Olivia
Online
stratan
@5tratan
Product @TashitaSoftSec. Security research on the side.
Joined January 2016
956 Following
548 Followers
346 Posts
Pinned Tweet
Introducing What The Claude: Browser Edition.
A series where we pick apart browser bugs found/reported by Claude.
First up: CVE-2026-2796, a SpiderMonkey Wasm import bug that leads to addrof/fakeobj/read-write.
https://t.co/njBC5WEjq8
At Tashita, we always wanted a browser vulnerability research framework that researchers could actively guide and control over how research is conducted.
Instead of forcing researchers to adapt to a tool, we built SeekZero to adapt to the researcher.
That idea influenced almost every part of the platform.
https://t.co/mRWmQsqkAT
What makes SeekZero unique is not generic automation.
It is the ability to connect researcher judgment, campaign-based workflows, execution feedback, orchestration, and AI-assisted systems into one programmable framework.
We believe this is where browser vulnerability research is heading.
https://t.co/mRWmQsqkAT
We're wrapping up the CVE-2026-6307 series with special effects. Or better said: WasmFX.
Follow along as @5tratan attempts to escape the v8 sandbox.
https://t.co/vbzL8CRe3B
Who to follow
We spent the last year developing SeekZero.
We envolved years of research experience into a programmable system, designed from researchers to researchers.
Today we're finally introducing it publicly.
Really proud of what the team has built. A lot more to come!
Over the last year, we have been developing a framework for advanced browser vulnerability research.
Today we are introducing SeekZero.
SeekZero is a programmable JavaScript engine vulnerability research framework designed for researcher-guided automation, scalable execution, and highly customizable research workflows.
Access is currently limited.
https://t.co/mRWmQsqkAT
What The Claude: Browser Edition, episode 2.
This time: Bug 2024918.
A phi node, SpiderMonkey's JIT pipeline, Wasm GC scalar replacement, escape analysis, and one wrong equality check.
Let’s dive in.
https://t.co/3pf1TKRvcd
We said it was raining Chrome bugs. Part 2 brings the thunder.
@5tratan continues the CVE-2026-6307 analysis, taking the TurboFan JS-to-Wasm deopt type confusion from root cause to PoC.
https://t.co/B4KqSljvqD
It's been raining Chrome bugs lately, so we took a closer look.
Part 1 by @5tratan is live: our analysis of CVE-2026-6307, a TurboFan JS-to-Wasm deopt type confusion bug.
We cover the trigger and the background needed to follow along.
https://t.co/EaNf2inMBh
.@TashitaSoftSec 's mission is to revolutionise how security research is performed, by developing the most advanced vulnerability research frameworks. Join us and become part of an epic adventure!
Career opportunities: https://t.co/Br09187Icv
DMs are open!
New blogpost by @0vercl0k "A journey into IonMonkey: root-causing CVE-2019-9810" https://t.co/25C32Sp10S
Just uploaded on @doar_e my slides for my @typhooncon talk on exploiting chrome by attacking TurboFan. Thanks @SecuriTeam_SSD for the opportunity to present :-) https://t.co/K5MvRwx7rG
[BLOG] An overview of macOS kernel debugging https://t.co/pKC8ZVecsI Deep dive into Kernel Debugging Protocol (KDP), from implementation to limitation
The detail of my p2o entry: https://t.co/vZ2iyKWr4p
Fuzzilli, my JavaScript engine fuzzer, is now open source: https://t.co/2noeJIATVf \o/ Keep an eye on the Project Zero bugtracker in the next few weeks for some of the bugs found with it. Also let me know if you encounter any problems when using it! :)
@rkmylo and I are kicking off our WebKit research debut by pwning CVE-2018-4441. Feedback is much appreciated! https://t.co/K5HGdqSlRh
New blogpost by @0vercl0k "Introduction to SpiderMonkey exploitation" https://t.co/JBNiNrfvQO, GitHub repo: https://t.co/nBwEwaO9an
Everybody knows researching Hyper-V is the most fun thing you can do, so I wrote a blog post about how to start doing just that! Let me know what you think && if you find any 0days of course :) https://t.co/xKg3C5xiUi
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers