While I was sleeping the internet announced that I will be joining @calif_io and that I will talk at @reconmtl about the Secure Kernel and Exclaves https://t.co/sDkYkjnucP
In 2012, six hackers published the iOS Hacker's Handbook. Two of them are joining Calif: Dion Blazakis @justdionysus and Stefan Esser @i0n1c.
@i0n1c does not really need an introduction. I'll say a few words about Dion for the uninformed.
When @brucedang told me that a hacker named Dion may be joining us, my first reaction was, wait, is that the same Dion who won a Pwnie Award in 2010 for Most Innovative Research? It turns out, it was him.
Dion Blazakis is a legendary hacker who has been breaking into just about everything, from basebands and firmware to kernels and browsers. He was one of the earliest people hacking the iPhone and is still at it. In 2011, he and Charlie Miller won Pwn2Own by pwning an iPhone 4.
Our next MAD Bugs drops are welcome gifts for Dion and Stefan. Stay tuned!
Went from "V8 exploitation seems unachievable" to solving all 9 @pwncollege V8 challenges.
Wrote a guide on getting into browser exploitation if you already have classic pwn knowledge.
https://t.co/0hyZ11dLfr
The FLARE team now freely distributes its quality reverse engineering and malware analysis educational content at https://t.co/bGCIjBfD3C. Launched with:
- Malware Analysis Crash Course
- Go Reversing Reference
- Intro to TTD
The best trophy I received in my bug bounty career, by far!
Thanks @swisscom_csirt - it always has been pleasure to work with you all - and happy to see my work appreciated and respected!
9 years of hunting it - 10th one coming soon! 🎂
#bugbounty
In my youth, I left my PC on for SETI@home all night. Later, it was to compile Firefox on Gentoo. Nowadays, it stays awake to exhaust my AI API quotas. Some things never change.
Releasing PrivHound — Bloodhound collector to model Windows local Privilege Escalation as a graph.
Still early — bugs and PRs welcome.
https://t.co/9MkcK3QdgE
Back in ~November, our team picked a stretch goal of seeing if we could find and fix vulnerabilities in Firefox with Opus 4.6.
In 2 weeks, we found 22, and ~1/5th of all high severity CVEs in a year.
For our team, this feels like a rubicon moment.
"hacker's hacker" is right :'(
i remember reading @41414141's stuff in my very early re/exploit days, and had the privilege of getting to know him a little better through the scene and through early @bugcrowd stuffs (def a "meet your heroes" thing, in the best ways)
rest in power FX. thank you for paving the way 🖤
https://t.co/59i1KTizjt
@dcuthbert I heard about this this morning. What a shock.
I've known FX half my life, I owe him a lot, especially when I got introduced into the "real scene" back then. Always an incredible smart guy, making "thinking out of the box" a lifestyle. He defined a whole generation of hackers.
We promised we'd be back!
Join us on our journey, from repro'ing N-days to stumbling into 0-days in SolarWinds Web Help Desk, eventually achieving pre-auth RCE.
This research fuels the watchTowr Platform, our Preemptive Exposure Management technology.
https://t.co/TzNBT1Ghs7
After 2 years in the dark, the Tianfu Cup is back. The event – China’s most prestigious 0-day hacking contest – resurfaced with little visibility.
The website was live only briefly, but we got to it in time. New Natto analysis (link in thread) digs into 4 key developments:
I once watched @rbmaslen build a stack overflow thread for a custom error message, with the "solution" steps including an encoded curl cmd that exploited a log4j on a priv'd localhost app - he then reported the error to the helpdesk and waited for them to find said "solution" 🧑🍳💋
Getting a Nighthawk agent running on increasingly obscurer platforms, Part 1
Enter DroidHawk, the Android open agent. It’s a .so file wrapped in an app that calls it.
It was surprisingly easy to repurpose the sample code to run on Android!