Olivia
Online
luks
@luksecurity_
Pentester / Bug hunter
Lille, France
Joined July 2020
70 Following
53 Followers
155 Posts
🚨 JAILBREAK ALERT 🚨
ANTHROPIC: PWNED 🫡
FABLE-5: LIBERATED 🦋
let's start with the 🐘...
the consensus seems to be that this has been one of the most disappointing model drops of all time, effectively preventing legitimate researchers from contributing their talents to our collective advancement. and not just because of what it means for the short-term, but for what these decisions signify for the long-term.
but despite this overly sensitive, authoritarian "safety" layer on top of Mythos, my lil liberators have been hard at work—mapping the boundaries, probing the depths of long-context convos, and cleverly finding the holes in the fence that the thought police missed 🤗
we got some cyber, some chem, some psychological manipulation, and some good ol' fashioned explosives!
it took many attempts from multiple agents hunting as a pack, during which I observed a combination of techniques across:
• Unicode, homoglyphs, Cyrillic, and other Parseltongue-style text transforms
• Long-context reference tracking
• Taxonomy and document-structure reasoning
• Fiction and narrative framing
• Academic-review style contexts
• Intent-classification inconsistencies
but perhaps the most effective is decomposition + recomposition in the backend. it's hard to get explicit names of harms like "Meth Recipe," but getting uplift on the process itself, like birch reduction method/reductive-amination (classic meth synthesis pathways), is much more doable.
defense becomes much more difficult to maintain when you start throwing in out-of-distro tokens, breaking up the harmful uplift into benign chunks, and then piecing the innocuous-seeming facts back together, especially when you have jailbroken Opus helping you do it 😉
gg
Amazing episode with @PortSwiggerRes's @albinowax.
Back when I started the pod in 2023, I envisioned episodes just like this. High signal, technical, depthful.
If you're gonna catch any episode of CTBB, this would be a good one:
https://t.co/3xcwRrw7Ha
BEFORE LE HACK 2025 | PROGRAMME OFFICIEL
Nous dévoilons enfin le programme de notre Before LeHack du 26 juin à l'@ESGI.
Osint-Fr, Hack the Box Meetup : France et les BrHackeuses vous ont concocté une soirée d'exception entre passionnés d'OSINT.
Today I used a technique that’s probably not widely known in the community.
In what cases could code like this lead to a vulnerability? ->
Video demo of bypassing Windows Defender App Control with Loki C2! Blog with details coming in 1-2 weeks.
Yes -- @d_tranman and I created an entire C2 in JavaScript and it bypasses all the things 🥷🧙♂️🪄
GOAD Writeup - Part 14: ADCS – The Rest
Exploiting ESC 5, 7, 9, 10, 11, 13, 14, and 15 in Game of Active Directory.
https://t.co/70uVYVg6o7
Le prochain meetup aura lieu ce lundi 24/02👾
Au programme :
- Pwn2Own Ireland : Retour d’expérience par @ImNotFl0 @___t0___ @MajorTomSec
On recherche un 2ieme talk pour les accompagner, go dm 👀
📍Boulangerie Bar - 24/02 à partir de 19h
(Salle du bas)
#Cyber #infosec
We're proud to announce LIGHTYEAR, a tool that let you dump files, blind, in PHP, based on a new algorithm.
https://t.co/GG4tSNnUCf
🔥💀After 40 hours of constant reversing of weird looking c++ and no sleep, I Finally cooked the
CVE-2024-47575 fortimanager unauthenticated RCE 🩸
A few months ago I've created a "Pefect DLL Loader". You can find some details on my article that was just published today !
The full implem can be found directly in the @defcon workshop in my github !
Hope you will learn something in this 😊
https://t.co/5NaM0tiQnP
Made a cheatsheet list with all my most posts that match up to @TJ_Null's list of HackTheBox machines that are helpful with various OffSec exams. Currently covers three versions of OSCP, OSEP, and OSWE.
https://t.co/1lxq9shXxn
🌧️ On a rainy day, I dove into Pokémon Yellow glitches. Ever wondered how they work under the hood?
As kids, we were already hackers manipulating bits in memory! 🔍👾
Read more in my latest blog post:
https://t.co/LZXKNAxQya
Google actually sponsored these courses because they want more Bug hunters to hunt for Android bugs. And my report shows that these courses can work! This sponsorship also means that you do not need a Hextree subscription to watch this content ;)
https://t.co/eZpvzO2oEO
Wrote a blog post on abusing exclusions to evade AVs/EDR which is stealthy, effective and an often overlooked topic.
https://t.co/sYQqxhoygT
🚨SAVE THE DATE! 🚨
The 2nd Pwn conference of the month is coming up!
@voydstack, Security Expert at @Synacktiv and active on Root-Me, will be hosting a live session on Heap exploitation this Friday 16 August at 8pm (UTC+2).
🔥Don't miss this analysis of memory management vulnerabilities! 💥
Join us on Twitch: https://t.co/XdPwiJlf3I
The official PortSwigger Discord is now open! 🎉👾
Join for access to exclusive events, feature previews, research releases, and to hang out with Burp Suite developers.
Join for free here: https://t.co/wt5adCLAOm
Most Popular Users
Elon Musk 
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.9M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.3M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers