AngelLA @einyella - Twitter Profile

EinyelLA retweeted

Pedro Guillén Núñez @_p3r1k0_

9 days ago

Ya esta disponible la charla que hicimos en @ekoparty miami! @EinyelLA y @_p3r1k0_ Disfrutarla! https://t.co/ffJRMIOhqc

0

9

3

1

921

EinyelLA retweeted

Pedro Guillén Núñez @_p3r1k0_

27 days ago

Acabamos de lanzar @EinyelLA y @_p3r1k0_ de subir el módulo de Metasploit para el CVE-2025-66177 en firmware Hikvision NVR (v4.72/v4.83). https://t.co/BCcKRNkhH9

0

8

3

2

1K

EinyelLA retweeted

Ekoparty | Hacking everything

@ekoparty

30 days ago

"Desde el Firmware al RCE: Atacando NVRs de Hikvision" by @EinyelLA and Pedro Guillen Nuñez | Main Track #EKOMIAMI2026 ✈️🔥 - "Desde el Firmware al RCE: Atacando NVRs de Hikvision" dictada por @EinyelLA y Pedro Guillen Nuñez | Main Track #EKOMIAMI2026 ✈️🔥

ekoparty's tweet photo. "Desde el Firmware al RCE: Atacando NVRs de Hikvision" by @EinyelLA and Pedro Guillen Nuñez | Main Track #EKOMIAMI2026 ✈️🔥

-

"Desde el Firmware al RCE: Atacando NVRs de Hikvision" dictada por @EinyelLA y Pedro Guillen Nuñez | Main Track #EKOMIAMI2026 ✈️🔥 https://t.co/yEC8dCxr16

0

7

4

0

543

EinyelLA retweeted

Ekoparty | Hacking everything

@ekoparty

2 months ago

EKO Miami 2026 Main Track Talks 🔥 🗣️ “Desde el Firmware al RCE: Atacando NVRs de Hikvision” by @EinyelLA and Pedro Guillén Núñez. 📌 This talk presents a detailed technical investigation into the discovery of two 0-days related to CVE-2025-66177 in Hikvision NVR devices, which also affect other products from the same brand and its subsidiaries. It covers the entire research process, from firmware acquisition, decryption, emulation, and both static and dynamic analysis for vulnerability discovery and exploitation, to obtaining a real device, achieving full system compromise, and establishing persistence through memory addresses and ROP. The exploit has been adapted as a Metasploit module, with the ability to automatically identify the target firmware version and support multiple vulnerable versions. 🎯 During the talk, a live demonstration will be performed on a real physical device, and the exploit will be released. This research brings significant value to the community, as it thoroughly documents a complete methodology for discovering and exploiting 0-days in embedded devices, which can be extrapolated to similar environments. It is a highly technical talk, aimed at offensive and advanced security research profiles, with deep focus on both reverse engineering and exploitation of embedded systems. ✅ This talk will be delivered in spanish. 📅 Ekoparty Miami | May 21–22, 2026 🎟️ Get your ticket now and don’t miss out! >> https://t.co/zeyA4yXic0 - Charlas Main Track EKO Miami 2026 🔥 🗣️ “Desde el Firmware al RCE: Atacando NVRs de Hikvision” dictada por @EinyelLA y Pedro Guillén Núñez. 📌 Esta charla presenta una investigación técnica detallada sobre el descubrimiento de 2 0 días relativo a CVE-2025-66177 en dispositivos NVR de Hikvision y que también afecta a otros productos de la misma marca y fabricantes subsidiarios. Abarca todo el proceso de investigación, desde la obtención del firmware, descifrado, emulación, análisis estático y dinámico para el descubrimiento de las vulnerabilidades y la explotación, hasta la adquisición de un dispositivo real, compromiso total del sistema y obtención de persistencia en el mismo a direcciones de memoria y ROP. El exploit ha sido adaptado como módulo para Metasploit, con capacidad para identificar automáticamente la versión de firmware objetivo y soportar varias versiones vulnerables. 🎯 Durante la charla se realizará una demostración en vivo sobre un dispositivo físico real, y el mismo exploit será publicado. Esta investigación aporta un gran valor a la comunidad, ya que documenta de forma detallada una metodología completa para el descubrimiento y explotación de 0-days en dispositivos embebidos, extrapolable a otros entornos similares. Se trata de una charla altamente técnica, orientada a perfiles ofensivos y de investigación avanzada en seguridad, que profundiza tanto en ingeniería inversa como en explotación sobre sistemas embebidos. ✅ Esta charla será dictada en español. 📅 Ekoparty Miami I 21 y 22 de mayo 2026 🎟️ ¡Conseguí tu entrada ahora y no te quedes afuera! >> https://t.co/zeyA4yXic0

1

3

4

0

774

Who to follow

@Hackira.bsky.social

@Hackira_

@beers4flags CTF player, sometimes I hack stuff GPG : 2FC53FB1AE24B85B lehackira-at-pm-dot-me

Tripoloski!

@tripoloski_1337

Security Engineer at *** | CTF player | pwn

Pankaj Kamble

@pan_kmb

EinyelLA retweeted

Pedro Guillén Núñez @_p3r1k0_

5 months ago

@EinyelLA and myself found 2 stack overflows in hikvision NVR, stay tuned for more info. 😉 https://t.co/xPgxSu3bQn

0

1

2

1

351

AngelLA @EinyelLA

almost 4 years ago

If you want to learn advanced attack and defense techniques on Windows kernel, then you should attend the @codemachineinc Windows Kernel Rootkit Techniques training. I enjoyed with this training at Black Hat USA 2022. Thanks T-Roy and CodeMachine for such an awesome training.

0

4

2

0

EinyelLA retweeted

Eric Opdyke @EricOpdyke

over 7 years ago

The #crowdStrike Services team has released AutoMacTC a set of python based scripts for Mac IR and triage. https://t.co/dyVqFcMS6q https://t.co/O3rphZ3Hzw

3

200

101

10

0

EinyelLA retweeted

lc4m @luc4m

over 7 years ago

Awesome #ursnif TTP summary 👉https://t.co/pHYV0kPs2f - language and country test - geoip and stego - loader chain, persistence - encrypted drive stealer @dvk01uk @James_inthe_box @JAMESWT_MHT @malware_traffic @makflwana @pollo290987 @Antelox @VK_Intel @nao_sec

luc4m's tweet photo. Awesome #ursnif TTP summary 👉https://t.co/pHYV0kPs2f
- language and country test
- geoip and stego
- loader chain, persistence
- encrypted drive stealer
@dvk01uk @James_inthe_box @JAMESWT_MHT @malware_traffic @makflwana @pollo290987 @Antelox @VK_Intel @nao_sec https://t.co/bxPGACyZ7L

1

37

18

1

0

EinyelLA retweeted

Sebastian Fernandez

@snfernandez

over 7 years ago

While everyone is distracted trying Ghidra, Microsoft released DTrace for Windows!!! https://t.co/3CBRzLjKpX

1

185

72

15

0

EinyelLA retweeted

Binni Shah

@binitamshah

over 7 years ago

Windows Process Injection: Writing the payload : https://t.co/qp7yoy4ZJV Windows Process Injection: Sharing the payload : https://t.co/sxPCwtZfxS

0

139

77

7

0

EinyelLA retweeted

Cisco Talos Intelligence Group @TalosSecurity

over 7 years ago

IDA users: You'll want to know about our new Dynamic Data Resolver plugin, which will make it easier for you to reverse-engineer malware https://t.co/ftsa2SDat4

TalosSecurity's tweet photo. IDA users: You'll want to know about our new Dynamic Data Resolver plugin, which will make it easier for you to reverse-engineer malware https://t.co/ftsa2SDat4 https://t.co/mSKqXmEc8U

1

31

17

3

0

EinyelLA retweeted

Binni Shah

@binitamshah

over 7 years ago

Take a look into the depths of Windows kernels and reveal more than 60000 undocumented structures : https://t.co/XFHunYQYa9

2

118

50

9

0

EinyelLA retweeted

X-C3LL @TheXC3LL

over 8 years ago

I just started a new blog about pentesting :) https://t.co/zIIUoR0nhY #DoomsDayVault

3

57

27

1

0

EinyelLA retweeted

Vitali Kremez @VK_Intel

almost 8 years ago

7-29-2018: Let's Learn: In-Depth Reversing of #Qakbot "qbot" #Banker #Malware Part 1 | Core & Process Injection | Communicator & Inject DLL Component | Observed Configuration | Decoded Template | #Yara + #IOCs ☑️ Thanks @pollo290987 for the sample 👍 -> https://t.co/4B5yrS3Q8z