Olivia
Online
Eugene Rodionov
@vxradius
Security Researcher
Joined September 2010
1.1K Following
5.3K Followers
1.1K Posts
Pinned Tweet
A big honor to coauthor with @abc_sup and Gulshan the very first blog from Android Red Team on analysis and exploitation of CVE-2023-20938 in Android Binder driver at https://t.co/UF6nlbbzqT 🔥
The slide-deck presented at @offensive_con is available at https://t.co/CYzOLpWK0B
My new article: "Kernel-hack-drill and a new approach to exploiting CVE-2024-50264 in the Linux kernel"⚡️
I tell a bug collision story and introduce my pet project kernel-hack-drill, which helped me to exploit the hard bug that received @PwnieAwards 2025
https://t.co/0DJzCJYEfm
Slides for my talk at @h2hconference 2024:
Diving into Linux kernel security 🤿
I described how to learn this complex area and knowingly configure the security parameters of your Linux-based system.
And I showed my open-source tools for that purpose!
https://t.co/5VXLNnuDe5
Who to follow
REhints
@REhints
sharing reverse engineering knowledge
Alex Matrosov 
@matrosov
Security REsearch @Anthropicai · Breaking & Fixing AI Failure Modes | Founder @binarly_io · @SBOM_Tools · @REhints | Author “Rootkits & Bootkits" (https://t.co/1wd2dfYHY6)
REcon
@reconmtl
REcon: Annual reverse engineering and security conference held in Montreal.
Excited to share our latest post on memory safety! We're tackling spatial safety in our massive C++ codebase by hardening libc++ *by default*. It adds bounds checks to things like std::vector, preventing a fair bit of out-of-bounds vulnerabilities: https://t.co/Dek3jJaTxn
“Break into the world of vulnerability research... and become a zero-day hunter.” I have a new book with @nostarch!
Behind the curtain of zero-day research, there are fundamental building blocks you can learn. In early access now and out in Spring 2025!
https://t.co/aPcgtFKYMi
Getting made fun of because you cover laptop webcam with a sticker? 😭
Here are materials from my talk about controlling ThinkPad X230 webcam LED over USB presented at POC by @POC_Crew 😎
Use these as a comeback 😁
Slides: https://t.co/REAm5XYAPm
Code: https://t.co/qxlPG6FMVK
A while ago I've given a talk on how to build exceptional security research teams: https://t.co/IUOLEdYNnI - I continue convinced that is all that is needed. The adage "Great people leave managers, not companies" continues to be true.
Project Zero blog:
LLMs find 0days now! 👀
And: our fuzzer setup did *not* reproduce it! https://t.co/xz6j2fzrWe
As promised, here is a new article: PlayStation Vita (Part 1). Enjoy!
https://t.co/hAeNfvLUqK
CVE-2024-9143 (https://t.co/ApXML9Eiuv) was disclosed recently, which was found by OSS-Fuzz-Gen! This is a pretty proud example of our team showing the promise of leveraging LLMs enable more fuzzing coverage.
I've written a post on SELinux and some public bypasses for Android kernel exploitation. It's especially relevant for Samsung and Huawei devices due to their use of hypervisors. Check it out here: https://t.co/UHesQZgjuv
Excited to give this talk 🔥🔥🔥
IDAlib is the first idiomatic Rust bindings library for @HexRaysSA IDA SDK, helping go beyond C/C++ or Python in RE automation. Huge thanks to @xorpse for making it happen! Binarly team ❤️ Rust 🙌
🛠️use idalib::idb::*;
🦀https://t.co/FVnTJmKezi
💥PoC is now public!
target = "https://{ip_address}/cgi/login.cgi"
command = "touch /tmp/BRLY"
libc = 0x76283000 # we try to guess
gadget1 = 0x000D8874 # pop {r0, r1, r2, r3, fp, pc};
gadget2 = 0x001026D4 # mov r0, sp; blx r3;
system = 0x0003C4D4
https://t.co/CU2EQK1Faa
I’m super excited about this blogpost. The approach is so counterintuitive, and yet the results are so much better than anything else that we’ve tried for memory safety. We finally understand why.
https://t.co/cBc3gMLzO6
Exciting story on collaboration between Google Android Offsec and ARM product security on proactively securing Mali GPU attack surface in Android and beyond. Among proactively identified and mitigated issues is CVE-2024-0153 in GPU firmware.
Continuing the series on exploiting Android Binder with Binder internals blog https://t.co/PS2g21SGLi Deep dive into Binder driver by @abc_sup and Gulshan. We also release https://t.co/IoTE5Eex4P -- tiny lib featuring how to do IPC via Binder driver. Happy Binder hacking!
A big honor to coauthor with @abc_sup and Gulshan the very first blog from Android Red Team on analysis and exploitation of CVE-2023-20938 in Android Binder driver at https://t.co/UF6nlbbzqT 🔥
The slide-deck presented at @offensive_con is available at https://t.co/CYzOLpWK0B
Slides and recording from my "SLUB Internals for Exploit Developers" talk at @LinuxSecSummit yesterday 🥳
Slides: https://t.co/wleH6nJDeW
Slides PDF: https://t.co/1x5cvc6wjh
Recording: https://t.co/jjzxebiBOp
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers