j00ru//vx @j00ru
(Mostly) Windows hacker & vulnerability researcher. Google Project Zero. @DragonSectorCTF j00ru.vexillium.org Switzerland Joined April 2010-
Tweets1K
-
Followers38K
-
Following831
-
Likes1K
Together with @p4_team we've donated our winnings from Russian CTFs to humanitarian aid towards 🇺🇦#Ukraine! $3,000 from each team which we'll match from our #PolandCanIntoSpace winnings. $12,000 in total for @PAH_org. #NoToWar 🇺🇦🇵🇱 #CTFforUA siepomaga.pl/ctfforua
New blog post: Zooming in on Zero-click exploits googleprojectzero.blogspot.com//2022/01/zoomi…
Congrats to the winners of this year's Dragon CTF, and the 5⃣ teams that solved my small Linux pwnable "Nim" challenge! As usual, I've uploaded my write-up and exploit on GitHub: github.com/j00ru/ctf-task…
Congrats to the winners of this year's Dragon CTF, and the 5⃣ teams that solved my small Linux pwnable "Nim" challenge! As usual, I've uploaded my write-up and exploit on GitHub: github.com/j00ru/ctf-task…
Dragon CTF 2021 has started! ctf.dragonsector.pl Have Fun, Good Luck! Reminder: This is a 24h CTF so start early :)
"Can you still relay authentication in a Windows domain if NTLM is disabled?", I asked myself. "Perhaps I should research that" I said. Here's a blog post about what I found out. googleprojectzero.blogspot.com/2021/10/using-…
This week we are starting an experiment that enables V8's Virtual Memory Cage in Chrome on Desktop (currently only on Dev + Canary channels, then Beta and finally Stable). Here is how that'll work:
new blogpost: "How a simple Linux kernel memory corruption bug can lead to complete system compromise: An analysis of current and potential kernel security mitigations" I'll post a copy to the kernel-hardening list later in case folks want to discuss it. googleprojectzero.blogspot.com/2021/10/how-si…
weggli, my attempt at writing a fast and robust semantic search tool for C and C++ code is now open source: github.com/googleprojectz…. Please take a look and let me know what you think.
After almost a full year I've scheduled the next livestream - Friday, 6PM CEST, Google Beginners Quest CTF 2021 - solving all tasks :) youtube.com/watch?v=RsfjKZ…
New Project Zero blog post: Fuzzing Closed-Source JavaScript Engines with Coverage Feedback, googleprojectzero.blogspot.com/2021/09/fuzzin…
I've released Seventh Inferno vulnerability report (some NETGEAR smart switches): gynvael.coldwind.pl/?lang=en&id=742 This vuln is interesting technically: it starts with a \n injection in the pwd field, goes through being able to write a file with constant uncontrolled content of "2" ...
Faster fuzzing on macOS! If you're using Jackalope/TinyInst on macOS and need -pathch_return_addresses flag, you should now be able to replace it with -generate_unwind and enjoy fuzzing without slowdowns. Thanks @_aniculae for working on this!
Faster fuzzing on macOS! If you're using Jackalope/TinyInst on macOS and need -pathch_return_addresses flag, you should now be able to replace it with -generate_unwind and enjoy fuzzing without slowdowns. Thanks @_aniculae for working on this!
My second internship at Project Zero brings macOS stack unwinding support in TinyInst (and implicitly in Jackalope). If you fuzz macOS targets that throw exceptions, you can now use the -generate_unwind flag (instead of the -patch_return_addresses flag) for a ~10x speed-up.
I've published the reports for 2 of 3 recently patched NETGEAR vulnerabilities: gynvael.coldwind.pl/?id=740 gynvael.coldwind.pl/?id=741 1st is just an auth bypass, but the 2nd - while not that risky - is pretty fun (in a facepalm kind of way). 3rd will be published on Sept 13th.
Another set of NETGEAR vulnerabilities were patched yesterday - patch now. kb.netgear.com/000063978/Secu… Affected models in reply...
I’m looking for a new position (remote work while being based in Germany or local, based near Bodensee). Any pointers?
My friends told me I got nominated to @PwnieAwards for my Windows 7 blind TCP/IP hijacking research. That's a great start of the day ;-) Btw. On a side note, this already 9-year-old bug still doesn't have an allocated CVE ;-) pwnies.com/windows-7-blin…
Announcing the 2021 Pwnie Award nominations: pwnies.com
Designing a sandbox for V8: docs.google.com/document/d/1FM…
Jackalope (github.com/googleprojectz…) now supports fuzzing Linux targets with Sanitizer Coverage, see github.com/googleprojectz…. Probably not super exciting at the moment as there are plenty of other fuzzers on Linux, but with some upcoming mutators, who knows ;-)
Yarden Shafir @yarden_shafir
19K Followers 271 Following A circus artist with a visual studio licenselcamtuf (@lcamtuf@inf.. @lcamtuf
35K Followers 494 Following Homepage: https://t.co/iFAXZxCO5H Substack: https://t.co/yFvmNisGW3Grzegorz Tworek @0gtweet
29K Followers 1K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-Halvar Flake @halvarflake
44K Followers 3K Following I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected] At the moment, for noone.Saar Amar @AmarSaar
18K Followers 362 Following Reversing, exploits, {Windows, Hyper-V, *OS} internals, mitigations. Apple SEAR. Opinions are my own. @[email protected]h0mbre @h0mbre_
12K Followers 576 Following tryhard at linux kernel && avatar is by Ching Yeh: https://t.co/oanjFPPhe7hasherezade @hasherezade
84K Followers 845 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)b33f | 🇺🇦✊ @FuzzySec
32K Followers 844 Following 意志 / Antiquarian @ IBM Adversary Services / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabsmdowd @mdowd
32K Followers 744 Following Internet Hacker. Founder of @vigilant_labs. Previously, co-founder of Azimuth Security (now L3Harris Trenchant)Gynvael Coldwind @gynvael
38K Followers 1K Following security researcher/programmer/director @ HexArcana Cybersecurity GmbH ⁂ @pagedout_zine ⁂ @DragonSectorCTF ⁂ https://t.co/ShG2c5As1K ⁂ ex-Google ⁂ he/himPavel Yosifovich @zodiacon
12K Followers 939 Following Developer, trainer, author and (sometimes) speaker. Founder at @trainsec academy.Will Dormann @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. @[email protected]Alex Plaskett @alexjplaskett
9K Followers 590 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Tweets about 0day, OS, mobile and embedded security.Xeno Kovah @XenoKovah
12K Followers 75 Following Interested in reverse engineering, firmware, bluetooth, trusted computing, and training. Founder of OpenSecurityTraining2 https://t.co/slK2fsMRwUϻг_ϻε @steventseeley
21K Followers 519 Following Hermetic Initiate. Exploring conscience and the nature of reality. I also hack things. @[email protected]Stephen Sims @Steph3nSims
20K Followers 601 Following Perpetual Student | SANS Fellow | Musician | Braggart Hater | Gray Hat Hacking | VR | 🏂 | d3adc0de | oNLyHaCKeRs | https://t.co/CadJehomsUGareth Heyes \u2028 @garethheyes
32K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5sz @0x00critical
12 Followers 134 Followingtester @xxtesterxx
1 Followers 246 FollowingbdZ7c @rehcsat
0 Followers 21 FollowingChungus Bungus @Syedjunaid6119
1 Followers 179 FollowingZiv Dayan @dayan_ziv
19 Followers 310 FollowingMark @marks1024
2 Followers 93 Followingmunrpa @munrpa
49 Followers 415 Followingsink0Rswim @laceandload
111 Followers 2K FollowingPrint3M @Print3M_
26 Followers 42 Following Security Research (rather useless) & Programming. Proud father of https://t.co/BEDG5EUCGz Blog: https://t.co/leKJGz7MGuChuck Milich - @cmili.. @cmilich
354 Followers 3K Following Collector of Infosec Droplets / Pot StirrerA3391gent @a3391gent
1 Followers 99 Followingyair zak @zak_yair
5 Followers 185 FollowingPatrycja🇵🇱🇺�.. @PatrycjaMleko
109 Followers 376 Followingsomeone @someone56293152
0 Followers 73 FollowingMatan Alfasi @matanalfasi
23 Followers 51 Following build things also break things sometimes both atstTomek @Tomek98208054
87 Followers 233 Followingcyberafricano @g0nzal1
41 Followers 397 Following noob pentester , working to find my first valid bug. netwroking student #hacking #pentestercrazyman @crazyman823886
338 Followers 649 Following CTFer / APT hunter / RedTeam / BlueTeam the member of @r3kapig the leader of @ShadowChasing1 CVE-2022-30190 find job opportunities pre account @CrazymanArmyCaio Joca @caio_joca
1 Followers 25 FollowingTheo @theokwebb
57 Followers 129 FollowingSayNoToAC @no_to9007
24 Followers 109 FollowingEdward Snowden @BeddiafMohammed
42 Followers 745 Following I have no special talents,i'm only passionately curious,and all that is because i'm muslimnano_sumoy @NSumoy41392
1 Followers 252 Followingreadonly @readonl29694112
0 Followers 67 FollowingLukasz Jachowicz @ljachowicz
1K Followers 437 Following cybersecurity guy || former member of IT Council - Ministry for IT || podcaster || https://t.co/RET3Z3Mdlm || https://t.co/7kqoQahqjrJonatan @jlalop
60 Followers 2K FollowingEdwin Thong @edwin_k_l
4 Followers 112 FollowingSam Suri @fing3rpr1nt
37 Followers 289 Following ~Privacy Researcher~, currently focused on offensive privacy, tweets are my own and don't reflect fruitNoah Bowling @supple_genius
17 Followers 274 FollowingExploit505 @Exploit505
86 Followers 741 Following #Cybersecurity Entrepreneur from #Nicaragua | https://t.co/t573kyGIMULaisvis Lingvevicius @laisvisl
8 Followers 195 FollowingDalton @0ptyxx
20 Followers 83 Following husband | father | software engineer & amateur vulnerability researcherMohammad Amin @P3trichore
22 Followers 723 FollowingMard @0xMard
122 Followers 386 Following 🇰🇷 Half-Drunk Security Researcher | Kernel / Hypervisor / Parallelism / OSdev | Hyde Lab | Profile by @ChineseSwat |\x90909090 @Another0x90
0 Followers 284 FollowingYarden Shafir @yarden_shafir
19K Followers 271 Following A circus artist with a visual studio licenseZero Day Initiative @thezdi
77K Followers 17 Following Trend Micro’s Zero Day Initiative (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.lcamtuf (@lcamtuf@inf.. @lcamtuf
35K Followers 494 Following Homepage: https://t.co/iFAXZxCO5H Substack: https://t.co/yFvmNisGW3Halvar Flake @halvarflake
44K Followers 3K Following I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected] At the moment, for noone.Saar Amar @AmarSaar
18K Followers 362 Following Reversing, exploits, {Windows, Hyper-V, *OS} internals, mitigations. Apple SEAR. Opinions are my own. @[email protected]hasherezade @hasherezade
84K Followers 845 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)b33f | 🇺🇦✊ @FuzzySec
32K Followers 844 Following 意志 / Antiquarian @ IBM Adversary Services / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabsmdowd @mdowd
32K Followers 744 Following Internet Hacker. Founder of @vigilant_labs. Previously, co-founder of Azimuth Security (now L3Harris Trenchant)Gynvael Coldwind @gynvael
38K Followers 1K Following security researcher/programmer/director @ HexArcana Cybersecurity GmbH ⁂ @pagedout_zine ⁂ @DragonSectorCTF ⁂ https://t.co/ShG2c5As1K ⁂ ex-Google ⁂ he/himXeno Kovah @XenoKovah
12K Followers 75 Following Interested in reverse engineering, firmware, bluetooth, trusted computing, and training. Founder of OpenSecurityTraining2 https://t.co/slK2fsMRwUϻг_ϻε @steventseeley
21K Followers 519 Following Hermetic Initiate. Exploring conscience and the nature of reality. I also hack things. @[email protected]Alisa Esage Шевч�.. @alisaesage
35K Followers 142 Following Independent hacker, solo winner Pwn2Own • Building my system of power knowledge @zerodaytrainingHaifei Li @HaifeiLi
7K Followers 151 Following For contact in the security community. NOTE: All the tweets are totally my personal opinions, not about any of my current employer stuff.Richard Johnson @richinseattle
16K Followers 3K Following Computer Security, Reverse Engineering, and Fuzzing; Training & Publications @ https://t.co/mloVP6rPB7; hacking the planet since 1995; Undercurrents BOFHMaddie Stone @maddiestone
64K Followers 847 Following Security Researcher - Google's Threat Analysis Group | 0days all day. Love all things bytes, assembly, and glitter. she/her.offensivecon @offensive_con
21K Followers 1 Following OffensiveCon is a highly technical international security conference focused on offensive security only. Organized by @bluefrostsec @offensivecon.bsky.socialIvan Fratric 💙💛 @ifsecure
17K Followers 192 Following Security researcher at Google Project Zero. Tweets are my own. Backup @[email protected]Citizen Lab @citizenlab
122K Followers 1K Following Research & development at the intersection of cyberspace, global security & human rights. Munk School of Global Affairs & Public Policy, University of TorontoDiane Dubois @0xdidu
2K Followers 417 Following Senior Security Engineer @Google (opinions expressed here are my own). Vulnerability research on systems is my favorite playground. Windows enthusiast. She/herCan Bölük @_can1357
7K Followers 238 Following Security research | Reverse engineering | Static analysis | Deobfuscation | Windows kernel.Guang Gong @oldfresher
4K Followers 254 Followingicchy @t0nk42
2K Followers 153 Following CTF @TokyoWesterns (founder/captain), ja: @icchyr, Opinions are my own. @[email protected]Celeste A. Seberras @har00ga
4K Followers 154 Following web3 technical content strategist && founder @0xPeithos. greyhat, #FOSS && #privacy advocate, cryptoanarchist. ☆ @torproject @prylabs @protocollabs @ParityTechFaith @farazsth98
3K Followers 307 Following Security Engineer @zellic_io, Independent Vulnerability Researcher, CTF pwn+blockchain @SuperGuesser, Prev: Android Vulnerability Research @dfsec_comTimo Hirvonen @TimoHirvonen
5K Followers 864 Following Offensive security researcher. Enjoys breaking electronic locks, coldbooting laptops, and playing AC/DC on printers. Pwn2Own winner (Austin 2021).Adam Doupé @adamdoupe
5K Followers 1K Following Former DEF CON CTF organizer. Associate Professor @ASU. Web, system, and network security. Loves CTFs. Hacks w/ @shellphish. Hosts @ctfradiooo. Open DMs.Robert Xiao @nneonneo
4K Followers 209 Following Assistant Professor at @UBC_CS; CTF player with PPP @PlaidCTF; electronics, hardware, software, HCI, securityThuan Pham @thuanpv_
2K Followers 876 Following Senior Lecturer in Cyber Secutity at @UniMelb & ARC DECRA Fellow. Prev @MonashInfotech & @NUSComputing. (Fuzz) Testing enthusiast. Tweets are my own.[email protected] @domenuk
4K Followers 503 Following 【DΞCOMPILΞ NΣVΞR】 Connectivity & Baseband Security @aflplusplus @enoflag @google (opinions my own)Tim Strazzere @timstrazz
8K Followers 362 Following Mobile, Drone & (automated) Vehicle Security Researcher and Malware Analyst, Tweets are my own not my employersMarcel Böhme👨�.. @mboehme_
5K Followers 977 Following Software Security @maxplanckpress (#MPI_SP), PhD @NUSComputing, Dipl.-Inf. @TUDresden_de Research Group: https://t.co/BRnFNNgynBPietro Borrello @borrello_pietro
3K Followers 602 Following Security Researcher | PhD Alumn at @SapienzaRoma | Pwner at @TheRomanXpl0it and @mhackeroni | https://t.co/g77o9OjdjfAndrea Fioraldi @andreafioraldi
3K Followers 583 Following Cyber Response Italian Supercazzola Technology Officer at @mhackeroni Inc. Writing your favourite fuzz testing tools with @aflplusplus. Security research at .Yoav Alon @yoavalon
2K Followers 323 Following CTO @orcasec | I tweet about fuzzing, bugs, and all that security jazz@[email protected] �.. @_msw_
13K Followers 5K Following Socio-technical Systems Engineer at Amazon | Free and Open Source Advocate | he/him/they/them | Opinions: my own | https://t.co/qdvk841QfrSteve Syfuhs @SteveSyfuhs
17K Followers 2K Following Windows and Authentication at Microsoft. Developer. Mostly dog pictures. Might actually be two dogs in a trench coat. 🇺🇸 / 🇨🇦 @syfuhs.net on blue skyCybergibbons 🚲🚲.. @cybergibbons
49K Followers 3K Following Head of hardware. IoT hacker. Alpha Male.Andy Nguyen @theflow0
55K Followers 434 Following The opinions stated here are my own, not those of my company.Connor McGarr @33y0re
9K Followers 93 Following Software Engineer, Endpoint Protection (EPP) @CrowdStrike | Exploit Development and Vulnerability ResearchBryan Alexander @dronesec
2K Followers 342 Following researcher. exploit dev. hacking @ stripe [email protected]Layle @layle_ctf
6K Followers 550 Following gen-z reverse engineer & exploit-dev • "embrace the c(ake)make" • shitposter • windows internals crackhead that likes llvm, kernel dev and ctfs @0rganizersJohnathan Norman @spoofyroot
4K Followers 334 Following Security research and engineering lead at @microsoft. Don't feel welcome here. Moved to mastodon: https://t.co/YfJkktByFvNasko Oskov @nasko
3K Followers 1K Following Security geek with his own views and opinions. Hacking on Chromium to make it more secure, increasing the cost for attackers. @[email protected]Shane Huntley @ShaneHuntley
17K Followers 988 Following 🇦🇺 Google's Threat Analysis Group. Pwnie award winner. Tweets are my own.Paweł Srokosz @_psrok1
988 Followers 283 Following Security researcher | Malware analyst at @CERT_Polska_en | @p4_team memberPawel Wylecial @h0wlu
4K Followers 1K Following 🛡️@redteampl Co-founder 🦉@BlackOwlSec Founder 🧜♀️@WarConPL Co-founder 👨🔬Security Research 🕵️Application | Blockchain | Smart Contract SecuritySinaei @Intel80x86
7K Followers 357 Following Windows Internals enthusiast, Interested in microarchitecture and low-level programming. A developer of @HyperDbg Debugger. DMs open... https://t.co/4DCPew9veXMitja Kolsek @mkolsek
4K Followers 621 Following CEO of ACROS Security; Co-founder of 0patch (https://t.co/XQ9EYMooOv) Mastodon: @[email protected]Brad Spengler @spendergrsec
3K Followers 4 Following President of @opensrcsec, developer of @grsecurity Personal accountGal Z @0xgalz
7K Followers 427 Following Security Researcher. Reverse Engineering 💙 Vulnerability Research 💜 Embedded 🤖 C++🤩 OS Internals 🤍 Sewing🧵 Classical Music🎼 Opinions are my own.domas @xoreaxeaxeax
9K Followers 74 Following // hacker math & stuff // M/o/Vfuscator // sandsifter // project:rosenbridge // ..cantor.dust.. // REpsych // the memory sinkhole // nightshyft //Satoshi Tanda @standa_t
7K Followers 358 Following Engineer & Trainer. My DM is open. https://t.co/hqylaDLtNvRichard Zhu @RZ_fluorescence
6K Followers 31 FollowingThe recording of our "A Brief History of iMessage Exploitation" talk can now be found here: youtu.be/lIlg1MpEL8o Thanks @BlueHatIL for the great conference!
CTF is over! Congrats to @p4_team, Tasteless & @DragonSectorCTF! Thanks everyone for participating @1ns0mn1h4ck #INS22! Here's the final scoreboard of the CTF.
My new role: v8 security \o/
I'm excited (and also a little sad) to announce that after 3 fantastic years with Project Zero, it's time for me to try something new. So starting this month, I'll be building up and leading a new V8 security team at Google!
And I'm even more excited that @_tsuro is joining this new team as well! \o/
I'm excited (and also a little sad) to announce that after 3 fantastic years with Project Zero, it's time for me to try something new. So starting this month, I'll be building up and leading a new V8 security team at Google!
Made some pączki.
Here are the slides from the talk "Hyntrospect: a fuzzer for Hyper-V devices" I presented at @BlueHatIL github.com/0xdidu/Present… Recording coming soon.
I stumbled upon a fun heap overflow in Github's markdown rendering library. RCE via a malicious README 🤔 Demonstrates the risk of memory unsafe dependencies used by scripting languages. github.com/github/cmark-g…
Today was my last day. Spent the entire day meeting folks and mostly saying good byes (I gave notice a while ago so everything project-related was already properly transferred). While it was an overall sad day, I am super thrilled that I'm starting monday at Google!
Together with @p4_team we've donated our winnings from Russian CTFs to humanitarian aid towards 🇺🇦#Ukraine! $3,000 from each team which we'll match from our #PolandCanIntoSpace winnings. $12,000 in total for @PAH_org. #NoToWar 🇺🇦🇵🇱 #CTFforUA siepomaga.pl/ctfforua
Just back from @offensive_con, so here's the slides I promised everyone who asked 😁 github.com/tyranid/infose…
New blog post: Zooming in on Zero-click exploits googleprojectzero.blogspot.com//2022/01/zoomi…
2021 was a wild year for 0-day exploitation detection. 2021 was also full of Google Project Zero & TAG publishing lots of good (in my biased opinion) stuff on 0-day exploits. 🧵ICYMI here they are: #itw0days
While researching C++/STL reverse engineering, I collected a list every MSVC CRT version I could find on github: github.com/RolfRolles/Mis… It helps you narrow down the compiler version from the disassembly, which lets you see code for a version of the STL close to your binary's.
So stinkin excited! I'll see y'all @offensive_con to share about the record number of 0-days detected as in-the-wild in 2021 💥
Real World 0-days: A Year-in-Review of 0-day Exploits Used In-the-Wild in 2021 by @maddiestone offensivecon.org/speakers/2022/…
Together with our friends - the amazing @p4_team - we've scored another🥈as 🇵🇱Poland Can Into Space🚀 at Hack-A-Sat 2021 (@hack_a_sat)! Congratz to @solarwine_ctf for winning the competition and to @dicegangctf for the third place! #satellitehacking #ctf #nexttimeez1stplace
Second year in a row @p4_team and @DragonSectorCTF have joined forces as the Poland Can Into Space team to conquer space 🇵🇱 🚀 🌌 and once again we have finished 🥈 in a space security @hack_a_sat competition! Congrats to 🥇 @solarwine_ctf and 🥉@dicegangctf. #zawszedrudzy
Second year in a row @p4_team and @DragonSectorCTF have joined forces as the Poland Can Into Space team to conquer space 🇵🇱 🚀 🌌 and once again we have finished 🥈 in a space security @hack_a_sat competition! Congrats to 🥇 @solarwine_ctf and 🥉@dicegangctf. #zawszedrudzy
This is a major memory corruption flaw in NSS, almost any use of NSS is affected. The Mozilla advisory is here mozilla.org/en-US/security…
nss: memory corruption validating dsa/rsa-pss signatures bugs.chromium.org/p/project-zero…
What did the printer say when it saw @TimoHirvonen and @dark_k3y? Oh sheet! Read how the @FSecureLabs Red Team is Printing off the land by printing their own shellz - labs.f-secure.com/publications/p… CVE-2021-39237 (labs.f-secure.com/advisories/hp-…) & CVE-2021-39238 (labs.f-secure.com/advisories/hp-…)
I spent the last 10 days in Alaska & it was positively stunning...& really really cold (-34F). I tried ice fishing, dog sledding, & snowshoeing, & got to see the Aurora 3 times! Some moose even said hi too! Alaska is magic ✨ Also learned how to layer 3 leggings at once...