Pawel Wieczorkiewicz @wipawel
Low Level Security: CPUs, Kernels, Hypervisors and the like. I mostly break stuff. Offensive side of things. grsecurity.net Oława gmina, Polska Joined January 2013-
Tweets978
-
Followers1K
-
Following380
-
Likes2K
I don’t understand what’s the fuss about. This looks like old news to me. I exploited hypervisors using this technique back in 2018/2019. Just use @grsecurity KERNSEAL and forget about this kind of problems.
I don’t understand what’s the fuss about. This looks like old news to me. I exploited hypervisors using this technique back in 2018/2019. Just use @grsecurity KERNSEAL and forget about this kind of problems.
0
0
3
2K
2
Download Image
I really enjoy reading about all the hidden little gems that Macs from the ‘90s had. Good times.
I really enjoy reading about all the hidden little gems that Macs from the ‘90s had. Good times.
Pawel Wieczorkiewicz retweeted
Vulnerability introduced into the upstream 5.15 and 6.6 LTS (and maybe others), another instance of turning mitigations into no-ops :\
Pawel Wieczorkiewicz retweeted
Another small demo, using the gadget from download.vusec.net/papers/halfspe… I revert the upstream 2023 fix and show Respectre handling the half Spectre gadget:
Pawel Wieczorkiewicz retweeted
IEEE SecDev 2025 @ieeesecdev (Practitioner Session) CFP is open until May 30th. This is the ideal mix between academic and industry session, with very short paper lenght requirements (2 pages) and a very pragmatic commitee. Work in progress projects and idea discussions are…
Pawel Wieczorkiewicz retweeted
So, what is Intel CSME full hack (without any recovery possibility) - it is manual calculation of Chipset Key
Pawel Wieczorkiewicz retweeted
Our critical analysis of Intel CSME security architecture
Our critical analysis of Intel CSME security architecture
Pawel Wieczorkiewicz retweeted
We are looking for a PhD student intern this summer to research optimal heuristics for a new feature of ours that provides finer-grained, context-aware control over fragmentation in the Linux buddy allocator. Fully remote, please email hiring@ if interested.
Pawel Wieczorkiewicz retweeted
You can now jailbreak your AMD CPU! 🔥We've just released a full microcode toolchain, with source code and tutorials. bughunters.google.com/blog/542484235…
Proactively backporting bugs to be able to apply a fix. That’s Engineering with a capital E.
Proactively backporting bugs to be able to apply a fix. That’s Engineering with a capital E.
Pawel Wieczorkiewicz retweeted
So reachable WARNs get auto-CVE'd by the Linux CNA purely from the possibility of panic_on_warn, a reachable BUG() reported by a researcher needs an essay on threat models before anyone does anything with it. 🤔
Pawel Wieczorkiewicz retweeted
Blog post I wrote about an unexpectedly vulnerability we discovered in the TCP subsystem of the Linux kernel. This one is interesting because it can lead to a UAF even with the reference counter saturation mechanism present. I hope you enjoy it.
Blog post I wrote about an unexpectedly vulnerability we discovered in the TCP subsystem of the Linux kernel. This one is interesting because it can lead to a UAF even with the reference counter saturation mechanism present. I hope you enjoy it.
Pawel Wieczorkiewicz retweeted
github.com/google/securit… Our newest research project is finally public! We can load malicious microcode on Zen1-Zen4 CPUs!
An excellent undocumented instruction chase story. Must have been a lot of fun.
An excellent undocumented instruction chase story. Must have been a lot of fun.
Pawel Wieczorkiewicz retweeted
Analyzing and Exploiting Branch Mispredictions in Microcode arxiv.org/abs/2501.12890
Pawel Wieczorkiewicz retweeted
welp, it looks like an OEM leaked the patch for "AMD Microcode Signature Verification Vulnerability" 🔥 The patch is not in linux-firmware, so this is the only patch available😡
Pawel Wieczorkiewicz retweeted
Ticket shop is live. offensivecon.org/register.html
As usual I had a blast at @h2hconference. Thank you for having me. Slides for my talk are available now👇
As usual I had a blast at @h2hconference. Thank you for having me. Slides for my talk are available now👇
Pawel Wieczorkiewicz retweeted
Back in @h2hconference last week, @pwningsystems and me presented this tool we've been working on (with Artem) we now call "🐧 Kernel Explorer". It's still early on, I'll work on FF and a11y next! storage.googleapis.com/kernelctf-dash… storage.googleapis.com/kernelctf-dash… Code is github.com/google/securit…
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
Brendan Dolan-Gavitt @moyix
30K Followers 6K Following Building offsec agents: https://t.co/G9EtnC2Gl3 PGP https://t.co/3WXr0RfRkv
Halvar Flake @halvarflake
44K Followers 3K Following Choose disfavour where obedience does not bring honour. I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected]
Rodrigo Branco @bsdaemon
13K Followers 4K Following Chief Architect, Security Research Binarly. Grsecurity. BYOS - Advisor Dartmouth's Hacker in Residence OffensiveCon, Langsec, DistrictCon, Secdev Committee
Richard Johnson @richinseattle
18K Followers 3K Following Computer Security, Reverse Engineering, and Fuzzing; Training & Publications @ https://t.co/mloVP6rPB7; hacking the planet since 1995; Undercurrents BOFH
kylebot @ky1ebot
6K Followers 319 Following CTF player @Shellphish | PhD Student @ASU | @angrdothorse dev | Author of how2heap | Vulnerability Research Hobbyist | @[email protected]
mdowd @mdowd
32K Followers 747 Following Internet Hacker. Founder of @vigilant_labs. Previously, co-founder of Azimuth Security (now L3Harris Trenchant)
Andrey Konovalov @andreyknvl
7K Followers 783 Following Security engineer at https://t.co/027VXUlgOx. Focusing on the Linux kernel. Maintaining @linkersec. Trainings at https://t.co/D5MrxmYimS.
David Weston (DWIZZZL... @dwizzzleMSFT
25K Followers 2K Following Corporate Vice President, OS Security and Enterprise @Microsoft
Jon Masters 🏴�... @jonmasters
15K Followers 7K Following Troublemaker | Computer Architect | @Arm Servers Architect @Google | Previously @RedHat, @Nuvia_Inc | Runner | Author | All views my own | #ArmServers
Andy Nguyen @theflow0
61K Followers 446 Following The opinions stated here are my own, not those of my company.
Matteo Rizzo @_MatteoRizzo
3K Followers 589 Following Security engineer, CTF player for @0rganizers. Mastodon: @[email protected]
Alex Ionescu @aionescu
47K Followers 2K Following Chief Technical Innovation Officer @crowdstrike. Windows Internals author and trainer. He/Him. RTs are not endorsements, opinions are my own.
Joxean Koret (@joxean... @matalaz
8K Followers 4K Following سمووحخ ̷̴̐ خ ̷̴̐ خ ̷̴̐ خ امارتيخ ̷̴̐ خ 巴斯克恐怖 జ్ఞffective.Power لُلُصّبُلُلصّبُررً ॣ ॣh ॣ ॣ 冗జ بٍٍٍٍََُُُِّّّْرٍٍٍٍََُُِِّّّْآٍٍٍَُّ🦠بٍٍٍٍََُُُِّّّْرٍٍٍٍََُُِ
Alex Matrosov @matrosov
19K Followers 2K Following 🔬Founder & CEO @Binarly_io, #codeXplorer, #efiXplorer, @REhints and "Rootkits and Bootkits" book. Previously worked at Nvidia, Cylance, Intel, ESET, Yandex.
Pietro Borrello @borrello_pietro
3K Followers 608 Following Security Researcher | PhD @SapienzaRoma | Pwner at @TheRomanXpl0it and @mhackeroni | https://t.co/g77o9Ojdjf | https://t.co/q5KZ4e8wkX
crazyman_army @CrazymanArmy
6K Followers 3K Following CTFer / APT hunter / RedTeam / BlueTeam the member of @r3kapig the leader of @ShadowChasing1 CVE-2022-30190 find job opportunities opinions are own not group
Daniel Gruss @lavados
9K Followers 529 Following #InfoSec University Professor @ #TUGraz. #meltdown, #spectre, #rowhammer, cache attacks, sustainable security. Produced a side channel security sitcom.
Travis Goodspeed @travisgoodspeed
26K Followers 4K Following Merchant of Dead Trees and Licensed Proselytizer of the Gospel of the Weird Machines with Pwnage, PoC, and Secular Rock.
Mohammed al-Ramadany @al_ramadan343
1 Followers 276 Following
hamid @1hamidr
102 Followers 1K Following How dare Mr Fox exploit the system that was stratified to exploit him?
Iruuidwof @Iruuidwof62509
22 Followers 1K Following
RTFM[ChOkO] @ChOkO088
1K Followers 4K Following RTFM - Red Team Freakin Maniacs CTF Team's co-founder. Zerg turtle user | BJJ & Chess n00b | OSCP
TheMCBGuy @TheMCBGuy
0 Followers 62 Following
Ignacio Encinas @ignacioencinas3
202 Followers 535 Following
Gad @catpipegrep
1 Followers 180 Following
avamander @Avamander
151 Followers 861 Following
João Felipe Rodrigue... @ohjoaofelipe
15 Followers 99 Following Defesa Cibernética 🖥️ Cyber Security 🖥️
SENTIMENT.BET @Yarpin5
519 Followers 6K Following where attention goes energy flows — https://t.co/VXxmSXOKLj https://t.co/nUCZdm27Nx
Allele Security Intel... @alleleintel
708 Followers 472 Following Allele Security Intelligence is an independent company specializing in Information Security research.
John @JohnathanAZ_
2 Followers 79 Following Contractor specializing in adversary simulation, threat emulation, and secure infrastructure design.
Naman Devnani @naman_devnani
418 Followers 7K Following Security Researcher | Purple Team | Bug Hunter | CTF Player | Science & Tech Enthusiast | R&D | All-Source Intelligence | CAP | DCSP | TTIA | BCDE | COL
Casandra @Balenciag4___
19 Followers 339 Following A favor de todo lo bueno y en contra de todo lo malo.
GizVault @GizzmoVault
12 Followers 40 Following Cyberpunk fanatic, GizVault fronted on X. Hardened Linux, FreeBSD, Unix, DAO
Elon Gliksberg @elongli
275 Followers 3K Following
Hawk @nullcoder_xd
283 Followers 5K Following 20| Here to explore; no business deals. Shit(re)poster
Santhosh Manohar @1sanimej
39 Followers 853 Following Distributed systems, Linux networking for containers, Linux firewall, network virtualization.
Twaljou @Twaljou717977
36 Followers 2K Following
Rustam @fadedonottrade
10 Followers 2K Following
jimmy morri @JimmyMorri89805
15 Followers 265 Following
Muhmmad Irfan @Muhmmad69953409
21 Followers 2K Following
Jesse Michael @jessemichael
1K Followers 1K Following
Aldo Fathoni @realfathonix
91 Followers 3K Following Software developer, retrocomputing and Unix enthusiast, computer hobbyist in general.
Illusion31 @Keshavan3107
15 Followers 3K Following Security Researcher | Bug Hunter | VAPT | Pentest | Red Teaming | Liverpool FC | CR7 |
Sough @sough22316
5 Followers 314 Following
bikeshedding with chi... @with_chine27038
0 Followers 62 Following
moshegreen @delightfum
6 Followers 202 Following
Philipp Giersfeld @grsfld
0 Followers 93 Following
Jing Kai Siow @xjkai92
12 Followers 379 Following
David McDonald @river_rat_504
9 Followers 269 Following Computer forensics researcher/developer, CS graduate student, and RE enthusiast.
loweralgebra @loweralgebra
4 Followers 146 Following
Kacper @Kylazath
61 Followers 1K Following
Acno @Unk_614
20 Followers 951 Following
TheZakMan @thezakman
315 Followers 2K Following Graphic Artist / CTF Player / ʁakɚɹ / Bug Hunter https://t.co/3Wk9WMb53N https://t.co/ob3ot9VgGa 𝓘 𝓟𝓮𝓮𝓹 𝓢𝓱𝓲𝓽
baubau @baubau36260175
1 Followers 232 Following
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
Brad Spengler @spendergrsec
4K Followers 4 Following President of @opensrcsec, developer of @grsecurity Personal account
Brendan Dolan-Gavitt @moyix
30K Followers 6K Following Building offsec agents: https://t.co/G9EtnC2Gl3 PGP https://t.co/3WXr0RfRkv
Halvar Flake @halvarflake
44K Followers 3K Following Choose disfavour where obedience does not bring honour. I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected]
Project Zero Bugs @ProjectZeroBugs
35K Followers 0 Following A bot that posts the latest blog posts and disclosures from Google's Project Zero
Alex Plaskett @alexjplaskett
12K Followers 571 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.
Rodrigo Branco @bsdaemon
13K Followers 4K Following Chief Architect, Security Research Binarly. Grsecurity. BYOS - Advisor Dartmouth's Hacker in Residence OffensiveCon, Langsec, DistrictCon, Secdev Committee
Richard Johnson @richinseattle
18K Followers 3K Following Computer Security, Reverse Engineering, and Fuzzing; Training & Publications @ https://t.co/mloVP6rPB7; hacking the planet since 1995; Undercurrents BOFH
lcamtuf @lcamtuf
38K Followers 498 Following Substack: https://t.co/yFvmNisGW3 Homepage: https://t.co/iFAXZxCO5H
kylebot @ky1ebot
6K Followers 319 Following CTF player @Shellphish | PhD Student @ASU | @angrdothorse dev | Author of how2heap | Vulnerability Research Hobbyist | @[email protected]
mdowd @mdowd
32K Followers 747 Following Internet Hacker. Founder of @vigilant_labs. Previously, co-founder of Azimuth Security (now L3Harris Trenchant)
Ken Shirriff @kenshirriff
72K Followers 1K Following No longer active on Twitter. Bsky: @righto.com; Mastodon: @[email protected]
Nicolas Krassas @Dinosn
146K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
Xeno Kovah @XenoKovah
13K Followers 75 Following Interested in reverse engineering, firmware, bluetooth, trusted computing, and training. Founder of OpenSecurityTraining2 https://t.co/slK2fsMRwU
Andrey Konovalov @andreyknvl
7K Followers 783 Following Security engineer at https://t.co/027VXUlgOx. Focusing on the Linux kernel. Maintaining @linkersec. Trainings at https://t.co/D5MrxmYimS.
stacksmashing @ghidraninja
48K Followers 452 Following Security researcher with a focus on hardware & firmware. I occasionally publish stuff on YouTube. Co-founder of @hextreeio. Contact: [email protected]
David Weston (DWIZZZL... @dwizzzleMSFT
25K Followers 2K Following Corporate Vice President, OS Security and Enterprise @Microsoft
Jon Masters 🏴�... @jonmasters
15K Followers 7K Following Troublemaker | Computer Architect | @Arm Servers Architect @Google | Previously @RedHat, @Nuvia_Inc | Runner | Author | All views my own | #ArmServers
cr0@Defensive-Securit... @cr0nym
3K Followers 2K Following Focus on Linux/Kubernetes Attack/Detection/Forensics/Incident Response/Threat Hunting/Active Defense. Learning hard every single day.
KiCad PCB @kicad_pcb
27K Followers 20 Following KiCad PCB official account. The world's most popular EDA tool. Also available on: https://t.co/U9pnKebJ8z BlueSky: @kicad.org https://t.co/YFmSsrGj19
Jesse Michael @jessemichael
1K Followers 1K Following
Matteo Rizzo @_MatteoRizzo
3K Followers 589 Following Security engineer, CTF player for @0rganizers. Mastodon: @[email protected]
Olivier THOMAS @reivilo_t
2K Followers 450 Following Founder & CTO at Texplained. Technology enthusiast & silicon hacker
Dave W Plummer @davepl1968
87K Followers 73 Following Hi! I'm Dave Plummer. You might remember me from such Windows components as Task Manager, Windows Pinball, Calc, ZIPFolders, Product Activation, etc. Cheers!
Fernando Gont @FernandoGont
2K Followers 2K Following Fernando Gont is Security Researcher and Consultant. He specializes in the field of communications protocols security. Maradonian.
Enno Rey @Enno_Insinuator
7K Followers 2K Following Old-school network security person. Founded https://t.co/jnQuHO036k & @WEareTROOPERS. IPv6 blog: https://t.co/z2BsSZX7DT
Cristofaro Mune @pulsoid
2K Followers 777 Following In between Physics & Computing. Fault Injection, TEEs, IoT & anything else challenging my curiosity. Founder at Raelize (@raelizecom)
Piotr Bazydło @chudyPB
4K Followers 307 Following Principal Vulnerability Researcher at watchTowr | Previously: Zero Day Initiative | @[email protected]
b33f | 🇺🇦✊ @FuzzySec
33K Followers 1K Following 意志 / Antiquarian @ IBM X-Force / t501 / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
smash @0xsmash0th
73 Followers 228 Following 🐾 Hunting bugs & walking dogs 🐶 | VR 🔍 | ExDev 💥 | RE 🛠️ | Fetch by day, code by night 🐕🦺 | Cyber paws & zero-days 🐾
Nathan "el bigode" Da... @mustach_io
993 Followers 937 Following questions are my currency. inspire and be inspired. asst prof @ Rice CS https://t.co/NR1x1Zsx3x. @[email protected] @[email protected]
Attila Tóth @Dwokfur
315 Followers 289 Following radiologist, cardiac magnetic resonance, congenital heart diseases, pulse programming, grsecurity, gentoo hardened, uplifting trance, happy hardcore, kayaking
Aleksandra Koziarska @olagoat3
3 Followers 54 Following
Rado RC1 @RabbitPro
5K Followers 658 Following Exploitation, hardware, embedded, reverse engineering, automotive security. Pwn2Own Master of Pwn Flashback team (@FlashbackPwn).
jericho @attritionorg
18K Followers 11 Following Vulnerability Historian. VDBs. InfoSec recriminator. Consumer advocate. T1D. Champion of misunderstood creatures. $84,676 raised for charity.
Crispin Cowan 🇺�... @CrispinCowan0
2K Followers 3K Following Will secure your architecture for food *NIX: StackGuard, LSM, AppArmor. Win: UAC, AppContainer 25 years #infosec, 45 years in tech. Erdős 3. Pronoun: "Doctor"
Seth Jenkins @__sethJenkins
2K Followers 116 Following Project Zero Security Researcher - Hang glider pilot - Jesus Follower @[email protected]
Zion Leonahenahe Basq... @mahal0z
2K Followers 268 Following Native Hawaiian Hacker | Prev Co-captain of @Shellphish | PhD Student in Comp Sci @ASU l Decompiler Research | Mastodon: @[email protected]
allthingsida @allthingsida
4K Followers 138 Following All things IDA, security, reverse engineering, programming, AI and more. Friend and fan of Hex-Rays but non-official.
Open Source Security ... @oss_security
4K Followers 10 Following @Openwall oss-security mailing list thread summaries, currently maintained by @solardiz. Originally setup and maintained as an automated feed by @eugeneteo.
Nicolas Economou @NicoEconomou
4K Followers 157 Following Exploit Writer Specialist/Senior Security Researcher at Binary Gecko...
Bill Pollock -- nosta... @billpollock
11K Followers 2K Following Founder, No Starch Press and Hacker Initiative. Views expressed are *entirely* my own. He/him/his Contact our editors at: [email protected]
Binary Gecko @Binary_Gecko
1K Followers 1 Following Binary Gecko GmbH. Custom Security Research Solutions. Organisers of @offensive_con.
SuperGirl @angel_chris
541 Followers 743 Following ☆ I'm a woman in Tech - That doesn't mean everything has to be pink! ☆ @metabotix_IFG
Tecofoosey @tecofoosey49693
29 Followers 2K Following
Jordy Zomer @pwningsystems
3K Followers 258 Following Security Engineer @ Google, likes fuzzing, static analysis and VR. The opinions stated here are my own, not those of my company.
Rei Kawa @kawarei0
508 Followers 215 Following
Cybernetic Lover @lucasteske
6K Followers 2K Following Programming, Hacking, SDR, Tesla Coils, Drones. Creator of OpenSatelliteProject, Cursed Transistors 📡PU2NVX Streamer for @He4rtDevs Ele/Dele/He/Him
[email protected] @r3tr074
1K Followers 557 Following Security research | https://t.co/SFZNGja5pn | CTF pwn/rev @eltctfbr + @r3kapig | yes, I'm the browser guy
RossRadio @cqcqcqdx
13K Followers 141 Following Radio operator, hobbyist. WN8OVD 1973 Novice, KB8NTY 1992 Extra Class, CU in the pileups!
GCC Rust @gcc_rust
1K Followers 49 Following GCC Front-End for Rust Thanks to @opensrcsec and @Embecosm
OpenHW Foundation @OpenHWFdn
4K Followers 181 Following A non-profit, global organisation where hardware and software designers collaborate in the development of open source cores, related IP, tools and software.
Arek @arek_pernal
4 Followers 131 Following
Quentin Minster Picav... @laomaiweng
128 Followers 373 Following Usual mood: confused. Ingénierie à rebours & endless home renovation. Page table walk enjoyer. He/him. @[email protected] @laomaiweng.bsky.social
John Dunlap @JohnDunlap2
347 Followers 1K Following Security Researcher, demoscene fan, hardcore Tetris enthusiast former GDS / former ToB / Leviathan Security / Trellix these days. Opinions are entirely my own.
VimTricks @vim_tricks
56K Followers 125 Following Email newsletter sending bite-sized Vim tips, tricks, plugins, and recipes https://t.co/zkibO0Tj9A Find us now on Bluesky: https://t.co/GS0uYHWbAV
Thauan @thau0x01
2K Followers 1K Following
RuhrSec – IT Securi... @ruhrsec
1K Followers 1 Following Annual English speaking non-profit IT security conference with cutting-edge talks by renowned experts. Hosted by @hackmanit
Kunal Mehta @kmgkv1
241 Followers 458 Following System software and security engineer working @Intel, passionate for cyber security and platform security. Views expressed are my own, not my employer’s.
Trends for United States
35,6 B posts
2.798 posts
16,3 B posts
218 B posts
54,7 B posts
12,8 B posts
168 B posts
4.266 posts
468 B posts
453 B posts
6.407 posts
175 B posts
1.851 posts
12,5 B posts
12,8 B posts
43,5 B posts
10,5 B posts
You might like
Brad Spengler
@spendergrsec
4K Followers
grsecurity
@grsecurity
9K Followers
Linux Kernel Security
@linkersec
9K Followers
Jordy Zomer
@pwningsystems
3K Followers
Andrey Konovalov
@andreyknvl
7K Followers
Mathias Krause | @min...
@_minipli
774 Followers
Alexander Popov
@a13xp0p0v
7K Followers
acez
@amatcama
4K Followers
kylebot
@ky1ebot
6K Followers
Xeno Kovah
@XenoKovah
13K Followers
Vitaly Nikolenko
@vnik5287
6K Followers
maxpl0it
@maxpl0it
9K Followers
sam4k
@sam4k1
2K Followers
Seth Jenkins
@__sethJenkins
2K Followers
Open Source Security ...
@opensrcsec
2K Followers