LiveOverflow 🔴 @LiveOverflow
wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio youtube.com/LiveOverflow Internet Joined March 2015-
Tweets8K
-
Followers141K
-
Following1K
-
Likes6K
Is this a sockpuppet account establishing lore in order to push a backdoored libc patch in a few months? 🙃
Is this a sockpuppet account establishing lore in order to push a backdoored libc patch in a few months? 🙃
Microarch club continues to hit it out of the park The Matt Godbolt episode is just non-stop gem after gem. Seriously, check it out if you haven't already
Microarch club continues to hit it out of the park The Matt Godbolt episode is just non-stop gem after gem. Seriously, check it out if you haven't already
This is the story of when I first realized how throughly compromised ANOM, the encrypted chat app the FBI secretly ran, really was. It was the moment I saw a mass of messages and data gathered by the app. It starts with Christof, who was clearly hungover 1/
Android question: I have an app that loads a native library. Why does the library not show up in the memory map? How exactly are native libraries loaded in apps? Does anybody know a good writeup about the internals?
The best thing I did in life was learn assembly at age 16 when everybody said it's a waste of time.
The best thing I did in life was learn assembly at age 16 when everybody said it's a waste of time.
It seems I stumbled upon @cfreal_ iconv bug in glibc a decade ago when fuzzing XML engines… 👀 Too bad, I’m such a n00b at memory corruption that I missed its impact 🤷♂️ Looking forward to his @offensive_con talk 🤓 offensivecon.org/speakers/2024/…
And that's why I made a Minecraft hacking video series :) youtube.com/playlist?list=…
And that's why I made a Minecraft hacking video series :) youtube.com/playlist?list=…
The kids are alright
When I try to search anything on my mac, nothing happens. LITERALLY NOTHING HAPPENS??!!! It's most annoying in Mail app which prevents me from searching mails. But it also affects eg. the System Settings search (see pic). How the fuck can this get broken. And how do I fix it????
@ZaiLynch @garethheyes Using popular frameworks properly is the same as driving with a seat belt. Absolutely L A M E 😎 Live a little, write your own template engine!
Fault injection vs Firmware hacking
Want to check your Minecraft 1.12.2 ReplayMod files for coords with the 2b2t Randar exploit? I threw together this neat little website you can just drag & drop your mcpr files on to process them client-side! hobune.stream/randar/
What's your favorite tool/script to enumerate AWS IAM permissions?
CtF hAs nOThInG tO dO wiTh AcTuAl SeCuRity ReSeArcH
My only in-person training of "Applied Fault Injection" in the USA will be at @hardwear_io at the end of May - and it's almost sold out! We will bypass the boot protections of the nRF52 (AirTag) and STM32 (Wallets), use power analysis to find glitch targets, ...
Shazzer will now highlight the differences in behaviour between browsers. If one does something different it will be highlighted in red. shazzer.co.uk/vectors/661643…
Intigriti @intigriti
155K Followers 644 Following Global Bug Bounty & VDP Platform. 🌐: https://t.co/fgCupJckrW ▶️: https://t.co/lRfCzZBgb7 👾: https://t.co/Inf7N9VQIlJohn Hammond @_JohnHammond
239K Followers 2K Following Hacker. Cybersecurity Researcher @HuntressLabs || https://t.co/qUeDM3lSClBen Sadeghipour @NahamSec
197K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷Hack The Box @hackthebox_eu
190K Followers 226 Following #1 Cyber Performance Center, providing a human-first platform to create and maintain high-performing cybersecurity individuals and organizations.Katie Paxton-Fear @InsiderPhD
82K Followers 2K Following Dr, apparently. Creator @traceableai, Lecturer & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/herbugcrowd @Bugcrowd
161K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™Jason Haddix @Jhaddix
146K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. @arcanuminfosec 18 years hacking + sec leadership. ex:BuddoBot-Ubisoft-Bugcrowd-Fortify-HP-Redspin-Citrix.STÖK ✌️ @stokfredrik
126K Followers 1K Following Hi.. im that hacker / creative that your friends told you about. Creative Director & Hacks all the things at @truesecippsec @ippsec
111K Followers 349 Followinghakluke @hakluke
88K Followers 2K Following Hacker, bounties, entrepreneur. I help cybersecurity companies produce amazing content for their blogs and socials. Founder of: @haksecio and @hacker_contentAlh4zr3d @Alh4zr3d
19K Followers 283 Following Legal Criminal | Twitch cult leader | InfosecPrep founder | Lovecraft scholar | Soros mercenary | Spiritual cargo shorts wearer | Cthulhu fhtagnGuidedHacking @GuidedHacking
37K Followers 328 Following Reverse Engineering, Game Hacking, Malware Analysis & Exploit Development @ https://t.co/Dl5ED4o7YSPwnFunction @PwnFunction
38K Followers 981 Following I make animated computer science videos • product & ai @pdiscoveryio • blog at https://t.co/RLiSNOVQ0WTib3rius @0xTib3rius
57K Followers 444 Following Web App (mostly) Hacker | OnlyFeet Member | Cybersecurity Educator | AutoRecon Dev | Ex-Brit | Links: https://t.co/04RRExvxXj (he/him) 🇺🇸Farah Hawa @Farah_Hawaa
44K Followers 840 Following security analyst @fbsecurity | part-time bug hunter | content creator | she/her | views = mineInfoSec Community @InfoSecComm
38K Followers 637 Following Largest InfoSec publication with 30k+ followers and 1M+ monthly views. 3rd edition of @IWcon_ happening in December 2023!Nathaniel @nnwakelam
38K Followers 1K FollowingRana Khalil 🇵🇸 @rana__khalil
51K Followers 869 Following AppSec Team Lead | OSCP | CEO & Instructor of @ranakhalilacadsbikta_san @sbikta_san
10 Followers 47 FollowingBЯIGΛПD ᄃYBΣЯ @brigandcyber
38 Followers 95 FollowingBrandon Lam | Cyber L.. @cyber_loom97219
2 Followers 29 Following Founder of 💻Cyber Loom. Cyber Loom is a cyber security consulting company. Cyber Loom podcast 🎙️🎥 where we interview the top cybersecurity professionalsalesmilani @alesmilani52693
0 Followers 36 FollowingJakub Ferjak @ferjakub
19 Followers 289 FollowingMohamed Eltabakh @eltabakh444er
4 Followers 150 FollowingLynn @386enhanced
61 Followers 558 Following 21 yrs old. Idk I do media design, video editing, programming. Der Haid wird wenicher Editor for @TheRightOpinion • she/her they/them • GPT-5borabaykar @borab1337
0 Followers 162 FollowingSean Barrett @Everydaysean
105 Followers 526 FollowingThe Man @TheMan2309
0 Followers 22 Followingbeige @0xbeige_
0 Followers 77 FollowingNyckos.TI @Nyckosti
15 Followers 211 Following Viver em comunidade, observar tendências e praticas, pensar alternativas e novos modelos!!!Robot .Bot @RobotBot314414
50 Followers 301 FollowingTony Chiu @tonychiu041100
5 Followers 83 Following이재현 @hacking_learner
0 Followers 6 FollowingRichard Heatwole @hrh2nd
0 Followers 201 FollowingChKoq @Cho9917j
2 Followers 8 FollowingD@n!3l @20_04D
131 Followers 873 Following Cybersecurity Enthusiasts/ crypto enthusiasts/ Arsenal dude, working towards greatness.Bonnia @Bonniamalpa
40 Followers 569 Following discord-user:Bonniia. I love play games and I’m a artist!mo fat @mofat06272776
2 Followers 85 FollowingDana Mahmood @deordered
9 Followers 650 Following Fine-tuning AI models oftentimes & practicing philosopher at other times.r00t @r00t1911
0 Followers 13 FollowingDaniel K @0xEbisu
2 Followers 62 FollowingIanzer 𓅓 @albot_w
22 Followers 1K FollowingIdan Raz @IdanR_z
0 Followers 12 FollowingNidal Bakir 💙 | rm.. @nidalbak
21 Followers 402 Following Software Engineer (Software Architect as a goal) || Mobile app developer {Flutter 💙} member of @ParsePlatform || #Flutter || #GoLang || #GNU_Linux BTWGkw hatara @HataraGkw
75 Followers 114 FollowingAntiqueTequila @StkyDknMeBlz
28 Followers 301 FollowingSathvik kallepalli @sathvikvirat183
29 Followers 183 Following0xhav0c @0xhav0c
33 Followers 100 Following Cyber geek | Talks about Red Team & CTI | Senior Penetration TesterGeorgeFafa @george_fafa
25 Followers 208 Following Pro Codm player for PlayProvince -- @PlayProvinceAifos Si Prahs @AifosSi
54 Followers 622 FollowingChungus Bungus @Syedjunaid6119
0 Followers 124 Followingkapil chauhan @_KapilChauhan
0 Followers 62 FollowingArun Shrestha @shresthaarun652
0 Followers 19 FollowingJohn Hammond @_JohnHammond
239K Followers 2K Following Hacker. Cybersecurity Researcher @HuntressLabs || https://t.co/qUeDM3lSClBen Sadeghipour @NahamSec
197K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷PentesterLab @PentesterLab
153K Followers 0 Following We make learning web hacking and security easier. Online systems, code review, videos & courses that can be used to understand, test and exploit bugs!Katie Paxton-Fear @InsiderPhD
82K Followers 2K Following Dr, apparently. Creator @traceableai, Lecturer & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/herJason Haddix @Jhaddix
146K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. @arcanuminfosec 18 years hacking + sec leadership. ex:BuddoBot-Ubisoft-Bugcrowd-Fortify-HP-Redspin-Citrix.STÖK ✌️ @stokfredrik
126K Followers 1K Following Hi.. im that hacker / creative that your friends told you about. Creative Director & Hacks all the things at @truesecippsec @ippsec
111K Followers 349 Followinghakluke @hakluke
88K Followers 2K Following Hacker, bounties, entrepreneur. I help cybersecurity companies produce amazing content for their blogs and socials. Founder of: @haksecio and @hacker_contentAlh4zr3d @Alh4zr3d
19K Followers 283 Following Legal Criminal | Twitch cult leader | InfosecPrep founder | Lovecraft scholar | Soros mercenary | Spiritual cargo shorts wearer | Cthulhu fhtagnGuidedHacking @GuidedHacking
37K Followers 328 Following Reverse Engineering, Game Hacking, Malware Analysis & Exploit Development @ https://t.co/Dl5ED4o7YSPwnFunction @PwnFunction
38K Followers 981 Following I make animated computer science videos • product & ai @pdiscoveryio • blog at https://t.co/RLiSNOVQ0WFarah Hawa @Farah_Hawaa
44K Followers 840 Following security analyst @fbsecurity | part-time bug hunter | content creator | she/her | views = mineNathaniel @nnwakelam
38K Followers 1K Followingshubs @infosec_au
50K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnoteGareth Heyes \u2028 @garethheyes
32K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5Zero Day Initiative @thezdi
77K Followers 17 Following Trend Micro’s Zero Day Initiative (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.Bug Bounty Reports Ex.. @gregxsunday
38K Followers 555 Following Grzegorz Niedziela - a hacker who documents his hacking journey by creating and curating the best content about bug bounty and offensive security.Brandon Rossi @0xConda
16K Followers 2K Following Senior Red Team Operator / Security Researcher / Content Creator | OSCP | CRTP | OSEP |James Kettle @albinowax
70K Followers 83 Following Director of Research at PortSwigger Burp Suite Check out my website for published research, other social platforms & contact detailsJoseph Cox @josephfcox
88K Followers 3K Following Hacking/crime/privacy journalist. Author of forthcoming DARK WIRE. Co-founder of @404mediaco. Signal: +44 20 8133 5190. Email: [email protected]Tim Perry @pimterry
3K Followers 1K Following Building https://t.co/nsD6CIRNo1 (@httptoolkit), tech speaker, drummer & mountain biker. 🇬🇧+🇨🇦 living in 🇪🇸. He/Him. Also on Mastodon: https://t.co/avoorMLO9DAnthony Weems @amlweems
3K Followers 244 Following Cloud Vulnerability Research • The opinions stated here are my own, not those of my company.Maurice Heumann @momo5502
12K Followers 193 Following 🐍 DRM Developer & Reverse Engineer. My girlfriend rates me 4/5 stars.Andres Freund (Tech) @AndresFreundTec
9K Followers 105 Following FWD: @[email protected] Postgres developer, working at Microsoft. For politics: @AndresFreundPolLäddagschwätz @laddagschwatz
28 Followers 1 Following Ist Läddagschwätz eventuell der beste Podcast, den der Rest Deutschlands wahrscheinlich niemals hören wird? Und wenn ja: würden Sie uns verstehen? Monatlich neuMatan Berson @MtnBer
956 Followers 198 Following Hacking for fun | H1-65 Eliminator award | AWC23 Best New HackerCharles Fol @cfreal_
3K Followers 542 Following employer: @LexfoSecurite @ambionics ~ blogs: https://t.co/cLoNdCGPU7 https://t.co/JVMLjUzTJU https://t.co/t9a5IcOXSURon Masas @RonMasas
1K Followers 197 Following trying to predict the next token to make you think i’m a security researcher.Zillow Gone Wild 🏡 @zillowgonewild
619K Followers 10 Following join the zillionaires 🏡. email me wild homes: [email protected]. Subscribe to the Zillow Gone Wild newsletter to never miss a wild home 👇Gunnar Andrews @G0LDEN_infosec
3K Followers 771 Following Hack Stuff | Code Stuff | Fitness | Kaizen OSCP | OSWA | OSWE https://t.co/4lgaVGZxd0 https://t.co/4JbA2DgF90 https://t.co/uY8NkPXaqAMaurice Weber @MauriceWeber42
28K Followers 374 Following Der Typ von der GameStar. 5 Tage die Woche auf Twitch, schmuggelt sich weiter schamlos in GameStar-Videos und Podcasts. Post: [email protected]Sam Thomas @_s_n_t
2K Followers 87 Following Security researcher at Oracle. Speaker at Blackhat USA 2018, Successful entries at pwn2own IOT/Mobile 2021,2022,2023,2024, ICS 2022. Opinions are my own etc..Kenët @KenetDeluxe
6K Followers 749 Following Lead UI artist @Ubisoft and #pixelart fetishist. I also make shaders and lame code, because why not! 🇫🇷🇬🇧Zhuowei Zhang @zhuowei
34K Followers 196 Following link in bio ⬛⬛⬛⬛⬛🟩🟩🟩🟩🟩🟩 ⬛⬛⬛⬛🟩🟩🟩🟩🟩🟩🟩🟩 ⬛⬛🟧⬛🟩🟫🟫🟫🟫🟫🟫🟩 ⬛⬛🟧⬛🟫🟫🟫🟫🟫🟫🟫🟫 ⬛⬛🟧🟧🟫🟧🟩🟧🟧🟩🟧🟫🟧 ⬛⬛🟧🟧🟫🟧🟫🟧🟧🟫🟧🟫🟧 ⬛⬛⬛🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧 ⬛⬛⬛🟩🟩🟧🟧🟫🟫🟧🟧🟩🟩 ⬛🟫🟫🟫🟫🟫🟧🟧🟧🟧🟩🟩🟫 🟫🟫🟧🟫🟫🟫🟫🟩🟩🟩🟩🟩🟧 🟫🟧🟧🟧🟫🟫🟧🟫🟫🟩🟩🟧🟧Leonid Bezvershenko @bzvr_
3K Followers 286 Following Studying math, reversing and Twitter... | Security Researcher @ Kaspersky, GReAT | Drovosec CTF team | Tweets are my ownChaofan Shou @shoucccc
8K Followers 2K Following phd student @ucberkeley working on security (#fuzzing #plse #llm) / intern @hackthedefiA.I.Warper @AIWarper
12K Followers 124 Following Sharing my creative AI experiments • Business Inquiries (consulting ONLY - no commission at this time): [email protected]Kévin - Mizu @kevin_mizu
3K Followers 648 Following Vulnerability researcher 🐛 | CTF with @HexagonCTF, @rhackgondins 🦦 | Team FR 2023 🇫🇷 | https://t.co/sEBb6VnMrmSoufiane @wld_basha
2K Followers 1K Following ان ينصركم الله فلا غالب لكم ## cybersecurity professional0xbro @sec_0xbro
345 Followers 134 Following Penetration tester, content creator & wannabe ethical hackerJaren @The1Jaren
4K Followers 471 FollowingDiceGang @dicegangctf
3K Followers 25 Following Play 🎲 DiceCTF 2024 Quals to qualify for DiceCTF Finals in New York City!Zeyu (Zayne) | @zeyu2.. @zeyu2001
1K Followers 500 Following CS @Cambridge_Uni | CTFs @Water_Paddler / 💦, @seetf_sg (Founder) | Security @ElectrovoltSec / @cure53berlin (ex: TikTok) | DEF CON 31-32 finalistĐào Trọng Nghĩa @nghiadt1098
1K Followers 1K Following Pwn2own Vancouver 2021/2022. Pwner at @dfsec_com. Tweets are my own. https://t.co/4Y2w4FalICPeter Stöckli @ulldma
490 Followers 725 Following Security Researcher and Software Engineer at GitHub Security Lab (@GHSecurityLab). Account in the Fediverse: @[email protected]Brad Spengler @spendergrsec
3K Followers 4 Following President of @opensrcsec, developer of @grsecurity Personal accountJohan Carlsson @joaxcar
4K Followers 155 Following Father and developer during the day, looking for bugs at night 🐞. Using Twitter for infosec only. Also on: @[email protected]Maciej Piechota @haqpl
4K Followers 1K Following I’m a security enthusiast and technology polyglot, pug lover and drum’n’bass head. Vice Captain @justCatTheFish, HTB @AlphaPwners, Daily Pwning @SECFORCE_LTDvery interesting and clever mxss 🤯, interested to know how the finder identified this quirk. However, the test case is out there on Chrome about this behaviour and people missed it.
DOMPurify 3.1.1 & 2.5.1 have been released. Both are security releases & should be upgraded to asap. Note: More releases might follow, the mitigated attack is novel. Eternal gratitude goes to @IcesFont for finding, reporting & helping with fixes 🙇 github.com/cure53/DOMPuri…
Very unusual browser behavior has lead to what seems to be a whole new class of mXSS, and we will release new versions of DOMPurify soon so to make sure you can protect against that. Stay tuned, more details soon, latest on Monday.
@cure53berlin Are we going to see a new div.innerHTML = DOMPurify.sanitize(input) to XSS?
In an ideal world, I'd like to see governments make BBPs mandatory for companies with a certain threshold of users that they are putting at risk.
Alrighty, lemme clarify some thoughts surrounding this VDP thing. I think VDPs are essential to today's ecosystem. I think VDPs should exist right now. I think they should be gamified in a separate way than bug bounty. I think companies that can clearly afford to do a bug…
Microarch club continues to hit it out of the park The Matt Godbolt episode is just non-stop gem after gem. Seriously, check it out if you haven't already
The Compiler Explorer Story @mattgodbolt recounts the origin story of @CompileExplore, which started as a tmux session with an editor in one pane and running the compiler in a loop in the other. It has grown into a publicly available site, serving over 3M compilations per week.
@Rhynorater @pilvar222 If you want a spoiler, you can google "justctf terjanq baby csp" 😂
This is the story of when I first realized how throughly compromised ANOM, the encrypted chat app the FBI secretly ran, really was. It was the moment I saw a mass of messages and data gathered by the app. It starts with Christof, who was clearly hungover 1/
@LiveOverflow when developer.android.com/guide/topics/m… is false, linker would load library from zip file with ANDROID_DLEXT_USE_LIBRARY_FD_OFFSET. the library in mmap would be the apk file.
Got my quarterfinals game in the Hidden Community Cup casted by the legend @T90Official himself. It's a pretty wild one. Check it out: youtu.be/WobFGMS8hZo Was my first AoE tournament ever and great fun! (Yes, I know what Loom does. No, I will never ever forget it again. :'D)
@LiveOverflow Same basically applies to DataStore but the files are protobuffers instead of XML IIRC
@LiveOverflow Overwriting SharedPreferences files can be pretty powerful sometimes - the obvious scenario is command injection (not super common IME) but sometimes you can overwrite other configurable settings to facilitate more complex chains (e.g., enabling debug settings)
@evaristegal0is @LiveOverflow IIRC this technique exploits an outdated version of the Google Play Core library - Google basically says the Play Core Library shouldn't be used anymore, but a surprising number of apps still use it, so you can often get exec from file write this way
The best thing I did in life was learn assembly at age 16 when everybody said it's a waste of time.
George Hotz says that everyone should learn C and Assembly.
It seems I stumbled upon @cfreal_ iconv bug in glibc a decade ago when fuzzing XML engines… 👀 Too bad, I’m such a n00b at memory corruption that I missed its impact 🤷♂️ Looking forward to his @offensive_con talk 🤓 offensivecon.org/speakers/2024/…
The kids are alright
Proving once again that Minecraft exploits are fundamentally more interesting than the ones targeting software people actually care about (and definitely being better for civil society): github.com/spawnmason/ran…
Proving once again that Minecraft exploits are fundamentally more interesting than the ones targeting software people actually care about (and definitely being better for civil society): github.com/spawnmason/ran…
@hextreeio @ghidraninja Ooh you didn’t said ‘socket’, my mind filled that in, i think 😂