Matthias Kaiser

@matthias_kaiser

Vulnerability Researcher at . Tweets are my own.

Neu-Ulm, Deutschland
Vrijeme pridruživanja: svibanj 2009.

Tweetovi

Blokirali ste korisnika/cu @matthias_kaiser

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @matthias_kaiser

  1. proslijedio/la je Tweet
    prije 16 sati

    Our first blog post of 2020 is out! Learn about how we discovered a heap overflow in the F-Secure Internet Gatekeeper, which leads to unauthenticated RCE

    Poništi
  2. proslijedio/la je Tweet
    prije 16 sati

    We're excited to welcome Felix Wilhelm () to Project Zero today!

    Poništi
  3. proslijedio/la je Tweet
    23. sij

    I found a Freemarker template injection bug in Artifactory a few months ago, but I couldn't create new objects because the ?new and ?api built-ins were disabled. I ended up reusing existing objects within scope and found a way to read/write files:

    Poništi
  4. proslijedio/la je Tweet

    The final count is in, and with 92.5 points total, and are crowned Master of Pwn! Congratulations to everyone who participated. We'll have a full wrap video with all the results available tomorrow morning. We'll see you in Vancouver.

    Poništi
  5. proslijedio/la je Tweet
    23. sij

    Guys I’m really excited to announce that Bryan and I are teaching courses open to the public! Tickets are live as I tweet. We’ll be adding more advanced Ghidra and classes in the near future. Find me at and chat me up!

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    20. sij

    Reverse engineering is mostly about naming stuff

    Poništi
  7. proslijedio/la je Tweet

    Setup is well underway for Miami. Can’t wait to get started. The drawing for order will be at 8:30 tomorrow morning.

    Poništi
  8. proslijedio/la je Tweet
    17. sij

    Rumble in the pipe - a nice writeup about a vuln in by our teammate

    Poništi
  9. proslijedio/la je Tweet
    16. sij

    -2020-2551 Weblogic RCE via iiop protocol, funny bug:D

    Poništi
  10. proslijedio/la je Tweet
    16. sij

    CVE-2020-2551 WebLogic RCE via IIOP protocol.

    Poništi
  11. proslijedio/la je Tweet
    16. sij

    My favorite articles are the ones that walks you through the author methodology and strategy to find/exploit bugs. This is the case for last post on Chrome IPC vulnerabilities:

    Poništi
  12. proslijedio/la je Tweet
    14. sij

    I'm excited to share my post about discovering & exploiting multiple critical vulnerabilities in Cisco's DCNM. Busting Cisco's Beans :: Hardcoding Your Way to Hell PoC exploit code:

    Poništi
  13. proslijedio/la je Tweet
    10. sij

    Thank you all for the best wishes. I will be joining a team of great security researchers at . Excited to start contributing to a better and more secure OSS!

    Poništi
  14. proslijedio/la je Tweet
    7. sij

    Full analysis and exploit for Windows kernel ws2ifsl use-after-free (CVE-2019-1215) by our researcher

    Poništi
  15. proslijedio/la je Tweet
    2. sij

    So many exciting things happening this year! First up? is releasing advisories for multiple auth bypass and over 💯 RCE vulnerabilities today in Data Center Network Manager. If permitted, a technical blog post will be released shortly after detailing how I did it :->

    Poništi
  16. proslijedio/la je Tweet
    22. pro 2019.

    's Android diff engine managed to detect changes in the recent security patch of Twitter! WARN: It still requires an in-depth analysis to check if this change fix a vulnerability but it can be a good starting point though.

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    17. pro 2019.

    New blog post outlining how to use my .NET RPC Client tooling from PowerShell and C# to test and exploit local RPC security vulnerabilities. Also an early xmas present for those who enjoy long standing design flaws in UAC :-)

    Poništi
  18. proslijedio/la je Tweet

    New Advisory: Multiple found in Barco ClickShare. Read this post disclosing flaws affecting the button device, base unit, and client software which could enable attackers to intercept and manipulate data >> by

    Poništi
  19. proslijedio/la je Tweet
    10. pro 2019.

    Full list of talks for is now up! Only 50 seats left!

    Poništi
  20. proslijedio/la je Tweet
    11. pro 2019.

    WORKSHOP: Can’t Grep This: A Gentle Introduction to CodeQL by from

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·