Andrzej Dyjak

@andrzejdyjak

Application Security. Low-level, clouds, and anything in-between.

Warsaw, Poland
dyjak.me
Vrijeme pridruživanja: kolovoz 2016.
10 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @andrzejdyjak

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @andrzejdyjak

  1. proslijedio/la je Tweet
    prije 4 sata

    Just posted my talk "Keeping Windows Secure" touching on security assurance process and vuln research in Windows from 2019:

    7 replies 61 proslijeđeni tweet 150 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    3. velj

    Znamy nazwiska Prelegentów, którzy wystapią na ścieżce Innovation Labs na ! ☄️Bartłomiej Słota ☄️Paweł Skiścim ☄️Marcin Markowski ☄️Jakub Nabrdalik ☄️Andrzej Dyjak ☄️Artur Król Masz szansę stanąć u boku ekspertów! Wyślij 👉

    5 proslijeđenih tweetova 8 korisnika označava da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    31. sij

    After three years of preparation, our SAMM team has delivered version 2 of SAMM! More details here: A big thanks to our community, your feedback, corrections, questions, input, and encouragement. SAMM version 2 is for you!

    42 proslijeđena tweeta 45 korisnika označava da im se sviđa
    Poništi
  4. proslijedio/la je Tweet
    28. sij

    Qualys Security Advisory: LPE and RCE (CVE-2020-7247) in OpenSMTPD, OpenBSD's mail server. Erroneous logic in smtp_mailaddr() which validates user and domain. More details and PoC at: PS: "Did you ever play tic-tac-toe?"

    1 reply 99 proslijeđenih tweetova 161 korisnik označava da mu se sviđa
    Poništi
  5. 24. sij

    On a related note, to this day I’m a little bit sad every time I remind myself that Seven Pernicious Kingdoms by didn’t get traction and ultimately lost to Top 10.

    1 proslijeđeni tweet 1 korisnik označava da mu se sviđa
    Poništi
  6. 24. sij

    I’ve been repeating this for years. Top 10 is not a tool that should be used for software security assessments, ASVS is. Top 10 is good as a library for (1) threat modeling sessions and (2) raising awareness for devs (even though it mixes up classes with particular vulns).

    In a talk by on how we need to move up from the OWASP Top 10 to the ASVS.
    6 korisnika označava da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    18. sij

    My first blog post on browser exploitation for . I'll look at how to pop xcalc on current Linux Spidermonkey given a relative (oob) rw bug. Spidermonkey is the JavaScript Engine in Firefox. Exploit code also supplied.

    136 proslijeđenih tweetova 336 korisnika označava da im se sviđa
    Poništi
  8. 18. sij

    Excellent talk by about complexity, security, and what future may (or may not) bring 👉

    5 proslijeđenih tweetova 17 korisnika označava da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    16. sij

    My favorite articles are the ones that walks you through the author methodology and strategy to find/exploit bugs. This is the case for last post on Chrome IPC vulnerabilities:

    27 proslijeđenih tweetova 76 korisnika označava da im se sviđa
    Poništi
  10. proslijedio/la je Tweet
    8. sij

    Linux Kernel Runtime Guard (LKRG) bypass collection by Ilya Matveychikov, CC

    68 proslijeđenih tweetova 135 korisnika označava da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    6. sij

    ( PL ) VIDEO from my PWNing2019 prelection - "0daying the 0day detection engine"

    7 proslijeđenih tweetova 30 korisnika označava da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    4. sij

    Cool example of extending Domato to PHP

    I've recently been fuzzing the PHP interpreter, and took a UaF bug all the way from crashing-sample to weaponized code execution. Here is the first of several blog posts I plan to write about the process.
    7 proslijeđenih tweetova 11 korisnika označava da im se sviđa
    Poništi
  13. 2. sij

    Bonus points for black swans (you know, like AFL for fuzzing field). Voice your opinion or at least share so I can get opinions of others. Kudos! 2/2

    1 reply
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  14. 2. sij

    What events in your opinion were significant (i.e. moved the needle) in Cyber? e.g. Morris Worm, CodeRed/Nimda, Gates' TCM memo, Operation Aurora, Stuxnet, Shadowbrokers et al, Target & Equifax, Mirai & Internet Census, Heartbleed, Meltdown & Spectre, etc etc etc 1/2

    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  15. 27. pro 2019.

    This. Great keynote by

    Poništi
  16. proslijedio/la je Tweet
    25. pro 2019.

    We made a website which shows a genealogy of fuzzers: Basically, this is a fork from the one we have in the survey, but which we can keep up-to-date and where anyone can contribute at:

    74 proslijeđena tweeta 189 korisnika označava da im se sviđa
    Poništi
  17. proslijedio/la je Tweet
    25. pro 2019.

    Friends, I am very pleased to announce that I have managed to re-assemble the original 29a archives in totality. All zines are now present in what was once their original form. 1luv -smelly__vx

    10 replies 154 proslijeđena tweeta 358 korisnika označava da im se sviđa
    Poništi
  18. proslijedio/la je Tweet
    20. pro 2019.

    My summary of the AWS re:Invent security related announcements:

    11 proslijeđenih tweetova 40 korisnika označava da im se sviđa
    Poništi
  19. proslijedio/la je Tweet
    20. pro 2019.

    JavaScript fuzzing with libFuzzer

    1 reply 50 proslijeđenih tweetova 160 korisnika označava da im se sviđa
    Poništi
  20. proslijedio/la je Tweet
    15. pro 2019.

    nice pointer authentication overview

    36 proslijeđenih tweetova 65 korisnika označava da im se sviđa
    Poništi

@andrzejdyjak još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·