BinaryChunk @binarychunk - Twitter Profil

BinaryChunk di-retweet

Natalie Silvanovich @natashenka

lebih dari 1 tahun yang lalu

Exciting update on Project Zero’s LLM research: https://t.co/TRmtdU9B9g

1

129

34

50

29K

BinaryChunk di-retweet

Rio @0x09AL

lebih dari 1 tahun yang lalu

How do you explain to normal people that modern exploits are actual pieces of art?

22

213

16

29

22K

BinaryChunk di-retweet

KevinLu @K3vinLuSec

lebih dari 1 tahun yang lalu

An Introduction to Chrome Exploitation - Maglev Edition :: — uf0 https://t.co/Aatb6VflAt

0

154

39

106

10K

BinaryChunk di-retweet

Seth Jenkins @__sethJenkins

sekitar 2 tahun yang lalu

My new Project Zero blog post, Driving Forward in Android Drivers is live! 🥳 https://t.co/9KPUBNsbLm

2

261

80

95

43K

BinaryChunk di-retweet

Kuba Gretzky

@mrgretzky

sekitar 2 tahun yang lalu

This screenshot shows how external bots try to scan a phishing page, hosted by Evilginx Pro. Every request is made from a different IP address, which ultimately proves that IP blacklisting is dead as a method to block scanners. JA4 & browser telemetry analysis is the way to go.

mrgretzky's tweet photo. This screenshot shows how external bots try to scan a phishing page, hosted by Evilginx Pro.

Every request is made from a different IP address, which ultimately proves that IP blacklisting is dead as a method to block scanners.

JA4 & browser telemetry analysis is the way to go. https://t.co/25jftStJp2

17

389

62

226

84K

BinaryChunk di-retweet

Lau @notselwyn

lebih dari 2 tahun yang lalu

Exciting news! 🚀 Just dropped my blogpost unveiling the universal Linux kernel LPE PoC for CVE-2024-1086 (working on v5.14 - v6.7) used for pwning Debian, Ubuntu, and KernelCTF Mitigation instances, including novel techniques like Dirty Pagedirectory 🧵 https://t.co/zFimVzjgYB

12

775

262

349

115K

BinaryChunk di-retweet

Theori

@theori_io

lebih dari 2 tahun yang lalu

We've started a blog series on N-day full chain exploits. The first part is about chrome renderer exploit, CVE-2023-3079. Check it now!👇👇 https://t.co/JTU6RZD2g4 #Theori #티오리 #Blog #Research #Fermium252 #Chrome #VirtualMachine #CVE #Vulnerability

3

215

82

83

26K

BinaryChunk di-retweet

Man Yue Mo @mmolgtm

lebih dari 2 tahun yang lalu

In this post I'll use CVE-2023-6241, a vulnerability in the Arm Mali GPU that I reported last November to gain arbitrary kernel code execution from an untrusted app on a Pixel 8 with MTE enabled. https://t.co/Flsas2jJtv

8

410

146

130

97K

BinaryChunk di-retweet

0xor0ne

@0xor0ne

lebih dari 2 tahun yang lalu

Chrome sandbox escape abusing Liftoff assembly by @r3tr074 https://t.co/Yn2REmSIwa #chrome #infosec

0

218

55

74

15K

BinaryChunk di-retweet

0xor0ne

@0xor0ne

lebih dari 2 tahun yang lalu

ptrace, mmap and the clone system calls for process injection in Linux Credits @BinaryChunk https://t.co/pWq6yd6dZD #Linux #infosec

0xor0ne's tweet photo. ptrace, mmap and the clone system calls for process injection in Linux
Credits @BinaryChunk

https://t.co/pWq6yd6dZD

#Linux #infosec https://t.co/nRQGUUAPuI

2

228

43

77

14K

BinaryChunk di-retweet

blackorbird

@blackorbird

lebih dari 2 tahun yang lalu

#Lazarus exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools.CVE-2024-21338 Beyond BYOVD with an Admin-to-Kernel Zero-Day https://t.co/irFNz3Dntt

blackorbird's tweet photo. #Lazarus exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools.CVE-2024-21338
Beyond BYOVD with an Admin-to-Kernel Zero-Day
https://t.co/irFNz3Dntt https://t.co/Hfco33UPBm

7

475

171

179

117K

BinaryChunk di-retweet

xvonfers @xvonfers

lebih dari 2 tahun yang lalu

(CVE-2023-6702)[1501326][$16000][promises, async stack traces]Type Confusion in V8 is now open with a PoC: https://t.co/9AKdB5oc3A This vulnerability has existed since the `Promise.any` function was introduced. https://t.co/z8AQbmsGAF PoC: ./d8 poc.js https://t.co/O2rMGbEbmf

xvonfers's tweet photo. (CVE-2023-6702)[1501326][$16000][promises, async stack traces]Type Confusion in V8 is now open with a PoC:
https://t.co/9AKdB5oc3A
This vulnerability has existed since the `Promise.any` function was introduced.
https://t.co/z8AQbmsGAF

PoC:
./d8 poc.js
https://t.co/O2rMGbEbmf https://t.co/ZhLh8apGfK

1

73

24

39

11K

BinaryChunk di-retweet

0xor0ne

@0xor0ne

lebih dari 2 tahun yang lalu

Short blog post introducing how to add psuedo-syscalls and struct definitions to Syzkaller for Linux kernel vulnerability research Credits @notselwyn https://t.co/7KmyUzud5H #Linux #cybersecurity