Olivia
Online
cbayet
@OnlyTheDuck
Security expert and CTO @Reverse_Tactics
Joined April 2017
402 Following
1.7K Followers
409 Posts
Bug Hunting in Hypervisors by Corentin Bayet (@OnlyTheDuck) and @BrunoPujos
๐
Oct 12-15
๐ Espace Vinci or Espace Clรฉry, Paris 2nd
๐ https://t.co/bABXcLpDn5
It's live!
โก๏ธ https://t.co/vZUo5mOvyw
Weโre proud to bring our" Bug Hunting in Hypervisors" training to @hexacon_fr (October 12thโ15th, 2026) !
Designed for security researchers,we will dive into VM escapes, hypervisor attack surfaces, and real-world exploitation.
See you there !
[ZDI-26-188|CVE-2025-41237] (Pwn2Own) VMware ESXi VMCI Integer Underflow Local Privilege Escalation Vulnerability (CVSS 8.2; Credit: Corentin "@OnlyTheDuck" BAYET from REverse Tactics) https://t.co/p37AZfHL6Z
This bug is found and triggered by students of our training ๐
https://t.co/eNKGZihTEK
Awesome bp on a Workstation escape using a bug I also found in 2024, and never managed to exploit... Found the ESXi vuln I used at the same #Pwn2Own while looking for interesting objects to overwrite with the LFH OOB ๐
Those guys found the bug and exploited it in a few days !
At #Pwn2Own Berlin 2025, a full exploit chain against VMware Workstation was demonstrated via a heap overflow in the PVSCSI controller.
Despite Windows 11 LFH mitigations, advanced heap shaping and side-channel techniques enabled a reliable exploit.
๐ Full technical write-up ๐
https://t.co/R0E5Uqql1E
๐จ REcon 2026 is LIVE!
๐ Call for papers and registration are now open!
Join the world's top reverse engineers & exploit devs in Montreal:
๐ Trainings: June 15-18 (19 hands-on classes โ AI agents, kernel exploits, Rust/Go reversing, fault injection & more!)
๐
Conference: June 19-21
Tickets & early bird now open โ https://t.co/ESqkwzJOZR
Shoutout to the legends teaching: @SinSinology @KyleMartin @MalachiJonesPhD @andreyknvl @mr_phrazer @yarden_shafir @DrCh40s @pulsoid
+ more elite instructors! See website for all trainers and session info.
Limited spots โ see you in MTL! #REcon2026 #ReverseEngineering
@carrot_c4k3 Legend ๐
@theflow0 Impressive exploit and the blog post is so easy to read ! Amazing work ๐
Our latest post details how we exploited Retbleed (a CPU vulnerability) to compromise a machine from a sandboxed process and VM!
Curious? ๐
https://t.co/CSD8kdlBjD
Love the top-bottom approach of this blogpost ! A great way to explain internals in my opinion, and the kind of reference you look when you're trying to exploit a heap bug. Also glad to see that our paper (with @paulfariello) of 2020 is still relevant !
Good morning! Just published a blog post diving into Windows Kernel Pool internals: basics, memory allocation functions, internal structures, and how Segment Heap, LFH, and VS work.
https://t.co/2KlYba9gxc
@roddux Haha forever basically meant as long as I can remember ๐
but yeah there is some commits at least 17 years old there ๐
@typhooncon is already over, but we enjoyed every minute ! During our talk "Journey To Freedom", we disclosed for the first time the details on the Windows LPE we used at Pwn2Own Vancouver 2024 after escaping from VirtualBox. Slides are already available: https://t.co/Zybc7CTZhr
๐ช๏ธ Back from lunch just in time to escape VirtualBox and unchaining objects in the Windows Kernel with Corentin Bayet
Slides and video of our talk at @offensive_con are already online !
Thanks to @Binary_Gecko for the amazing event
https://t.co/jM4yotvZxg
And that's a wrap for @offensive_con and #Pwn2Own ! We had the best time there and were so glad to reunite with the finest researchers out there. See you next year !
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.7M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.3M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers