Olivia
Online
Francesco Soncina
@phraaaaaaa
OSCE // OSCP // Ethical Hacker & Red Teamer // Full Stack Developer // CTF Player @DonkeysTeam
Amsterdam, NL
Joined March 2011
3.9K Following
3.3K Followers
1.1K Posts
Pinned Tweet
Process Creation is Dead, Long Live Process Creation — Adding BOFs Support to PEzor
Since the release of Beacon Object Files (BOFs), I wanted to support them as a new kind of output format in PEzor... Let’s dive into this short journey!
https://t.co/O6E6ImRUeL
We released our Fuzzilli-based V8 Sandbox fuzzer: https://t.co/eVkR1bl76n
It explores the heap to find interesting objects and corrupts them in a deterministic way using V8's memory corruption API. Happy fuzzing!
@chompie1337 So cute!!!!
just found out WinRAR sells rly cool merch including this messenger bag shaped like the logo 🫣
Who to follow
MDSec
@MDSecLabs
Consultancy and Training for offensive security by trusted experts | https://t.co/HtHSYcDxoK | https://t.co/UvOhGA5xe2 | @nighthawk_c2
Matt Hand 
@matterpreter
Building @originhq | Author, Evading EDR @nostarch
Adam Chester 🏴☠️
@_xpn_
Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOlmau2 | Insta at https://t.co/PqR6CZQ48T
Another approach to disable EDRs (with anti-tampering). Credit goes to @sixtyvividtails for the idea🧙♂️
PendingFileRenameOperations and an NTFS junction, we can ask Windows to delete EDR binaries on reboot (with Admin privs)
A link to a complete GitHub PoC follows in replies
I read Google's paper about their quantum computer so you don't have to.
They claim to have ran a quantum computation in 5 minutes that would take a normal computer 10^25 years.
But what was that computation? Does it live up to the hype?
I will break it down.🧵
GitHub - TheN00bBuilder/cve-2024-11477-writeup: CVE-2024-11477 7Zip Code Execution Writeup and Analysis - https://t.co/W8Uz3h3zfx
Releasing full 2+hr video of my browser exploitation workshop from VXCON 2024: https://t.co/SBn4fMarPU
In which I show what goes inside the mind of a skilled hacker while exploiting a highly non-trivial vulnerability in v8, from zero to exploit concept.
Especially this workflow requires advanced abstract thinking, thereby emphasize the role of theoretical modeling in attacking hard zeroday research targets, which is a part of why it's fun. @zerodaytraining
This has been one of my favorites for a while, but now it's time to let it go.
Here's my preferred way of getting the KeePass db that we often hunt for:
downgrade the executable to version 2.53, use CVE-2023-24055 and wait for the busy admin to trigger the dump of the database.
The target can remain clean and you can simply check for the dump creation.
KeePass version 2.53 can still open kdbx created with the version 2.57 and if using a proper xml the user will likely notice nothing.
Update alerts can also be disabled within the xml.
https://t.co/htO0nrvJ37
In part 3 of his series on exploiting #Exchange #Powershell after ProxyNotShell, ZDI researcher @chudyPB chains 3 bugs that lead to RCE, mainly by abusing the single-argument constructor conversions. Read the details at https://t.co/5ZVivtooV8
New blog from me on manually manipulating Vectored Exception Handlers to evade some EDRs and perform threadless process injection.
https://t.co/F28cj9jDqf
Accompanying code: https://t.co/FZ84gUMCsf
Google Chrome In-The-Wild Type Confusion in V8 (CVE-2024-7971 [360700873]) happens when handling loop inputs inside WASM baseline (A.K.A Liftoff) compiler/assembler:
https://t.co/qhBhbIiPeY
[RELEASE] Following the talk at DEF CON, I'm releasing all the POC projects associated with DriverJack. More info in the repos. For any additional info, hit me up ;)
- https://t.co/VmVpVtNkhD
- https://t.co/Cdzi5RBgVE
- https://t.co/RjN05qKeXg
In the UPDATE section of my post https://t.co/3I9JjQ1QaK, I explained why you won't find my acknowledgment for CVE-2024-38061 any more.
With the #GhostWrite CPU vulnerability, all isolation boundaries are broken - sandbox/container/VM can't prevent GhostWrite from writing and reading arbitrary physical memory on affected RISC-V CPUs. Deterministic, fast, and reliable - no side channels. https://t.co/qtmosPvuYl
My talk demonstrating how with minor tweaks you can really frustrate command line-based detections across Windows, Linux and MacOS is now live:
⚡ https://t.co/oSCExESf7A
@BSidesDublin #threatdetection #threathunting #lolbas #offsec
Here’s a blog post covering all the technical details behind a strcpy bug I found in the Tony Hawk video game series that can be used to hack several gaming consoles and even get RCE on the over the network https://t.co/8vZgnTQhUk
We're not talking about espionage. This new LaurieWired video is about Inter-process communication.
(ok, it's also about espionage, but only because it's a great analogy)
https://t.co/d3I2QzcbGo
Checkout FizzBuzz101's corCTF 2024 challenge writeups!
Leaking Flags from Initramfs with Spectre v1: https://t.co/h9Hndf61wu
KVM Escape from a nested L2 guest to the L1 hypervisor: https://t.co/yEOu4yvhFf
How to achieve code execution with an Out-of-Bounds Write in Chrome V8 engine (Maglev compiler)
https://t.co/NwRnwpMQfR
Credits Javier Jimenez and Vignesh Rao
#chrome #cybersecurity
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69.1M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.7M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers