Olivia
Online
Krishs
@shsirk
Vulnerability Researcher
India
Joined October 2012
531 Following
306 Followers
2K Posts
Pinned Tweet
After Foxit, It was fun pwning Adobe Reader! Learned quite a lot of things. New achievement unlocked.
AI-Powered Reverse Engineering Plugin for IDA Pro 9+.
One-click explanations understand weird control flow instantly, Smart auto-renames suggestions, vulnerability hints, semantic graphs, RAG search, and docs.
Game-changer for RE & malware analysis, CTF people
- https://t.co/2bSI0k1dkD
Enhanced Insecurity Mode: 23 RCEs in Edge's "Safe" WebAssembly Interpreter
Microsoft's "safer" fallback when the WASM JIT is off? 23 paths to RCE in the interpreter itself. Slides now public — huge thanks to the OffensiveCon crew and everyone who came by.
@offensive_con
I’ve tried various agent pipelines, and here is one of them. It found five type-confusion bugs in V8 Wasm: three under non-default flags and two in DrumBrake/MS Edge.
The repo includes all the bugs in detail, along with a README file that explains how the pipeline works, the prompts used, and many of the genomes it generated.
Since the README is enough to let Claude vibe-code it, I won’t upload my messy and embarrassing code.
Have fun :)
https://t.co/N6zbZmzW8K
Who to follow
POC_Crew 
@POC_Crew
Organizer of Zer0Con, MOSEC and #POC2026
(https://t.co/6pIiBKhgxm)
VictorV
@vv474172261
Binary Sec😉VMware Escape at TFC 2018/21/23. Hyper-V Escape. Top3 of MSRC 23Q3/Q4/24Q1/Q3/Q4/Annual/25Q1/Annual. Watchlist for security news.
Hossein Lotfi
@hosselot
Application security specialist at ZDI (views are my own). Check #hosselot_tips for vulnerability research tips.
My Windows reverse engineering and exploit research workflow has been:
1. Pick a binary to research like tcpip.sys
2. Use https://t.co/fOxBB6tEsN to automate seeing existing binary versions, download, and generate diffs from them
3. Load the resulting .binexport's and .bindiff into an LLM and ask it to analyze
4. Look up the build number of previous Windows version that old binary existed in from https://t.co/U788ndiJbj such as 26100.8328 and create a VM from it
5. Write code and test, working backwards from LLM analysis
As promised - full blog post is live for CVE-2026-40369
Covers everything: initial research, methodology, the exploitation path, caveats, cleanups, etc. The whole journey from finding it to production-grade exploit:
https://t.co/XhRTncgRfd
Just dropped my full notes on Pwn2Own Berlin 2026. Broke down the big wins by DEVCORE, the actual techniques they used, why these matter in the real world, and exactly where you can practice the same skills yourself. Full article here #Pwn2Own #P2OBerlin #CyberSecurity
🚀 Launching: Mr. Chartist Options Terminal
⭐ Star it → https://t.co/6aP8fVWW46
India's best open-source F&O analytics platform. Built for traders who are tired of paying ₹2K/mo for option chain data.
✅ Live Option Chain + Greeks
✅ Strategy Builder with payoff charts
✅ IV Rank Scanner
✅ FII/DII Activity tracker
✅ Position Tracker with P&L sim
✅ Dark + Light mode
100% free. Open-source. Self-hosted.
#OptionsTrading #NIFTY #BANKNIFTY #NSE #OpenSource #IndianStockMarket
Exploit and mini writeup for CVE-2025-5419.
https://t.co/6XvoVSuii5
Remember that great OffensiveCon talk? Or sad you missed it? Well, here are the slides for it! https://t.co/wBWo4lHmVu
My BlackHat USA presentation's whitepaper and slide are now public.
https://t.co/eSgeWlMMRe
#bhusa
(CVE-2025-1920)[$7000][398065918][maglev]Type Confusion
https://t.co/6pNlXqNRHU
https://t.co/E92Be0RVJb
https://t.co/dggBGosDtM
Revert:
https://t.co/bIWMO03OuU
Reland:
https://t.co/mOW5E3rZfU
Revert Reland:
https://t.co/EBK89r4Q7F
Reland^2:
https://t.co/5CWN3yqAIE
I have posted the slides for the talk @chompie1337 and I gave this past weekend at @h2hconference -> The Kernel Hacker’s Guide to the Galaxy: Automating Exploit Engineering Workflows #H2HC
https://t.co/Cl8b58KkAv
Disclosure of 7 Android and Google Pixel Vulnerabilities - PoC published : https://t.co/XeaszDQLzl
PoC :
Releasing full 2+hr video of my browser exploitation workshop from VXCON 2024: https://t.co/SBn4fMarPU
In which I show what goes inside the mind of a skilled hacker while exploiting a highly non-trivial vulnerability in v8, from zero to exploit concept.
Especially this workflow requires advanced abstract thinking, thereby emphasize the role of theoretical modeling in attacking hard zeroday research targets, which is a part of why it's fun. @zerodaytraining
🤔
(CVE-2024-7965 - exploited ITW)[356196918][compiler]Improper optimization of ZeroExtendsWord32ToWord64() leads to Memory Corruption is now open with PoC & RCA
https://t.co/E9Ber15Vjw
![xvonfers's tweet photo. 🤔
(CVE-2024-7965 - exploited ITW)[356196918][compiler]Improper optimization of ZeroExtendsWord32ToWord64() leads to Memory Corruption is now open with PoC & RCA
https://t.co/E9Ber15Vjw https://t.co/HUCuntduNS](https://pbs.twimg.com/media/GcflxFqWAAAX0m4.jpg)
Domato Lives! Today, we merged a WebGPU fuzzer written by @btiszka who used it to find several serious bugs in Chrome. Check it out at https://t.co/NzSn14fBXZ. Potentially also interesting for other browser vendors working on their own WebGPU implementation ;)
Dropped my slide for POC2024 on Linux kernel exploitation, including a journal from Pwn2Own Vancouver earlier this year. Enjoy 🙂.
https://t.co/CUKKpErYMG
CVE-2024-26926 Analysis #LinuxKernel #CVE202426926 #Analysis #GitHub #SecurityVulnerabilities https://t.co/b93W1QhpM3
Analysis of VMware vCenter heap overflow vulnerability exploited at Matrix Cup competitions in China, June 2024 (CVE-2024-38812):
https://t.co/JsK3H1Cpof
Another one in same code, 2023:
https://t.co/jiTT2JVnqK
** Both are RCE to management console, not a hypervisor VM escape!
Last Seen Users on Sotwe
terong janda
Seen from Indonesia
Hot Sexy Mujra
Seen from Netherlands
MaoSword
Seen from Vietnam
your online gf👩🏻💻🖤
Seen from United States
My Thsi
Seen from Australia
Zaira Elora Nayla Kinara
Seen from Singapore
D
Seen from United States
Büş ile Düş 🌸
Seen from Turkey
Yunus
Seen from Turkey
Alexander Kristov
Seen from France
Most Popular Users
Elon Musk
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.9M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.3M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers