RET2 Systems

There are 20 bottles left at our #ShmooCon 2020 booth heist! Finish up your exploit soon, because we are on track to run out of bottles by the end of the day.pic.twitter.com/RutePY05vJ

We're sponsoring @ShmooCon again this year, and we'll be giving away RET2 laser etched @Yeti bottles to the first 50 hackers who solve our binary exploitation challenge at the conference! #reversing #pwningpic.twitter.com/QDKWNrpH7X

We abused a well-defined web standard to exploit a popular cryptocurrency daemon through your browser. Who is up for a little digital heist? ¯\_(ツ)_/¯ https://blog.ret2.io/2019/08/28/sia-coin-dns-rebinding/ …pic.twitter.com/CfidILfLTZ

Our November training on ubiquitous browser exploitation has 14/20 seats filled. Early bird pricing will be ending tomorrow, August 16th. Join us for a week, and we'll teach you how to make every click risky: https://ret2.io/trainings pic.twitter.com/SjNrIt3GpU

During #DEFCON Quals we discovered CPU-level errata... and then we exploited it: http://blog.ret2.io/2019/06/26/attacking-intel-tsx/ … #Intel #TSX #shellcodingpic.twitter.com/HNYCB1hR2S

Feeling adventurous? Another exploit challenge has escaped from our servers. To support ecosystem diversity, the first woman/female-identifying solver will win a FREE seat to our browser exploitation training in June! Click here to play: https://ret2.io/battle pic.twitter.com/o7rmgItQxO

Over half the seats to our browser exploitation training have been filled Both attackers and defenders stand to learn something new. Early bird pricing ends this Friday, register @ https://ret2.io/trainings pic.twitter.com/dkeQO8Kyo7

Want to learn an unreasonable amount about exploiting JavaScript engines? Take our 5-Day Security Training on Advanced Browser Exploitation! June 3 - 7, 2019. Troy, New York Register @ https://ret2.io/trainings pic.twitter.com/u7iZ0Ty9l8

Almost 100 people have solved our crackme ! We're going to be out of mugs by the end of today. But feel free to come by the booth and grab some stickerspic.twitter.com/0hsKyF9JeR

We're hosting a small heist at #ShmooCon! Solve our reverse engineering challenge, steal one of our mugs. The link can be found on the back of our stickers in your bag!pic.twitter.com/di3MnFhwpW

Tomorrow at #35C3, we will give a behind-the-scenes look at the process of #0day Engineering. Watch as we break common misconceptions regarding this increasingly difficult tradecraft: https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9979.html …pic.twitter.com/Hu9rZSw4ur

Daydreaming on the ideals of an interoperable ecosystem for security tooling, the latest release of Lighthouse now supports both Binary Ninja & IDA Pro on all available platforms: https://blog.ret2.io/2018/10/10/lighthouse-v0.8/ …pic.twitter.com/hmgKgByhz5

We've been overwhelmed by the interest into our wargames platform blogpost. For those left wanting more, we contributed a harder challenge to @CSAW_NYUTandon CTF that is running this weekend: https://ctf.csaw.io/challenges#PLC  #CSAW18pic.twitter.com/hbnlbYFWPe

Security education is something we are deeply passionate about, and we're trying to help make it better. Read about the accessible, gamified approach we've been using to teach and scale binary exploitation education: https://blog.ret2.io/2018/09/11/scalable-security-education/ …pic.twitter.com/nLQ2zotOwE

Closing out the #Pwn2Own 2018 blog series with with the details behind our sandbox-to-root privilege escalation (CVE-2018-4193). Write a less-shady exploit, and we'll give you a free #BinaryNinja Commercial License! https://blog.ret2.io/2018/08/28/pwn2own-2018-sandbox-escape/ …pic.twitter.com/Dm2zEqCa8A

Total system #compromise is only possible if you can escape the browser sandbox. Watch as we crack the walls of the #Safari sandbox with a toy fuzzer. Part FIVE of our #Pwn2Own series: http://blog.ret2.io/2018/07/25/pwn2own-2018-safari-sandbox/ …pic.twitter.com/dXNnBnVXx1

Vulnerability weaponization is the most frequently discussed topic of the #exploit development lifecycle. Here's our take on weaponizing a #JavaScriptCore vulnerability from the ground up: https://blog.ret2.io/2018/07/11/pwn2own-2018-jsc-exploit/ … #Pwn2Own part fourpic.twitter.com/1byvgQP0Pc

One of our favorite #debugging technologies comes from @mozilla, so this week we wanted to help highlight an amazing project. Part three of our #Pwn2Own series makes use of timeless debugging to root cause an exploitable race condition in #JavaScriptCore: http://blog.ret2.io/2018/06/19/pwn2own-2018-root-cause-analysis/ …pic.twitter.com/pXMErTvm3r

The second blogpost of our #Pwn2Own exploitation series is out, and this week we're sharing some tips on the deconstruction of complex software (@webkit) to find #exploitable security vulnerabilities: http://blog.ret2.io/2018/06/13/pwn2own-2018-vulnerability-discovery/ …pic.twitter.com/ykHZwoKKEp

Last week @Apple fixed our #Pwn2Own bugs! We've rolled out the first blogpost of a series which will document a methodical approach to the discovery and exploitation of these vulnerabilities. The Exploit Development Lifecycle, From A to Z(ero Day): http://blog.ret2.io/2018/06/05/pwn2own-2018-exploit-development/ …pic.twitter.com/ZEzNGSYqUh