thoughts on crash bucketing/initial triage of crashes. The next post will go into more detail on manual triaging with rr and some Frida shenanigans.
Reversing C++ - How not the get an heart attack, by @_murks insinuator.net/wp-content/upl… [PDF]
While writing a blogpost, I found out that the GDB exploitable plugin (github.com/jfoote/exploit…) did not support the newly released GDB 10.1 used in Kali and Arch. It does now. Blogpost with some thoughts on triaging fuzzing bugs follows soon.
New blog post: Forklift <=3.3.9 and <=3.4 Local Privilege Escalations on macOS (CVE-2020-15349/CVE-2020-27192) insinuator.net/2020/11/forkli…
I finally added Ghidra support to devi. You can now devirtualize virtual calls with the help of @vector35's Binary Ninja, @HexRaysSA's IDA, and Ghidra. Currently, @fridadotre is still the only supported DBI. See github.com/murx-/devi
I wrote a blogpost about the bugs I found in GNU readline.
I wrote a blogpost about the bugs I found in GNU readline.
Just found out @pwntester took a look at the Nexus Repository Manager vulnerability (CVE-2018-16621) @_schn31d4 and I reported and found a bypass for the fix (securitylab.github.com/advisories/GHS…). He also used CodeQL to perform a Variant Analysis and found more bugs: securitylab.github.com/research/bean-…
Stay tuned! Tomorrow we open the first door of our Java Security Advent Calendar 2019! 👉 rips.tech/AJAV #java #security #vulnerabilities
Get things done like @aohelin. 1: agree to give a presentation on how you solved a problem. 2: Solve the problem. 3: Present. #radamsa now available as a library. 🍾 @TarlabOulu #hackafterdark #fuzzing #security
Finally pushed devi github.com/murx-/devi to github. Tool to devirtualize virtual function calls using @fridadotre and IDA Pro.
Ymwoarmool @Ymwoarmool7945
35 Followers 1K Following
Emerson Upton @EmersonUpt9409
2 Followers 167 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/ufYnpBuc8o
Dulce Conroy @ConroyDulc17378
20 Followers 379 Following
kiddo @kiddo_pwn
968 Followers 387 Following Independent Security Researcher | Pwn2Own (24🇮🇪 / 25🏎️)
Vikas Kumar @VikasKu35113504
291 Followers 4K Following
🅸🆉🆉🆈 @Wh0ami_7
832 Followers 5K Following Christian | Eternal N00b | OSCP | Passive Bounty Hunter HoF: AT&T, Askdotcom, Microsoft etc. Unsupervised learning. 📝
spikex4v @spikex4v
1 Followers 190 Following
Esteban Guillardoy @sagar38
1K Followers 2K Following Security Researcher (posts & opinions are my own)
i @The15thProphet
48 Followers 957 Following
FuzzingLabs @FuzzingLabs
8K Followers 4K Following Research-oriented Cybersecurity startup specializing in #fuzzing, Vulnerability Research & Offensive security on Mobile, Browser, AI/LLM, Network & Blockchain.
Florencio Cano @florenciocano
1K Followers 1K Following Secure Architecture Team Lead & Principal Product Security Architect @RedHat | Opinions are my own | https://t.co/YemKAWVq6X
vlcnge @vlcnge
144 Followers 2K Following
Roy @xwlin_roy
1K Followers 2K Following
juicemon @jjs93662
37 Followers 600 Following
Hugo Teso @hteso
3K Followers 1K Following Security Researcher and Commercial Pilot with frozen ATPL. I usually mix both disciplines.
Daniel Maslowski aka ... @OrangeCMS
2K Followers 5K Following cpuvangelist \o/ #app & #web #developer | #engineering #software, #firmware, #platforms, #systems & #interfaces
ra.fa.el @h2odriving
25 Followers 417 Following
Frida @fridadotre
14K Followers 2K Following Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
crypt0 @crypt016
28 Followers 851 Following
Flo @FloGatt
289 Followers 879 Following
Manish Kumar @5ame0ver
215 Followers 3K Following Co-founder https://t.co/HUzC4NMbE3, bug hunter, researcher
Christian Schneider @cschneider4711
3K Followers 3K Following Software Developer, Ethical Hacker & Trainer — Speaker (JavaOne Rockstar) — #DevSecOps enthusiast & fan of agile #ThreatModeling: creator of https://t.co/kOLA3IQS2f
Everbest @ulldma
518 Followers 747 Following
Jens Heinrich @JensHeinrichFFM
127 Followers 1K Following Dual Student working for @ub_ffm while studying in Mannheim. Interested in automation with @ansible. Does his talks in #LaTeX. My opinions. Pronouns he/him
Patrik Gustavsson @PatrikGu
2K Followers 797 Following Likes code, coffee, anti-fascism, research, long distance running and lots of beer.
Kruxi Nator @Kruxinator
21 Followers 127 Following
Stean @StefSteel
312 Followers 3K Following IT student, CTF player, interested in all kinds of information security. I mostly tweet about technical stuff but sometimes also other topics I’m interested in.
G0x0pher @G0x0pher
8 Followers 167 Following InfoSec Student. Interested in everything Security related.
Jordan Whitehead @jordan9001
320 Followers 1K Following Vulnerability Research / Security Research. @Atredis @[email protected]
TheVamp @TheHaloVamp
503 Followers 1K Following Reversing, hacking, cracking, coding, caffeine junkie, OSCP, ALLES! - CTF Member | [email protected] | thevamp@bsky
By Will Alone @BWA_Band
62 Followers 637 Following Bringing back the fresh to the metal and electronic music genres altogether. Cult Of The Like is out! \m/
XORxes @xor_xes
89 Followers 406 Following BlueTeamer. Interessts in DFIR, Malware Analysis and RedTeaming
jsamost @_shahmet
16 Followers 606 Following
Traxes @lod108
154 Followers 332 Following
schn31d4 @_schn31d4
16 Followers 23 Following
Asaf Saadia @_setuid0
62 Followers 752 Following
SKi. @net0SKi
411 Followers 467 Following Infosec-Viking with a passion for SDR, embedded stuff, electronics in general, car hacking and nearly any other technical stuff.
Ken Sykes @KensyAtMS
193 Followers 27 Following Microsoft, Windows 3.0 developer, Time Travel developer, Husband, Father, Grandfather, Christian
windbgtips @windbgtips
4K Followers 1 Following A collection of some tips & tricks for the world's best debugger
Yarden Shafir @yarden_shafir
24K Followers 310 Following A circus artist with a visual studio license
Pavel Yosifovich @zodiacon
14K Followers 916 Following Windows Internals expert, author, and trainer. Teaching system programming & debugging at TrainSec. Check out my books & courses! 🚀 #WindowsInternals #TrainSec
Axel Souchet @0vercl0k
13K Followers 544 Following ¯\_(ツ)_/¯, blogging on https://t.co/36oOc8Mgha and posting codes on https://t.co/P83Oen94Rc.
Joern - the tool @joernio
752 Followers 50 Following Official account for joern. Discord: https://t.co/3mbYQWuCeP
Esteban Guillardoy @sagar38
1K Followers 2K Following Security Researcher (posts & opinions are my own)
Hex-Rays SA @HexRaysSA
8K Followers 132 Following We are a hi-tech company focusing on binary software analysis. Our main products are IDA Pro and the Hex-Rays Decompiler. Discourse: https://community.hex-rays
RPW: @[email protected]... @esizkur
8K Followers 893 Following
Romain THOMAS @rh0main
4K Followers 957 Following No longer here. https://t.co/7pANImx70w https://t.co/uhAhqoJWhH https://t.co/9MSpkLkKPz
Disconnect3d @disconnect3d_pl
3K Followers 690 Following Security Engineer at @trailofbits. Pwndbg maintainer, justCatTheFish CTF team captain. Opinions are my own =)
FuzzingLabs @FuzzingLabs
8K Followers 4K Following Research-oriented Cybersecurity startup specializing in #fuzzing, Vulnerability Research & Offensive security on Mobile, Browser, AI/LLM, Network & Blockchain.
Mastering Burp Suite ... @MasteringBurp
16K Followers 0 Following Tips and tricks for Burp Suite Pro Managed by @Agarri_FR | Not affiliated with @Portswigger More free resources at https://t.co/MWqXmV66lr
Andy - @G33KatWork@in... @G33KatWork
4K Followers 665 Following I more or less left Twitter. The Musk is too musky.
h0mbre @h0mbre_
15K Followers 641 Following # Exploit Reliability Engineer # Developing a full-system snapshot fuzzer: https://t.co/mfVXhwoGYD # Avi: https://t.co/3fsQfVprCf
OpenSecurityTraining2 @OpenSecTraining
9K Followers 17 Following 501(c)3 Nonprofit providing Open Source and Open Access computer security training material. #OST2 re-launched July 2021! [email protected]
Xeno Kovah @XenoKovah
13K Followers 75 Following Interested in reverse engineering, firmware, bluetooth, trusted computing, and training. Founder of OpenSecurityTraining2 https://t.co/slK2fsMRwU
Kruxi Nator @Kruxinator
21 Followers 127 Following
Caroline Lemieux @cestlemieux
2K Followers 200 Following https://t.co/jwo69lmnOx / https://t.co/Ap8qucFGBD
Jonathan Foote @footePGH
526 Followers 260 Following Senior principal engineer at @fastly. Infosec and privacy, R&D. Tweets are my own.
Aleksandar Milenkoski @milenkowski
2K Followers 586 Following Threat Research | Threat Intelligence | PhD | European Commission Marie Curie Research Fellow 2011-2014 | Personal Profile | 🇩🇪
Simon Scannell @scannell_simon
3K Followers 501 Following Cloud Vulnerability Research @ google. Opinions are my own
Flo @FloGatt
289 Followers 879 Following
Alvaro Muñoz 🇺�... @pwntester
13K Followers 514 Following Security Researcher with @XBOW. CTF #int3pids. Opinions here are mine! bluesky: https://t.co/9HRRzpBECt
PortSwigger @PortSwigger
100K Followers 23 Following We are a leading provider of software and learning on web security. We make @Burp_Suite and @WebSecAcademy.
Burp Suite @Burp_Suite
131K Followers 14 Following Burp Suite is the leading software for web security testing.
Brad Spengler @spendergrsec
4K Followers 4 Following President of @opensrcsec, developer of @grsecurity Personal account
Jessie Frazelle @jessfraz
131K Followers 229 Following CEO @zoodotdev, 👩🏻💻 @oxidecomputer, 📝 @ACMQueue
GitHub Security Lab @GHSecurityLab
26K Followers 15 Following GitHub Security Lab’s mission is to inspire and enable the community to secure the open source software we all depend on.
Jiska @naehrdine
9K Followers 638 Following Malware artist, unicorn creator, wireless hacker. Working at @HPI_DE (ex @seemoolab). Opinions are my own. https://t.co/GbL7GINJBo / @[email protected]
UN Human Rights @UNHumanRights
4.1M Followers 2K Following The United Nations #HumanRights office is led by High Commissioner @volker_turk. Follow us on FB, IG & TikTok at unitednationshumanrights.
Andrea Fioraldi @andreafioraldi
3K Followers 587 Following Cyber Response Italian Supercazzola Technology Officer at @mhackeroni Inc. Writing your favourite fuzz testing tools with @aflplusplus. Security researcher.
dmnk.bsky.social @domenuk
5K Followers 512 Following 【DΞCOMPILΞ NΣVΞR】 Android Red Team @google Fuzzing @aflplusplus CTF @enoflag (opinions my own)
RandoriSec @RandoriSec
2K Followers 154 Following Cybersecurity company founded by security experts providing the following services: Security audits, Vulnerability research, SecOps, SecArch and Trainings
Rewzilla (🐦➡️�... @Rewzilla
431 Followers 369 Following @[email protected] | Be excellent to each other
Marcel Böhme👨�... @mboehme_
6K Followers 1K Following Software Security @maxplanckpress (#MPI_SP), PhD @NUSComputing, Dipl.-Inf. @TUDresden_de Research Group: https://t.co/BRnFNNgynB
Patrik Gustavsson @PatrikGu
2K Followers 797 Following Likes code, coffee, anti-fascism, research, long distance running and lots of beer.
Rodrigo Branco @bsdaemon
13K Followers 4K Following Chief Architect, Security Research Binarly. Grsecurity. BYOS - Advisor Dartmouth's Hacker in Residence OffensiveCon, Langsec, DistrictCon, Secdev Committee
Alisa Esage Шевч�... @alisaesage
38K Followers 101 Following Independent Hacker & Researcher, Owner of Zero Day Engineering @zerodaytraining • Pronounced ‘is edge’
h0wl @h0wlu
4K Followers 2K Following 🛡️@redteampl Co-founder 🦉@BlackOwlSec Founder 🧜♀️@WarConPL Co-founder 👨🔬Fuzzing 🕵️Web2 & Web3 Security 🪽Angel Investor
@[email protected]... @SecurityMB
11K Followers 284 Following Improving the world’s security at Google. Opinions are mine.
Parker Thompson @m0thran
2K Followers 286 Following Information security / RE / fuzzing / other neat things.
azet @a_z_e_t
2K Followers 2K Following «slacker by trade, hacker by mindset, phreak by nature»⋮distributed systems, security/resilience, applied cryptography & anarchism. HPC. audio. cave&tech divingTrends for United States
You might like
