Olivia
Online
Pinned Tweet
I‘m now on Mastodon as well, you can add me at @[email protected]
GPN CTF 2026 at @entropiagpn is now served and the buffet is open for 36 hours!
Come taste our freshly cooked challenges.
==> https://t.co/3k59dCuZyw <==
If you're on-site, pull up a chair! (The set table in front of the merch desk with a KITCTF flag on it)
Learn what to do when your CodeQL database doesn't contain what you expect and how to use cvise to easily create a minimal reproducer in my newest blog post 🎉
https://t.co/os215p4Iam
Who to follow
Javier Partido Rufo
@javierprtd
Ingeniero Informático por la UPNA. Vulnerability Researcher | Exploit development | Linux user + kernel | Android. CTF player. @[email protected]
Jordy Zomer 
@pwningsystems
Security Engineer @ Google, likes fuzzing, static analysis and VR.
The opinions stated here are my own, not those of my company.
Christophe Tafani-Dereeper
@christophetd
302
Location: https://t.co/tP3JTD3HQp
Had a lot of fun in Stockholm at @SEC_T_org talking about attacking and defending GitHub Actions.
Full slides: https://t.co/LFCDwqzZoK
GitHub Actions are a powerful automation tool, but also a prime target for supply-chain attacks.
During @SEC_T_org, Security Researcher Simon Gerst (@intrigus_) broke down real vulnerabilities, defenses that work, and how to limit damage if an exploit occurs.
Full talk below ↓
@seanhn Maybe, but not yet fully decided.
Excited to talk about some of the research I've been doing during my masters :)
➗🚗💨 V8 runs your #JavaScript like a race car tearing down the track—and @intrigus_ decided to lift the hood at #NullconBerlin2025.
Using formal bug-hunting tools, he found a hidden math problem in its division that could throw it off course.
👉 https://t.co/UKa60Ce90f
#V8
This Thursday, we're excited to have @mawalu
talk about Android system services and how to use @fridadotre for efficient and scalable IPC request interception.
As always, 7pm -120, 50.34
Really enjoyed this year's Google CTF together with @fluxfingers.
Especially the pwn "Unicornel TrustZone" challenge was nice. Writeup soonish 😀
We had a lot off fun playing this year's Google CTF in a spontaneous merger with @fluxfingers
Somehow we qualified for the finals 🎉.
Thank you for such a great CTF @GoogleVRP
GG to all teams and see you in Mexico!
Hey, GPN CTF is back!
Can you break the CTF monopoly? The only property worth owning is the top spot on our CTF leaderboard. 'Go to jail' is just a chroot jail away, play online or on-site at @entropiagpn
Friday, 20th of June 2025 10:00 UTC!
More info: https://t.co/xmrE4LIfVo
@watchtowrcyber "Relieving" to see that even you couldn't find a way to exfiltrate multi-line files^^
I (together with I-Al-Istannen) found an XXE in CodeQL a while ago and was disappointed that only single-line files can be exfiltrated but the JDK code looked solid and I didn't find a bypass :/
Last year I played Realworld CTF and solved "Protected by JavaSE" together with I-Al-Istannen.
We exploited XXE in @github's CodeQL using the unintended CVE-2024-25129.
I wrote about the (un)intended solution and how to use CodeQL to find bugs in CodeQL 😂
https://t.co/1rlYpEBSQd
When you look at a CVE's patch for more than a few seconds and get a new CVE for free :sigh:
(3/3)
In the end, all you have to do is to change a single stack pointer move and `nop` a loop and go from the right image to the far better left image 🎉
I've also written about this in a bit more detail:
https://t.co/RtA7xHM4od
(2/3)
I was playing DEFCON CTF Quals last week and the `loader` binary of the `callmerust` challenge had some not so pretty decompilation so I chose to investigate and fix it.
GitHub's award that recognizes my contributions to open source security through my various workshops and my tireless help with people learning CodeQL or just answering their questions (plus some very nice swag) has arrived 🥳
Woah, I totally didn't expect this 😯
I wouldn't be where I'm now without the help of @HauwaOtori, @XCorail and @nicowaisman to name just three.
Thank you for bringing me to GitHub+SF, encouraging me to do my first conference talk and letting a random run queries on ALL of lgtm.
This Thursday, @intrigus_ will present the results of his master's thesis on bounded verification of the range analysis in v8's Turboshaft engine.
As always, 7pm -120, 50.34
Really excited for this one!
This Thursday, we're excited to have @momo5502 give us a deep dive into Windows user-space emulation.
As always, 7pm -120, 50.34
Last Seen Users on Sotwe
Erotic 🤤 Girl 😜
Seen from Turkey
yangviral
Seen from Vietnam
@Mizi_MediumDicK
Seen from Thailand
ووعلاء
Seen from France
DREDD
Seen from Algeria
سالب وديوت اختي حقيقي والله
Seen from Germany
josevizca
Seen from Germany
Pussy Hunter Mizo 🔞
Seen from Philippines
Lesbian vids🏳️🌈
Seen from Turkey
Eros 🔞
Seen from Germany
Most Popular Users
Elon Musk
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.4M followers
Taylor Swift
@taylorswift13
81.2M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.4M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.1M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.5M followers