Dhiraj @RandomDhiraj - Twitter Profile

Dhiraj @RandomDhiraj

20 days ago

Windows Terminal SIXEL: when a good prompt met a stubborn OOB write https://t.co/MRizpaRj86 #infosec #AI

0

91

Dhiraj @RandomDhiraj

about 2 months ago

Model quality matters but context is king. While everyone’s hyped about Mythos finding a 27-year-old bug, I tried a similar workflow with current available models. https://t.co/u6Ldz19adl #infosec #AI

1

7

3

4

532

Dhiraj @RandomDhiraj

27 days ago

FFmpeg DFPWM: a 4-year-old integer overflow hiding behind eight samples https://t.co/wdsK31xO5j #infosec #AI

1

0

178

RandomDhiraj retweeted

lablab.ai

@lablabai

28 days ago

AI teams and security teams should be finishing each other's sentences. Join @RandomDhiraj, Security Manager at @Derivdotcom and @czech_pawel, @lablabai Co-Founder & @Surgexyz_ CEO as they share exactly how to make it happen LIVE.

lablabai's tweet photo. AI teams and security teams should be finishing each other's sentences.

Join @RandomDhiraj, Security Manager at @Derivdotcom and @czech_pawel, @lablabai Co-Founder & @Surgexyz_ CEO as they share exactly how to make it happen LIVE. https://t.co/aww2alVhII

1

8

3

0

1K

Who to follow

André Baptista

@0xacb

Hacker grinding for L1gh7 and Fr33dφm, straight outta the cosmic realm. Co-founder @ethiack

Security Researcher at @xbow - Founder at @SwordBytesSec - Ex @immunityinc - #BugBounty hunter https://t.co/x39yDRfZoA - Blog https://t.co/5P8YS1OKbh

RandomDhiraj retweeted

Deriv People

@DerivPeople

29 days ago

AI teams and security teams should be finishing each other's sentences. Tune in live with Deriv's Security Manager @RandomDhiraj and @czech_pawel, Co-Founder of @lablabai and CEO of @Surgexyz_, as they share exactly how to make it happen. They'll get into real breaches, shadow AI, the risks of moving fast, and what tech leaders can do this week to close the gap. 🗓️ Thursday, May 21st · 12:00 PM CET · Live here on this page!

DerivPeople's tweet photo. AI teams and security teams should be finishing each other's sentences.

Tune in live with Deriv's Security Manager @RandomDhiraj and @czech_pawel, Co-Founder of @lablabai and CEO of @Surgexyz_, as they share exactly how to make it happen.

They'll get into real breaches, shadow AI, the risks of moving fast, and what tech leaders can do this week to close the gap.

🗓️ Thursday, May 21st · 12:00 PM CET · Live here on this page!

1

5

3

0

536

Dhiraj @RandomDhiraj

about 2 months ago

@D0rkerDevil Give a try with SSD-Disclosure it's better than ZDI (Triaging process)

2

0

636

Dhiraj @RandomDhiraj

about 2 months ago

Part-2, Here is the write-up for my recent work RCE in AWS Kiro IDE (CVE-2026–5429). https://t.co/6d2aUJStXp #infosec #AI

0

8

2

6

668

Dhiraj @RandomDhiraj

about 2 months ago

.@p1ngfl0yd & me would be running 2-day training program on fuzzing at DEFCON this year. Sign-up for the early bird discount - (https://t.co/rpaLiGzpHa) #infosec #fuzzing #defcon

0

6

3

0

384

Dhiraj @RandomDhiraj

2 months ago

Not from AI, just read the existing advisory/patch from VIM (https://t.co/2QNb7u71UA) replaced `scp://` URI to `file://`.

0

1

0

219

Dhiraj @RandomDhiraj

2 months ago

Found command injection via `file://` URI handling in VIM. Fixed Commit - https://t.co/jYYDwRA9oE #infosec

1

4

1

0

481

Dhiraj @RandomDhiraj

3 months ago

Identified a vulnerability in dtprobed (DTrace) where a crafted USDT provider names lead to arbitrary file creation outside intended paths, leading to LPE. https://t.co/jHaZnNFMI9 #infosec

RandomDhiraj's tweet photo. Identified a vulnerability in dtprobed (DTrace) where a crafted USDT provider names lead to arbitrary file creation outside intended paths, leading to LPE.
https://t.co/jHaZnNFMI9
#infosec https://t.co/qW44ORAEPI

0

10

3

965

Dhiraj @RandomDhiraj

3 months ago

The red team tradecraft behind hard-to-detect AI phishing. https://t.co/FPvkXLf6Zd #infosec #redteam

0

2

1

0

201

Dhiraj @RandomDhiraj

3 months ago

Here’s my write-up on a code execution in Google Gemini CLI. https://t.co/CvdNGchwiq #infosec

0

75

8

43

4K

Dhiraj @RandomDhiraj

3 months ago

I found a uXSS in DuckDuckGo Browser and here is the write-up. https://t.co/Fn28yurQ8I #infosec

0

78

9

55

6K

Dhiraj @RandomDhiraj

4 months ago

Through libFuzzer, Integer overflow when processing specially crafted ICO image files, leading to memory corruption in GIMP. https://t.co/7JC1NIqHFA #infosec #fuzzing

0

1

0

2

318

Dhiraj @RandomDhiraj

4 months ago

I am sharing it, as this also affects self-hosted runners, usually enterprise servers aren't hardened enough so you can test this during RT/PT. (https://t.co/v6XrWwanyb)

0

240

Dhiraj @RandomDhiraj

4 months ago

I started reversing GitHub Actions, focusing on escaping the container responsible for running the jobs and found and exploited a volume injection vulnerability that was marked as informative on H1 by GH security. #infosec #redteam

RandomDhiraj's tweet photo. I started reversing GitHub Actions, focusing on escaping the container responsible for running the jobs and found and exploited a volume injection vulnerability that was marked as informative on H1 by GH security.
#infosec #redteam https://t.co/ETwramW2DL

1

7

0

3

519

Dhiraj @RandomDhiraj

4 months ago

GH response via H1 - This is an intentional design decision. If you're able to gain a token and access contents outside of your repository's scope, we would certainly be interested.

1

0

277

Dhiraj

@RandomDhiraj

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users