cc

@cc0d4y

soat

Iceland
Vrijeme pridruživanja: srpanj 2015.

Tweetovi

Blokirali ste korisnika/cu @cc0d4y

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @cc0d4y

  1. Prikvačeni tweet
    14. lip 2019.

    Find a high-risk 0day, a very happy evening. 😉

    Poništi
  2. proslijedio/la je Tweet
    12. pro 2019.

    All 's IDA scripts have (finally) been ported to Ghidra. Woohoo!

    Poništi
  3. proslijedio/la je Tweet
    9. sij

    My team is once more hiring vulnerability researchers for our Redmond WA office. This is for low-level OS/platform security research work on Windows and Azure. More details on what we do at . Apply directly at or DM me if interested!

    Poništi
  4. proslijedio/la je Tweet
    7. sij

    I wonder if this increases the value of patch diffing results. Because P0 will not disclose what the bugs are for a long time which automatically makes patch diffing more attractive 😂

    Poništi
  5. proslijedio/la je Tweet
    9. sij

    Have reproduced Citrix SSL VPN pre-auth RCE successfully on both local and remote. Interesting bug!

    Poništi
  6. proslijedio/la je Tweet
    9. sij

    I'm very excited to share my blogpost series (including PoC code) about a remote, interactionless iPhone exploit over iMessage:

    Prikaži ovu nit
    Poništi
  7. 10. sij
    Poništi
  8. proslijedio/la je Tweet
    6. pro 2019.

    Here is an exploit chain I wrote for Firefox that gets RCE via CVE-2019-9810 and escape the sandbox with CVE-2019-11708/CVE-2019-9810. Once compromised, it drops a payload and injects privileged JS code in already/newly created tabs.

    Poništi
  9. proslijedio/la je Tweet
    3. pro 2019.

    Collection of public security audits grouped by programming language

    Poništi
  10. proslijedio/la je Tweet
    29. stu 2019.
    Odgovor korisnicima

    Imagine a world where nobody made PoCs anymore. Every changelog would look like Cisco's: " Bug that causes crash"

    Poništi
  11. proslijedio/la je Tweet
    18. stu 2019.

    I want to start this trend in academic papers:

    Poništi
  12. proslijedio/la je Tweet
    17. stu 2019.
    Odgovor korisnicima

    Because Microsoft already has a mature static analysis capability, our bugs are predominantly from fuzzing. A minority are from manual code review. Anecdotally, the majority of bounty-eligible external cases in Windows are from fuzzing.

    Poništi
  13. proslijedio/la je Tweet
    16. stu 2019.

    KnownSec has just announced its bonus plan for zero day exploits. The highest is RMB 20M for a single exploit chain 🤔

    Poništi
  14. proslijedio/la je Tweet
    24. lis 2019.

    ": The iPhone Exploit That Hackers Use to Research Apple’s Most Sensitive Code" This is what the title of this write-up would be if it was a VICE article. This is a detailed write-up of the vulnerability I found and how the exploit really works.

    Poništi
  15. proslijedio/la je Tweet
    11. lis 2019.

    I'm excited that my chipping attack made I'll go into more detail about the attack and defenses in two weeks at the ICS security conference in Stockholm Sweden (with live demo). Hope to see you there!

    Poništi
  16. proslijedio/la je Tweet
    10. lis 2019.

    The effort was inspired by Fortinet's CVE-2018-1040 from last year. Original write-up: . Thanks!

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    10. lis 2019.

    What is it that makes modern fuzzers successful? (Hint: It might not be what you think, and this raises questions.)

    When Results Are All That Matters: The Case of the Angora Fuzzer
    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    4. lis 2019.
    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    27. ruj 2019.

    Debugging an iPhone with Bonobo JTAG cable + OpenOCD + GDB demoted by ch...

    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet

    Any list of “the most important researchers of the last 30 years” that doesn’t include Solar Designer is just plain wrong.

    Poništi
  21. proslijedio/la je Tweet
    17. ruj 2019.

    We, the CWE Team (), are pleased to announce the release of the 2019 CWE Top 25 Most Dangerous Software Errors, the first release since 2011. We look forward to the community's insights and suggestions!

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·