Olivia
Online
lukas seidel
@pr0me
AI x Infosec Researcher @RevEng_AI • Binary Program Analysis • PhD Candidate @TUBerlin • prev. built @VulHuntRE at Binarly • Capturing Flags for @ENOFLAG
Germany
Joined June 2011
415 Following
1.9K Followers
1.9K Posts
Pinned Tweet
Our work on exploring new ways for efficient firmware fuzzing will be published at @USENIXSecurity 2023!
With SAFIREFUZZ, we introduce near-native rehosting, drastically improving the performance of fuzzing embedded targets.
Super happy about this work w @domenuk @nSinusR
@wasure_ro how to become a shareholder?
the method seems interesting in that it really combines the best of both worlds: the scalability and automation of LLMs with the fidelity and precision of symbolic execution.
work by Shafiuzzaman, @WenboGuo4 et al.:
https://t.co/Bny1CktROG
Who to follow
acez
@amatcama
AI Extension
Tim Blazytko
@mr_phrazer
Binary Security Researcher & Trainer | PT Chief Scientist @ Emproof
Also at https://t.co/YBfgAt3kc7
Tobias Scharnowski
@ScepticCtf
Hardware-free embedded software fuzzing at https://t.co/h3RnGfmzPO. Working on advancing embedded systems software security.
the nice thing about symbolic execution is that every potential bug site comes with an input reaching it, but building harnesses is laborious.
with SAILOR, a new paper combines static analysis with LLMs to automate this process
finally, the identified inputs are replayed and validated against the unmodified source instrumented with ASAN.
with this approach, the authors claim to have identified over 300 new memory corruptions in open source projects with up to 1.8MM LoC.
@S1r1u5_ code review was always my biggest gripe with claude/codex and why I kept coming back to cursor, way more control over actual changes.
last week I found that warp terminal actually has pretty neat review functionality (after making changes with codex et al.) WITH LSPs
decompilers historically have poor support for language-specific constructs, beginning with C++ templates or classes, not even talking about Go or Rust.
this work is astonishingly high-quality, from my first little tests it makes Rust decompilations indeed way more approachable
For years, Rust binaries made reversing a nightmare. Modern decompilers only support C, lacking meaningful types, constructs, and language-specific functions. Led by @34r7hm4n, we're releasing our S&P work Oxidizer, the first deep Rust decompiler, built on angr!
Interested? 🧵👇
@zephyr_z9 I hope we don't have to wait too long to find out if 3.5 pro will be an actual improvement over gpt5.5
@rez0__ they're really hiring like crazy it seems
@cursor_ai codex is cool but you guys keep giving me reasons to come back again and again
@owl_posting @zetalyrae I like them. I think using personalized "art" can add to the content and give a blog post an aesthetic feel and direction, something I would not have had the means to do pre-AI.
damn that's cool. who is flying me out?
Offensivecon is coming to Tokyo! 🔗 https://t.co/VGZ1shw2b1
Ticket shop, sponsorships and CFP are already open...
@orange_8361 congrats!
really hoping there will be writeups, especially for the logic-only chain :)
@moyix yesss, hope it drops soon
@Teknium super nice!
also, can we get shift+enter line breaks for formatting prompts, makes things way more structurable
@h0mbre_ maybe pre-filtering? there seemingly were many people with valid exploits this year who didn't get in. maybe zdi was afraid of a potential drop in quality of submission and maximized for people with a track record
@orange_8361 crazy, congrats!
from what I've heard from people, mythos' strengths are that it
a) requires no handholding
b) has a low FP rate
but it makes sense that strong long-context reasoning and self-verification come at a cost
"Mythos Preview is powerful, but the real choice is to either pay for an agent to use Mythos Preview for a bit, or to use GPT-5.5 for as long as needed. The better option depends on the use case; often, it’s the latter." 🔥
For the past 2 months, XBOW has been testing Mythos Preview under embargo as part of a select early-access group.
Today, we can finally share what we found.
The headline: Mythos Preview is a major advance. It is substantially better than prior models at finding vulnerability candidates, especially when source code is available.
But it’s not perfect. We surfaced issues with exploit validation, judgment, and efficiency.
Our full write-up covers where Mythos Preview shines, where it still needs support, and what we think this means for the future of offensive security: https://t.co/wPIhNeztO9
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers