Oege de Moor

@oegerikus

CEO and founder of Semmle. Securing software, together: developers, security researchers and the community.

Vrijeme pridruživanja: listopad 2017.

Tweetovi

Blokirali ste korisnika/cu @oegerikus

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @oegerikus

  1. Prikvačeni tweet
    18. ruj 2019.

    1/7 I’m overjoyed to share that is joining !

    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    1. velj

    Im so excited about this. Korea have always been on my bucket list. I watched too many korean movies!

    Poništi
  3. proslijedio/la je Tweet
    29. sij

    I enjoyed this article from . It is the kind of post that I find more useful as reader: a collection of tips to overcome common issues and pitfalls when executing a real-life task =>

    Poništi
  4. 30. sij

    In my team at GitHub, we'd like to study examples of "nefarious commits" in open source, which introduce a bug on purpose. Can you point me at such commits? Could it have been detected by analysing the committer's behaviour as well as the code change itself?

    Poništi
  5. proslijedio/la je Tweet
    23. sij

    You can catch the rerun of last night’s lightning talks here. TL;DR: fancy grep with CodeQL, backdoor grep with MSFT, Windows RPC wrapping for fun and convenience, and a game of “who’s SAML key is it really tho?”

    Poništi
  6. proslijedio/la je Tweet
    23. sij

    ICYMI: Thursday mini-challenge: Triage some of the bugs on and report interesting ones to the maintainers! We have pretty cool GitHub swag waiting for you.

    Poništi
  7. proslijedio/la je Tweet
    16. sij

    My favorite articles are the ones that walks you through the author methodology and strategy to find/exploit bugs. This is the case for last post on Chrome IPC vulnerabilities:

    Poništi
  8. proslijedio/la je Tweet
    15. sij

    Assert yourself on the browser playground with ’s guide to hunting Chrome IPC sandbox escapes:

    Poništi
  9. 10. sij

    A chance to work with one of the world leaders (in thought AND action!) in devsecops:

    Poništi
  10. 10. sij
    Poništi
  11. 3. sij
    Poništi
  12. proslijedio/la je Tweet
    2. sij

    We are pleased to announce that is co-sponsoring the bounty program! Find bugs, write queries to eradicate them from open source projects at scale!

    Poništi
  13. proslijedio/la je Tweet
    2. sij

    Know more about our bounty program. All for one, one for all: Write a CodeQL query that is added to the CodeQL default query set. Such queries must identify a class of vulnerabilities with a low false positive rate. An award up to $3000 will be granted.

    Poništi
  14. proslijedio/la je Tweet
    1. sij

    Happy new year! Let's all try to make 2020 the year of Open Source Security!

    Poništi
  15. proslijedio/la je Tweet

    You have one week left to get a chance to win a Nintendo Switch by trying to Capture the Flag. It's not too late, join the contest:

    Poništi
  16. proslijedio/la je Tweet

    We have paid our first bounty rewards for securing open source code! $4,500 so far, and it's just a beginning. Keep them coming folks! Get rewarded for making the open source code we all rely on more secure!

    Poništi
  17. proslijedio/la je Tweet
    23. pro 2019.

    The 4th and final post of my "whoopsie-daisy" series. This one is about getting code execution from a heap overflow on a 2GB string, with a few obstacles such as ASLR and UTF8 restrictions.

    Poništi
  18. proslijedio/la je Tweet
    17. pro 2019.

    Part 2 of the "whoopsie-daisy" series. This one is about exploiting a TOCTOU. It includes some info about user ids (RUID/EUID/SUID), signals (SIGSEGV/SIGTRAP), advisory file locks, and inotify.

    Poništi
  19. proslijedio/la je Tweet

    You have two weeks left to join our Capture the Flag contest and win a Nintendo Switch, or cool GitHub swag! Write a CodeQL query to find a specific class of DOM-based XSS vulnerabilities.

    Poništi
  20. proslijedio/la je Tweet
    12. pro 2019.

    First blog post in a short series about some vulnerabilities that I found in Ubuntu's crash reporter earlier this year. I learned a lot from working on the exploits, so I am going to share some of the tips and tricks that I learned.

    Poništi
  21. proslijedio/la je Tweet
    10. pro 2019.

    Cool vulnerability from ! It's an interesting bug to create a CodeQL query. Who is up to the challenge? Here are more details:

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·