sigabrt @sigabrt9
Joined July 2018-
Tweets73
-
Followers132
-
Following370
-
Likes247
Team member @sigabrt9 describes a fuzzing methodology he used to find a heap overflow in a public @yeswehack bug bounty program for Gnome: offsec.almond.consulting/using-aflplusp…
Got root, what now? Practical post-exploitation steps on an F5 Big-IP appliance, by team members @lowercase_drm and @myst404_ offsec.almond.consulting/post-exploitin…
Understanding the different types of LDAP authentication methods is fundamental to apprehend subjects such as relay attacks or countermeasures. This post by @lowercase_drm introduces them through the lens of Python libraries. offsec.almond.consulting/ldap-authentic…
Stream is up, début des hostilités à 21h ! ;) twitch.tv/thelaluka
Stream is up, début des hostilités à 21h ! ;) twitch.tv/thelaluka
Heyo ! 🧙♂️ Prochain stream Mardi 6 Juin à 21h en compagnie de @sigabrt9 (et peut être @voydstack ? 🧐) ! 🔥 Au programme : - Shell in the Ghost | Polishing the CVE-2023-28879 - Google DistroLess 101 | PoC with GoLang & AutoHeal See you soon ! 😎🛠️ twitch.tv/thelaluka
My new blog “Smash PostScript Interpreters Using a Syntax-Aware Fuzzer” zscaler.com/blogs/security…, the findings include 3 vulnerabilities in Acrobat Distiller and 1 vulnerability in Apple’s PSNormalizer. It’s inspired from @steventseeley 's previous Postscript research.
Ghostscript RCE CVE-2023-28879 can impact many applications processing images and PDF files. Discovery and exploitation write-up by team member @sigabrt9 : offsec.almond.consulting/ghostscript-cv…
a33870d19a4b90c3ac3f07de8a7e74ec1dd03d1e23da93edc334d5d819c5f9c8
Curious about exploiting VMs or memory bugs in a safe language? Read my new blog post, where I attack Firecracker, AWS' VMM written in Rust. Learn about the various layers of virtualization + the attack surface, and how design decisions impact security. graplsecurity.com/post/attacking…
Introduction to VirtualBox security research blog.doyensec.com/2022/04/26/vbo…
Protocol handlers are such an under-researched area. I don’t think people realize how many custom applications create protocol handlers on installation
Celebrating #Pwn2Own 2022 week (@thezdi) with a long-overdue writeup of how we successfully exploited a wild (unbounded) memcpy for a guest-to-host virtualization breakout of Parallels at last year's competition: blog.ret2.io/2022/05/19/pwn…
Earn $200K by fuzzing for a weekend: Part 1 by @addisoncrump_ko secret.club/2022/05/11/fuz…
Linux kernel adventures continue. Here's part 2 "Learning Linux kernel exploitation". Took me way longer than expected to work through all the details... How many layers of indirection do one need? The answer is all of them! 0x434b.dev/learning-linux…
No PKINIT? No problem! Thanks to team members Yannick and @lowercase_drm, you now have a way to (ab)use your ill-earned ADCS certificates even when domain controllers do not support PKINIT offsec.almond.consulting/authenticating…
Wrote an article about #fuzzing the Linux kernel network stack externally with #syzkaller. The article covers: 🧰 Introduction to syzkaller 💉 Using TUN/TAP for packet injection 👽 Integrating TUN/TAP via pseudo-syscalls 🏆 Showcases of found bugs xairy.io/articles/syzka…
Bypassing LDAP Channel Binding with StartTLS, by @lowercase_drm: offsec.almond.consulting/bypassing-ldap…
Today I am releasing the final post of a 3 part series on “modern” browser exploitation targeting Windows. In this post we port our exploit primitives to Edge itself & combine 12 ROP chains in order to defeat ACG, CIG, DEP, ASLR, CFG, "no child processes" connormcgarr.github.io/type-confusion…
@saerxcit implemented some recent AD attacks into LDAP relays - for hardened environments where usual techniques are not working, and wrote about why and when to use them: offsec.almond.consulting/ldap-relays-fo…
Our writeup showing the 0-day we used to escape the linux kvmtools hypervisor to solve the @hxpctf CTF challange indie_vmm! kalmarunionen.dk/writeups/2021/… by @alexanderkrog @viktoredstrom @N00byEdge
Roxanne Patterson @RoxannePat88157
4 Followers 172 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/zpsOhZhyVQ
jim buckly @jim_buckly
9 Followers 312 Following
Davy @davyrogersuk
28 Followers 292 Following
🍜🥢 @slavos1a
1 Followers 481 Following
Brumens @Brumens2
2K Followers 500 Following @yeswehack employee 🪖 | Bug Bounty hunter🐝 & coffee lover ☕ I'm a big fan of breaking into all sorts of things 🌐
pwnii @pwnwithlove
3K Followers 413 Following bug bounty lover, breaking stuff on @yeswehack & worldcuping 🇫🇷 at @Hacker0x01 || organizer of @esnhack, trying to keep hacking underground || CVE-2023-44352
asdsadadasdasdadasd @Kavsson
12 Followers 436 Following
Nicolas Grégoire @Agarri_FR
27K Followers 630 Following Web hacker and Burp Suite Pro trainer Refer to https://t.co/D5tRH7U2hg for trainings Follow @MasteringBurp for free tips and tricks
Geluchat @Geluchat
4K Followers 980 Following Baptiste Devigne | Bug Bounty Hunter | Most Impactful Team H1-0131 (AWS) | Eradicator H1-6102 (Salesforce)
Anne-Laure Ehresmann @alehresmann
63 Followers 527 Following graph theory, crypto, tolkien, tea, languages ! Security Analyst at YesWeHack
br1p4v3s1 @br1p4v3s1
108 Followers 209 Following Red Teamer || Pentester || Bug Hunter || Ethical Hacker || Vulnerability Researcher https://t.co/f9Tofp29B8
b1ue0cean @b1ue0cean7
1K Followers 722 Following Baby sec researcher|@r3kapig; @Fuzhou_Uni Bachelor|@AarhusUni_int Master; SFT SEC & AI SP; Looking for a PHD position in 2027 spring
Mat @eferus_
7 Followers 345 Following
Thomas Rinsma @thomasrinsma
1K Followers 314 Following Looking for strange loops and weird machines. Lead security analyst @CodeanIO.
Romern @Romerrn
24 Followers 281 Following
MH @MorpheusH3x
648 Followers 5K Following baby reverser, @esnhack, @securinsa, student @ ESNA • CTF @ret2school_fr • @infosec.exchange
Phishing Radar @PointerRadar
154 Followers 2K Following Linux | Ethical Hacker | Security Enthusiast | Python | Bug Hunter | sushi lover | 🍣 👾 🤖 🇨🇴
maxpl0it @maxpl0it
9K Followers 869 Following Principal Vulnerability Researcher at @InterruptLabs. Occasional Pwn2Owner
Alan Goodman @YesCompSols
86 Followers 220 Following Self employed computer technician in Leicestershire.
makelaris @makelariss
1K Followers 3K Following I breathe content. 🏴 CTF Technical Manager @hackthebox_eu. Opinions are my own. he/him
crazyman_army @CrazymanArmy
6K Followers 3K Following CTFer / APT hunter / RedTeam / BlueTeam the member of @r3kapig the leader of @ShadowChasing1 CVE-2022-30190 find job opportunities opinions are own not group
25kGoldn @25kgoldn
52 Followers 652 Following
Florent Autreau @ZeNetPlumber
160 Followers 539 Following also available on mastodon @[email protected]
Jens Müller @jensvoid
1K Followers 222 Following Hack the Planet! On a #yolo trip around the word during a pandemic. Involved in https://t.co/UATbdfU5vH, #efail, #pdfex. Raw tech. No chit-chat.
Baptiste M. @Creased_
1K Followers 338 Following #RE #Pwn #FPV ~ Learning is endless ~ 🇫🇷 ~ @Synacktiv @AperiKube
Kxjr Vde @Hugo_Sab
93 Followers 598 Following Wannabe Hacker at @OrangeCyberdef | Passionate of CTF & Chess
Airbus Security Lab @AirbusSecLab
2K Followers 9 Following
truff @truffzor
292 Followers 507 Following
Chocapikk 🤘🏻 @Chocapikk_
3K Followers 264 Following Pentester. Exploit Dev. CVEs for fun 🇫🇷 Security Researcher & Software Developer @leak_ix ☁️ (soon) Views are my own 🧠
bebiks @bebiksior
3K Followers 486 Following breaking stuff and developing plugins part-time at @CaidoIO
Icare @Icare1337
2K Followers 621 Following Pentester at Thales DIS | OSCP | Bug Bounty Hunter | Researcher | Ethical Hacker | Honoring my father, a hacker of the early days | ckj0756 | Icare
0xTen @_0xTen
1K Followers 843 Following android/linux kernel @vigilant_labs • prev blockchain @osec_io • ctf/pwn @cor_ctf + @eltctfbr
Piotr Bazydło @chudyPB
4K Followers 307 Following Principal Vulnerability Researcher at watchTowr | Previously: Zero Day Initiative | @[email protected]
V8 @v8js
66K Followers 51 Following Please visit https://t.co/7ryiF5kpXm! This account for Google’s high-performance open source JavaScript and WebAssembly engine is now inactive.
pspaul @pspaul95
1K Followers 851 Following source code connoisseur @Sonar_Research | CTF @FluxFingers | @[email protected]
VMRay @vmray
4K Followers 2K Following Sandboxing reinvented for the threats of today - and tomorrow. | Imprint: https://t.co/yZtPfo2ySF
Sicarius @ElS1carius
2K Followers 259 Following Pentester, Web specialized 🪲 Top 30 YesWeHack https://t.co/bJ2s5TWqYf Check my website if you're bored https://t.co/tdzCTEUbuO :)
claddagh🇨🇵 🏴... @c14dd49h
338 Followers 867 Following Trust, but verify | Stop killing children in Palestine 🇵🇸
Brumens @Brumens2
2K Followers 500 Following @yeswehack employee 🪖 | Bug Bounty hunter🐝 & coffee lover ☕ I'm a big fan of breaking into all sorts of things 🌐
pwnii @pwnwithlove
3K Followers 413 Following bug bounty lover, breaking stuff on @yeswehack & worldcuping 🇫🇷 at @Hacker0x01 || organizer of @esnhack, trying to keep hacking underground || CVE-2023-44352
TheZDIBugs @TheZDIBugs
5K Followers 2 Following Checks for high severity, 0day, or Pwn2Own related advisories published by @thezdi
G. Geshev @munmap
4K Followers 360 Following Skating fraud and bug preservationist. Shell smuggling business in the past. I once had a Pwnie. Bon pour l'Orient. New(er) Labour.
PortSwigger Research @PortSwiggerRes
111K Followers 7 Following Web security research from the team at @PortSwigger
Thomas Rinsma @thomasrinsma
1K Followers 314 Following Looking for strange loops and weird machines. Lead security analyst @CodeanIO.
1377 High-yield Nukes @buptsb
2K Followers 1K Following
Xion @0x10n
4K Followers 123 Following CMU CSD PhD student / 2024 Top#0 Chrome Researcher / P2O Vancouver '24, TyphoonPWN '24/'25, DEFCON CTF 31-33, ... / PPP, KAIST GoN '18, @zer0pts
REverse_Tactics @Reverse_Tactics
795 Followers 2 Following Software reverse engineering & vulnerability discovery company.
exploits.club @exploitsclub
2K Followers 110 Following A VR, RE, and Exploit Dev weekly newsletter | Join the club Contact: [email protected]
huntr @huntr_ai
7K Followers 45 Following huntr provides a single place for security researchers to submit vulns, to ensure the security and stability of AI/ML applications on OSS.
Étienne Ducharme @b13bs_
50 Followers 326 Following Information security enthusiast Pentester @ OKIOK
jvoisin @dustriorg
961 Followers 0 Following This account is inactive, use the following instead: - https://t.co/V1HC4hS2oJ - https://t.co/8xth5l1Rn8 - https://t.co/BPuGer3Owz
Low Level @LowLevelTweets
39K Followers 1K Following 🛠 senior security engineer @ bigcorp 🧙♂️ offensive security specialist 🏴☠️ hacker 📸 internet person: teaches hacking and security at https://t.co/WmlAkKGCmc
LaurieWired @lauriewired
98K Followers 292 Following researcher @google; serial complexity unpacker; https://t.co/Vl1seeNgYK ex @ msft & aerospace
H1 Disclosed - Public... @h1Disclosed
10K Followers 1 Following User friendly unofficial HackerOne public disclosures, keeps you updated about the recently disclosed bugs. Made With ♥ By Hackers For Hackers. - @rohsec
Tomtombinary @tomtombinary
1K Followers 102 Following CTF reverser and Pwn at team Aperi'Kube. Security researcher @Synacktiv. What we do in life... echoes in eternity.
Christopher @Kharosx0
3K Followers 2K Following Founder @signal_labs : https://t.co/8grJlb5jwZ 🇦🇺 Vulnerability researcher (MORSE) @Microsoft Discord: Kharosx0
DARKNAVY @DarkNavyOrg
2K Followers 50 Following Cybersecurity enthusiasts from DARKNAVY. Achieve, Analyze, Attack *Oops.
ttt @tchght
286 Followers 305 Following
Caido @CaidoIO
9K Followers 33 Following
Low Byte Productions @lowbyteprod
3K Followers 1 Following In depth, low level videos by @fstokesman
Stephen Sims @Steph3nSims
24K Followers 832 Following Perpetual Student | SANS Fellow | Musician | Braggart Hater | Gray Hat Hacking | VR | 🏂 | deadcode | https://t.co/CadJehomsU
Worty @_Worty
3K Followers 555 Following Organizer of @HeroCTF || ctf w/ @FlatNetworkOrg || TeamFR 2021, 2022 & 2025 🇫🇷 || 🥷 @Synacktiv
Michal Melewski @carste1n
3K Followers 343 Following Security Engineer @ Somewhere ex-Google, ex-Cloudflare I use bad software and bad machines for the wrong things. My writing: https://t.co/Z7uucr5BYW
Linux Kernel Security @linkersec
9K Followers 0 Following Links related to Linux kernel security and exploitation. Maintained by @andreyknvl and @a13xp0p0v. Also on https://t.co/GVE11dpBb8 and https://t.co/YpxPWXnA6Z.Trends for United States
You might like
