Twitter | Pretraživanje | |
Rh0
Security Research • Program Analysis • Bugs and Exploits
329
Tweetovi
346
Pratim
402
Osobe koje vas prate
Tweetovi
Rh0 proslijedio/la je tweet
InfoSect 2. velj
Pointer Compression in V8 and what it means for browser exploitation by
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
Zero Day Initiative 14 h
Tried to reverse a wireless router only to be thwarted by encrypted firmware? shows methods for overcoming this roadblock in his latest blog.
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
Niklas B 12 h
just found that this writeup for CVE-2019-9793, a range analysis bug in Spidermonkey found by and analyzed by me is now unrestricted: I thought it was a cool bug, although unfortunately Spectre mitigations prevented exploitation as far as I know
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
Maddie Stone 18 h
Here are the slides for my presentation today at on variant analysis for 0-days used in the wild. I discuss 3 case studies, covering the approach, findings, and lessons learned.
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
j00ru//vx 30. sij
Just published a follow-up to my Adobe Reader symbols story on the Project Zero blog. Turns out there's even more debug metadata to be found in some old (and new) builds, including private CoolType symbols. Enjoy!
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
Zero Day Initiative 16. sij
To get set for Miami, exploits a SCADA bug submitted by and shows how you can too. See how he pops calc at
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
Samuel Groß 9. sij
I'm very excited to share my blogpost series (including PoC code) about a remote, interactionless iPhone exploit over iMessage:
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
Andrea Fioraldi 7. sij
Today the Superion fuzzer is not anymore open-source on GitHub () so I created an organization called Fuzzers-Archive that aims to collect unmaintained fuzzers to prevent this situation. Open an issue to ask for additions:
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
Jiliac 26. pro
We made a website which shows a genealogy of fuzzers: Basically, this is a fork from the one we have in the survey, but which we can keep up-to-date and where anyone can contribute at:
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
Abdulrhman Alqabandi 24. pro
Writeup on how I made $40,000 breaking the new Chromium Edge using essentially two XSS flaws.
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
F-Secure Labs 24. pro
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
Zero Day Initiative 16. pro
In the 1st of our Top 5 bugs for 2019, takes a look at a sandbox escape in originally submitted to the program by . Read the details at
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
Axel Souchet 6. pro
Here is an exploit chain I wrote for Firefox that gets RCE via CVE-2019-9810 and escape the sandbox with CVE-2019-11708/CVE-2019-9810. Once compromised, it drops a payload and injects privileged JS code in already/newly created tabs.
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
Zero Day Initiative 2. pro
Start off the week with the 2nd part of 's look into reversing a TP-Link TL-WR841N wireless router. His write-up includes a full exploit & a video demonstration of ZDI-19-992.
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
Zero Day Initiative 26. stu
Correction: Take a deep dive into a winning bug as breaks down an entry used by (Amat Cama and Richard Zhu) at this year’s Pwn2Own in Vancouver.
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
Bruno Keith 17. stu
I published the slides of the talk I gave last Friday
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
PagedOut 15. stu
Paged Out! #2 Thanks to all the authors and the institute! Enjoy!
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
qwertyoruiop 8. stu
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
Sean Heelan 30. lis
At CCS '19 next month I'll be presenting a paper titled "Gollum: Modular and Greybox Exploit Generation for Heap Overflows in Interpreters". More details @
Reply Retweet Označi sa "sviđa mi se"
Rh0 proslijedio/la je tweet
Robert Swiecki 28. lis
honggfuzz-rs has already found dozens of bugs in Rust packages, the python-hfuzz might help you to do the same with your python code: (from the author of honggfuzz-qemu).
Reply Retweet Označi sa "sviđa mi se"