Suraj

For the past month, Pwno has autonomously discovered 29 vulnerabilities across Linux, FFmpeg, V8, Firefox, Webkit, Redis, PostgreSQL; with 15 OOBs, 6 UAFs. Most of these bugs are fixed; some are still in the disclosure process. you can see them at https://t.co/JZILRc7Pbd It is really a pay-off moment for me. the idea of Pwno started out by simply harnessing gdb for solving ctf pwn challenges, exactly two years ago. eight months ago, after deciding to pivot from a campus startup I worked on for a couple of months, I decided to pick up what brought me to this crazy world of computer systems in the first place, binary security; and choose the most interesting problem I could ever think about: making AIs that can find cool memory bugs. I am always saying we're doing research, but the fact is just that most of the time things don't work out. It takes a lot of learning, trial and error, rebuilding things from scratch, and most importantly in someway believing in things could work out even at times it sounds stupid to say. it always amazes me how we can reinterpret systems that are entirely created by us in a completely different way. we'll hopefully find and patch more interesting bugs that in some way help the internet a little:)