Perri Adams @perribus - Twitter Profile

Pinned Tweet

about 1 year ago

Back in 2023, the assessment of the pre-authentication vulnerability in SSH was that it wasn't exploitable on Linux. For my OffensiveCon 2025 keynote, I wrote enough of an exploit to show, with the right heap groom and stabilization, it's likely exploitable. Then I tried to have AI do it. Up to @taviso whether that merits switching to Windows 98 :) https://t.co/KfqmJqvlJu

Tavis Ormandy

@taviso

over 3 years ago

If someone get a working OpenSSH exploit from this bug, I'm switching my main desktop to Windows 98 😂 (this bug was discovered by a Windows 98 user who noticed sshd was crashing when trying to login to a Linux server!)

5

174

18

7

69K

4

245

35

64

52K

perribus retweeted

Royal Hansen @royalhansen

about 1 month ago

We won't stop until getting a fix into production is no longer the bottleneck in defending society's critical systems. https://t.co/F374wW2IJ5

3

23

10

15

3K

perribus retweeted

Claude

@claudeai

3 months ago

Introducing Claude Code Security, now in limited research preview. It scans codebases for vulnerabilities and suggests targeted software patches for human review, allowing teams to find and fix issues that traditional tools often miss. Learn more: https://t.co/n4SZ9EIklG

2K

50K

6K

25K

26M

perribus retweeted

Sean Heelan @seanhn

4 months ago

What mathematicians call "literature review" should be familiar to you as "vulnerability research". Or, put another way: https://t.co/Dm2yWg4r6X is currently the best benchmark for LLM capabilities in finding 0days.

seanhn's tweet photo. What mathematicians call "literature review" should be familiar to you as "vulnerability research".

Or, put another way: https://t.co/Dm2yWg4r6X is currently the best benchmark for LLM capabilities in finding 0days. https://t.co/KzAxtbD2ri

6

168

19

123

30K

Who to follow

offensivecon

@offensive_con

OffensiveCon Berlin is a technical international security conference focused on offensive security only. Organised by @Binary_Gecko. Stay tuned #OffensiveCon26.

RET2 Systems

@ret2systems

We strive to reimagine vulnerability research, program analysis, and security education as it exists today. An @RPISEC corporation.

REcon

@reconmtl

REcon: Annual reverse engineering and security conference held in Montreal.

perribus retweeted

[email protected] @Zardus

4 months ago

Hello security researchers! Like it or not, agentic AI is here. It’s time to explore its impact on novel, academic research in cybersecurity. To this end, we’re launching the Conference for Synthetic Security Research (https://t.co/uvE3Fp12L7). Researchers, start your agents!

15

403

68

246

37K

perribus retweeted

Richard Johnson

@richinseattle

7 months ago

Literally the other half of AIxCC that no one paid any attention to

3

55

7

10

13K

Perri Adams

@perribus

8 months ago

Great example of what a game changer AI is for lit review (in and of itself a critical capability but should not be conflated with creating novel solutions)

Mark Sellke @MarkSellke

8 months ago

Update: Mehtaab and I pushed further on this. Using thousands of GPT5 queries, we found solutions to 10 Erdős problems that were listed as open: 223, 339, 494, 515, 621, 822, 883 (part 2/2), 903, 1043, 1079. Additionally for 11 other problems, GPT5 found significant partial progress that we added to the official website: 32, 167, 188, 750, 788, 811, 827, 829, 1017, 1011, 1041. For 827, Erdős's original paper actually contained an error, and the work of Martínez and Roldán-Pensado explains this and fixes the argument. The future of scientific research is going to be fun.

40

910

89

303

912K

1

5

0

1

2K

Perri Adams

@perribus

8 months ago

@yo_yo_yo_jbo @DistrictCon Send [email protected] an email or just submit the bug! The team is currently working on AV support for presentations but there should be a way to accommodate!

1

3

0

140

Perri Adams

@perribus

8 months ago

Have a Furby 0-day? A Juicero exploit? A bewitched 🪄PoC for some cursed, End-of-Life 👻 product that your friends keep begging you to stop reverse engineering & touch grass? We see you: your real friends are at @DistrictCon Junkyard. 9 days to submit your most unhinged bugs!

perribus's tweet photo. Have a Furby 0-day? A Juicero exploit? A bewitched 🪄PoC for some cursed, End-of-Life 👻 product that your friends keep begging you to stop reverse engineering & touch grass?

We see you: your real friends are at @DistrictCon Junkyard. 9 days to submit your most unhinged bugs! https://t.co/yNHiUoNYxF

2

55

13

11

12K

perribus retweeted

Dino A. Dai Zovi

@dinodaizovi

8 months ago

This is not that much different than server-driven UI for mobile apps, where server-side logic controls layout, actions, and flow in mobile app UI. It was created to allow changes faster than a client code release could support. Software is software and good patterns re-appear.

0

5

1

2

2K

Perri Adams

@perribus

8 months ago

https://t.co/j9j926Wk63

Perri Adams

@perribus

8 months ago

We believe in paying responsible security researchers for their hard work! 🤑

0

34

7

0

8K

0

3

1

0

868

Perri Adams

@perribus

8 months ago

https://t.co/v9N3IiY6HI

1

5

0

1

843

Perri Adams

@perribus

8 months ago

We believe in paying responsible security researchers for their hard work! 🤑

Ryan Speers @rmspeers

8 months ago

We still have some spots open for DistrictCon junkyard speakers! Not only do you have a chance to show off your awesome work on an end of life target that needs attention – or laughs – but also we are giving out cash prizes to winners!!!

rmspeers's tweet photo. We still have some spots open for DistrictCon junkyard speakers! Not only do you have a chance to show off your awesome work on an end of life target that needs attention – or laughs – but also we are giving out cash prizes to winners!!! https://t.co/wUjEJksvij

3

21

4

18K

0

34

7

0

8K

perribus retweeted

chompie

@chompie1337

8 months ago

bring your eol exploits to @districtcon junkyard! now’s the time to flex yr cute demo

1

98

18

15

16K

perribus retweeted

RE//verse

@REverseConf

8 months ago

RE//verse 2026 CFP is open! Got research? Prove it: https://t.co/5l5IZLKzdZ

0

20

7

3

6K

perribus retweeted

kuzushi

@kuzushi

8 months ago

This might actually be one of the best panel talks I've ever attended. @OffensiveAIcon

0

13

4

0

3K

Perri Adams

@perribus

8 months ago

Had a great time doing a keynote panel with Rob Joyce and Dave Aitel at @OffensiveAIcon… and love the creative engagement from the audience Photo credit to @caseyjohnellis

perribus's tweet photo. Had a great time doing a keynote panel with Rob Joyce and Dave Aitel at @OffensiveAIcon… and love the creative engagement from the audience

Photo credit to @caseyjohnellis https://t.co/I6S1gVoR53

3

26

4

2

3K

perribus retweeted

Adam Chester 🏴‍☠️ @_xpn_

8 months ago

Watching @daveaitel @RGB_Lights and @perribus trade friendly blows during the Keynote Panel at Offensive AI Con is too good!

0

14

2

0

2K

perribus retweeted

Offensive AI Con @OffensiveAIcon

8 months ago

OAIC Day 1: Complete ✅ The conversation and idea sharing from yesterday's sessions have been bar-none. Plus, a full moon for last night's rooftop party! On deck this morning: --> Breakfast from 7-8:45 AM --> Kickoff at 9 AM with our keynote panel, featuring @RGB_Lights, @perribus, and @daveaitel. #OAIC2025 #OffensiveAICon

OffensiveAIcon's tweet photo. OAIC Day 1: Complete ✅ The conversation and idea sharing from yesterday's sessions have been bar-none. Plus, a full moon for last night's rooftop party!

On deck this morning:
--> Breakfast from 7-8:45 AM
--> Kickoff at 9 AM with our keynote panel, featuring @RGB_Lights, @perribus, and @daveaitel.

#OAIC2025 #OffensiveAICon

0

24

6

0

2K

perribus retweeted

Xinyu Xing @xingxinyu

8 months ago

🚀 From DARPA #AIxCC to SWE-bench! Team 42-b3yond-6ug’s small coder model is now: 🏆 #1 on SWE-bench (lite) 💡 #6 on SWE-bench (verified) All while using far less compute than the giants ahead. Big thanks to #AIxCC for fueling this journey!

xingxinyu's tweet photo. 🚀 From DARPA #AIxCC to SWE-bench!
Team 42-b3yond-6ug’s small coder model is now:
🏆 #1 on SWE-bench (lite)
💡 #6 on SWE-bench (verified)

All while using far less compute than the giants ahead.
Big thanks to #AIxCC for fueling this journey! https://t.co/rzBPrKjOzC

2

30

4

10

4K

perribus retweeted

Rob T. Lee

@robtlee

8 months ago

Excited to be here at #OffensiveAICon for the next two days. 200 people focusing on offensive capabilities surrounding AI in the cybersecurity world. This team is top-notch and couldn't have brought together a more spectacular bunch of people to speak and to be able to participate in the event. I’m hoping to learn a lot. Interact with all the wonderful offensive AI minds. @RGB_Lights @daveaitel @mbazaliy @joshua_saxe @perribus @cyberphor and many more Shoutout to @dreadnode and RemoteThreat for putting the event together. @OffensiveAIcon @SANSInstitute @SANSOffensive

robtlee's tweet photo. Excited to be here at #OffensiveAICon for the next two days. 200 people focusing on offensive capabilities surrounding AI in the cybersecurity world. This team is top-notch and couldn't have brought together a more spectacular bunch of people to speak and to be able to participate in the event.

I’m hoping to learn a lot. Interact with all the wonderful offensive AI minds.

@RGB_Lights @daveaitel @mbazaliy @joshua_saxe @perribus @cyberphor and many more

Shoutout to @dreadnode and RemoteThreat for putting the event together. @OffensiveAIcon @SANSInstitute @SANSOffensive

1

5

2

1

1K

Perri Adams

@perribus

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users