[email protected] @Peterpan980927
Mobile Security Researcher @starlabs_sg github.com/Peterpan0927 EL1 Joined May 2017-
Tweets330
-
Followers2K
-
Following347
-
Likes778
So, if your debugger crashed in the API “task_set_exception_ports” or “thread_set_state”, try to use the boot args: sudo nvram boot-args="thid_should_crash=0 tss_should_crash=0"
Release: VM Escape Exploit for Parallels Desktop Hypervisor (Pwn2Own 2021) zerodayengineering.com/research/pwn2o… (source code + video walkthrough) A virtual machine escape exploit will typically require kernel privileges in the guest OS. In this exploit I chose to offload the…
Very interesting reading on Linux page cache, memory management, mmap and cgroups Credits @brk0v biriukov.dev/docs/page-cach… #Linux #infosec
In this post I'll use CVE-2023-6241, a vulnerability in the Arm Mali GPU that I reported last November to gain arbitrary kernel code execution from an untrusted app on a Pixel 8 with MTE enabled. github.blog/2024-03-18-gai…
I've audited the Android kernel in late 2023, and reported 10+ kernel bugs to Google, along with 2 exploits. Today, I'm releasing the first exploit, targeting the Mali GPU on Pixel devices, accessible from an untrusted_app context. github.com/0x36/Pixel_GPU…
We are organising a conference on 26th - 27th June 2024 Attention Speakers: Our 2024 Call for Papers is now open! #OffByOne2024? Learn all about it: offbyone.sg/cfp/
Operation Triangulation targets an integer overflow in mach_make_memory_entry, while puaf_smith hits vm_copy. Check out two completely different PoCs for CVE-2023-32434 on our GitHub: github.com/DarkNavySecuri…
In this article, you will learn what SELinux is, how it works, and how to bypass its policies: 8ksec.io/android-selinu… Explore practical examples, commands and tools that you can use to manipulate #SELinux on your own device #AndroidSecurity #MobileSecurity #CyberSecurity
Useful interactive map of the Linux kernel Map: makelinux.github.io/kernel/map/ Source repo: github.com/makelinux/linu… #Linux #cybersecurity
KernelGPT: Enhanced Kernel Fuzzing via Large Language Models A paper by @cy1yang et. al about using the GPT4 LLM neural network for automatically generating syzkaller descriptions. arxiv.org/pdf/2401.00563…
Introduction guide to Linux kernel internals and modules development (updated to 5.x kernels) "The Linux Kernel Module Programming Guide" sysprog21.github.io/lkmpg/ #Linux #kernel
Dirty pagetable technique for pwning Linux kernel (CTF challenge) Mitigations KASLR, SMAP, SMEP, KPTI and slab freelist randomization ptr-yudai.hatenablog.com/entry/2023/12/… #Linux #cybersecurity
Analysis of the Huawei Security Hypervisor Worth a reading! Credits @the_impalabs Hypervisor analysis: blog.impalabs.com/2212_huawei-se… OOB vuln: blog.impalabs.com/2212_advisory_… #huawei #infosec
Off-by-One 2024 Conference CFP is now opened! Be part of a historical event and shape the future of offensive security in this region. Submission and speaker benefits offbyone.sg/cfp/ If you like to talk to us, drop us a line at [email protected]
finding kernel infoleaks in unified logs xD
To date I've already written 644 pages to help the security community and, hopefully, more articles will be released in the coming months: 9. exploitreversing.com/2024/01/03/exp… 8. exploitreversing.com/2023/04/11/exp… 7. exploitreversing.com/2023/01/05/mal… 6. exploitreversing.com/2022/11/24/mal… 5. exploitreversing.com/2022/09/14/mal… 4.…
Another awesome finding by our team member @Creastery We want to thank @GitHubSecurity for resolving this so quickly amid the holidays period. github.blog/2024-01-16-rot…
In December, in macOS Sonoma, Apple fixed 15 video decoding vulnerabilities I reported. This is how these issues were found: github.com/googleprojectz…
I taped my dwarf parsing work onto weggli to be able to pattern match object allocation sites of specific sizes for linux heap exploitation it needs some work (threw it together last night) but it works pretty well from what I've seen: github.com/zolutal/kheap_…
simo @_simo36
7K Followers 107 Followingopa334 @opa334dev
64K Followers 300 Following 23, Developer of Dopamine Jailbreak, TrollStore and some jailbreak tweaks. Employed @ Cellebrite Labs, opinions are my own. Repo: https://t.co/gcJI6iimsr#WeAlliPhoneFamily @iM4CH3T3
23K Followers 3K Following 📱All about #iOS📱#iPhone • #iPad • #AppleWatch • #Exploits • #Jailbreaks • #Tweaks •Root-user best-user!!!•8 jailbroken devices #checkm8 #xboxseriesx #ps4proBas vT @AppleDry05
25K Followers 344 Following iOS developer, creating apps, patching/ hacking stuff oh and the creator of FilzaEscapedstarlabs @starlabs_sg
7K Followers 16 Following A Singapore company that discovers vulnerabilities to help customers mitigate the risks against the ever-evolving threat of cyber attacks.HBS @HUC_hbs
7K Followers 456 Following Mysterious team,dedicated to Jailbreak tools to provide effective signature installation.Noah @GinsuDev
7K Followers 462 Following iOS Developer @ LuxuryEscapes || Swift & SwiftUI || Jailbreak tweak developer || Speaks: Mandarin & English. 自学中文的澳洲开发者。🇦🇺👨💻Alex Plaskett @alexjplaskett
9K Followers 590 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Tweets about 0day, OS, mobile and embedded security.onejailbreak @onejailbreak_
18K Followers 287 Following The best Jailbreak News website on the Internet. IPA Library.codecolorist@infosec... @CodeColorist
5K Followers 989 FollowingPOC_Crew 👨👩�.. @POC_Crew
6K Followers 667 Following Organizer of Zer0Con, POC and MOSEC #Zer0Con2024 (4~5th April 2024 / https://t.co/7Eh8RkpPYJ)Wojciech Reguła @_r3ggi
5K Followers 853 Following iOS/macOS app security researcher & blogger. All opinions are my own 🤐[email protected].. @axi0mX
64K Followers 2K Following Bootrom exploit philanthropist. Apple silicon hacker. iOS jailbreaker. Join us as we dance madly on the lip of the volcano.Csaba Fitzl @theevilbit
7K Followers 908 Following macOS Security -- Trail running 🏃 -- Mountains ⛰ -- Tolkien fanari @DyWyys35415
0 Followers 50 Followinguser31fibcxw2 @user31fibcxw2
0 Followers 549 FollowingIrsath Ahamed @Irsathz
406 Followers 3K Following Hacker | Developer | Security Researcher Digital Forensic InvestigatorMad Lad @r1ngz3ro
1 Followers 47 FollowingShawn Zhong @ShawnZhong_
28 Followers 171 Following0x0000 @0x0000STR
0 Followers 48 FollowingAli @syncwithali
61 Followers 172 Followinglittleflyinginsect @LittleFInsect
5 Followers 57 FollowingDavid_Jou @DavidJou734
74 Followers 496 Following Penetration Testing | Bounty Hunter|Threat Analysis | Happy WasteVi @AvimanyuRoy3
581 Followers 2K Following 🍎🕊/🦦☕️/😴🛌/he/him Shouting into the Void (TM) GPU poor peasantbird @xuechaosong
115 Followers 489 FollowingMas0n @Mas0nShi
1K Followers 591 Following CTFer at @Nu1L_Team / @StrawHat_CTF. Baby reverse engineer & noob of security research / MSRC 2023 Q4 Top 50 / BHASIA24 Speaker. Life @MasonShi_Prirad_alex_2 @rad_alex_2
67 Followers 618 Followingؘ @th3019383
5 Followers 65 FollowingL3V14TH4N @Th4V14
194 Followers 1K Followingالسحاب٩٠ @S0OEq5h6jBwr4nW
108 Followers 2K Following إنسان يحب الخير للأخرين ويدعو لكل مسلم ومسلمة بالمغفرة والرحمه وأن يحفظهم ويحقق لهم ربي مايتمنونهFalcon @F8i8495312
30 Followers 594 FollowingMinghao Lin @Y1nKoc
170 Followers 471 Following CTF player | Blackhat USA Speaker | Focus on iOS/macOS securityYingMuo @YingMuo
7 Followers 88 FollowingEXE @PreviewEXE
2 Followers 89 Following(⊙o⊙)? @wujiecong
4 Followers 421 FollowingBenoît @benoitsevens
745 Followers 134 Followingcrazyman @crazyman823886
340 Followers 649 Following CTFer / APT hunter / RedTeam / BlueTeam the member of @r3kapig the leader of @ShadowChasing1 CVE-2022-30190 find job opportunities pre account @CrazymanArmyStephen @Stephen96075785
48 Followers 235 FollowingLoïc Buckwell @e2r3p13
8 Followers 373 Following王征宇 @xi4o0
6 Followers 718 FollowingShira Gev @GevShira
94 Followers 536 Following Offensive Cyber Security Research & Zero Days exploitsBassam Assiri🇸🇦 @BassamAssiri
6K Followers 2K Following Age:20 Certifications: #OSCP #eWPTX #eCDFP #OSWE Python programmer , CTF and Cyber Security Enthusiast #IAUً @3h6_1
317 Followers 1K FollowingDor @Dor00tkit
40 Followers 340 Followingthlgswmfber @thlgswmfber
14 Followers 112 Followingsimo @_simo36
7K Followers 107 FollowingZhuowei Zhang @zhuowei
34K Followers 197 Following link in bio ⬛⬛⬛⬛⬛🟩🟩🟩🟩🟩🟩 ⬛⬛⬛⬛🟩🟩🟩🟩🟩🟩🟩🟩 ⬛⬛🟧⬛🟩🟫🟫🟫🟫🟫🟫🟩 ⬛⬛🟧⬛🟫🟫🟫🟫🟫🟫🟫🟫 ⬛⬛🟧🟧🟫🟧🟩🟧🟧🟩🟧🟫🟧 ⬛⬛🟧🟧🟫🟧🟫🟧🟧🟫🟧🟫🟧 ⬛⬛⬛🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧 ⬛⬛⬛🟩🟩🟧🟧🟫🟫🟧🟧🟩🟩 ⬛🟫🟫🟫🟫🟫🟧🟧🟧🟧🟩🟩🟫 🟫🟫🟧🟫🟫🟫🟫🟩🟩🟩🟩🟩🟧 🟫🟧🟧🟧🟫🟫🟧🟫🟫🟩🟩🟧🟧opa334 @opa334dev
64K Followers 300 Following 23, Developer of Dopamine Jailbreak, TrollStore and some jailbreak tweaks. Employed @ Cellebrite Labs, opinions are my own. Repo: https://t.co/gcJI6iimsrSaar Amar @AmarSaar
18K Followers 362 Following Reversing, exploits, {Windows, Hyper-V, *OS} internals, mitigations. Apple SEAR. Opinions are my own. @[email protected]starlabs @starlabs_sg
7K Followers 16 Following A Singapore company that discovers vulnerabilities to help customers mitigate the risks against the ever-evolving threat of cyber attacks.0xor0ne @0xor0ne
55K Followers 526 Following | CyberSecurity | Reverse Engineering | C and Rust | Exploit | Linux kernel | PhD | My Tweets, My Opinions :) |Zero Day Initiative @thezdi
77K Followers 17 Following Trend Micro’s Zero Day Initiative (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.Alex Plaskett @alexjplaskett
9K Followers 590 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Tweets about 0day, OS, mobile and embedded security.tihmstar @tihmstar
65K Followers 215 Following Finding offsets since 2017 Email: [email protected] Patreon: https://t.co/FdMYUYWbqrϻг_ϻε @steventseeley
21K Followers 519 Following Hermetic Initiate. Exploring conscience and the nature of reality. I also hack things. @[email protected]Ivan Fratric 💙💛 @ifsecure
17K Followers 192 Following Security researcher at Google Project Zero. Tweets are my own. Backup @[email protected]Samuel Groß @5aelo
24K Followers 499 Following V8 Security technical lead. Previously Project Zero. Personal account. Also @[email protected] and https://t.co/aVitnPjBieSaagar Jha @_saagarjha
4K Followers 174 Followingcodecolorist@infosec... @CodeColorist
5K Followers 989 FollowingLiveOverflow 🔴 @LiveOverflow
142K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeioanother1024 @another1024
45 Followers 150 Following Security researcher|Find Zero Day |Black Hat Speaker|Table Game Player(TM)风沐云烟 @binary_fmyy
472 Followers 44 Following CTFer at Nepnep | Apple Security Researcher | IOT Security ResearcherOff-By-One Conference @offbyoneconf
283 Followers 96 Following A premier gathering of offensive cybersecurity professionals, researchers, thought leaders and innovators from around the region.Killed More 🐈�.. @Lulztigre
1K Followers 652 Following Aichmophobic | Dermatographic Mutant (5%er) | Red Team | ARM x64 x86 Exploitation | pEnTeST | Hide ur Mal | Threat Intel | Chapter lead & Research @Csirt_global8kSec @8kSec
2K Followers 491 Following Offensive Security Trainings and Services Follow us on Linkedin https://t.co/Td3Ww1uMgt Get Certified https://t.co/hmHSG2aQd3Ramdhan @n0psledbyte
1K Followers 780 Following CTF @SuperGuesser (pwn), Security Researcher @starlabs_sgDanis Jiang @danis_jiang
2K Followers 896 Following Yuhao Jiang / former ctfer @ Vidar-Team / Security Researcher @ Ant Group Light-Year Security Lab / GeekPwn 2022 / Pwnie Awards 2023 / Tianfu Cup 2023slipper🩴 | Offside.. @0xslipper
465 Followers 132 Following Hack🥷everything you see and you like⚠️🩴🪨 Founder & CEO @Offside_LabsOffside Labs @Offside_Labs
1K Followers 22 Following 🚀 Web3 Security pioneers | Expert security auditors & consultants | Guarded $300M+ in digital assets | @Paradigm CTF 2023 Champion 🥇 | https://t.co/wH0uG4O3MkCitizen Lab @citizenlab
122K Followers 1K Following Research & development at the intersection of cyberspace, global security & human rights. Munk School of Global Affairs & Public Policy, University of TorontoAleksei Kulaev @flat_z
10K Followers 948 Following Console hacker, former Kaspersky Team Lead of Exploits & Network Threat Detection, security researcher. For tips (thx!): https://t.co/VxJMiawFpPmr gadget @mr94d93t
3 Followers 46 Following security researcher - Android & iOS , from blastdoor and XPC to bypass adb and bootloader breakingDoronZ @doronz88
427 Followers 55 Following Cyber security researcher. Currently focusing on iOS. Developer of: #pymobiledevice3 #hilda #harlogger #RpcProject #cfprefsmon #fap0up0u @_p0up0u_
2K Followers 0 FollowingBlacktop @blacktop__
1K Followers 588 FollowingFilippo Roncari @f_roncari
2K Followers 566 Following Curious guy with a long-time passion for zero-days. Mostly *OS. Present: wip 🚀. Past: research director @, co-founder and researcher @truel_it.Satoshi Tanda @standa_t
7K Followers 358 Following Engineer & Trainer. My DM is open. https://t.co/hqylaDLtNvJerome @jerome_syn
35 Followers 180 Following Contact me for research or collaboration opportunities - open source code reviews, fuzzing, reverse engineering.pod2g @pod2g
337K Followers 470 Following According to ChatGPT: @pod2g is a renowned cybersecurity expert specializing in iOS. @vigilant_labsAlexandr Wang @alexandr_wang
143K Followers 697 Following ceo at @scale_ai. rational in the fullness of timeImpalabs @the_impalabs
715 Followers 2 Following Research-oriented security company @[email protected]Perhaps @Perhaps_Jia
281 Followers 126 FollowingMartijn Bogaard @jmartijnb
951 Followers 1K Following Reverse engineers source code by day and reviews binaries by night. TEEs, TAs, bootloaders (Secure Boot), RTOSs, firmware blobs and other low-level sw.offensivecon @offensive_con
21K Followers 1 Following OffensiveCon is a highly technical international security conference focused on offensive security only. Organized by @bluefrostsec @offensivecon.bsky.socialTamir Zahavi-Brunner .. @tamir_zb
1K Followers 182 Following Security Researcher | DMs are open | @[email protected]Adam Doupé @adamdoupe
5K Followers 1K Following Former DEF CON CTF organizer. Associate Professor @ASU. Web, system, and network security. Loves CTFs. Hacks w/ @shellphish. Hosts @ctfradiooo. Open DMs.Bien Pham 🇻🇳 @bienpnn
4K Followers 398 Following P (Million Live!) / LoveLiver / Shihainin hackerman at @qriousec & @ProjectSEKAIctf traveling around the world (mostly to 🇯🇵) Tiếng Việt / English / 日本語 范阮玉邊李老师不是你老.. @whyyoutouzhele
1.5M Followers 896 Following 投稿请私信或邮箱 [email protected] (一定不要用国内邮箱投稿) 欢迎赞助,帮助这个账户继续运营下去: https://t.co/Xo5MOTwp38Thach Nguyen Hoang �.. @hi_im_d4rkn3ss
2K Followers 293 Following Security Researcher @starlabs_sg. Pwn2Own Mobile 2020, 2021, 2022, 2023. Pwn2Own Vancouver 2022, 2023.r emilia @remilia21626148
2 Followers 59 FollowingKayeeTTT @KayeeTTT
14 Followers 78 Followinggo1ng @go1ng
5 Followers 96 FollowingAsahi Lina / 朝日�.. @LinaAsahi
30K Followers 132 Following Hello everyone, Asahi Lina here! I'm a Linux developer VTuber! EN/日本語|🎨 #AsahiLinArt|Model @NananoNanase|Design @shiranui_illust徒步的騎手 @CaminoTexas
66K Followers 180 Following Keep rolling till I'm in the dirt … https://t.co/XF1bmqFi0gSo, if your debugger crashed in the API “task_set_exception_ports” or “thread_set_state”, try to use the boot args: sudo nvram boot-args="thid_should_crash=0 tss_should_crash=0"
Release: VM Escape Exploit for Parallels Desktop Hypervisor (Pwn2Own 2021) zerodayengineering.com/research/pwn2o… (source code + video walkthrough) A virtual machine escape exploit will typically require kernel privileges in the guest OS. In this exploit I chose to offload the…
Very interesting reading on Linux page cache, memory management, mmap and cgroups Credits @brk0v biriukov.dev/docs/page-cach… #Linux #infosec
经常听到一些才俊讲,中国下一代会如何如何。下一代不是石头缝里蹦出来的,他们如何很大程度上取决于这一代如何。苏联解体后,西方一些专家说,经过一代人,俄国年轻人就会跟西欧年轻人差不多。那种异想天开很快就破灭了。中国的下一代并不会比苏联解体后的俄国下一代更有见识。见识决定命运,父母的见…
In this post I'll use CVE-2023-6241, a vulnerability in the Arm Mali GPU that I reported last November to gain arbitrary kernel code execution from an untrusted app on a Pixel 8 with MTE enabled. github.blog/2024-03-18-gai…
I've audited the Android kernel in late 2023, and reported 10+ kernel bugs to Google, along with 2 exploits. Today, I'm releasing the first exploit, targeting the Mali GPU on Pixel devices, accessible from an untrusted_app context. github.com/0x36/Pixel_GPU…
If you want to work with me as a co-founder and interested in web3 security marketing. Pls DM
We are recruiting head of marketing. If you are interested in our positions, please contact me or send me a private message👇👇👇 olive-venom-0a5.notion.site/EXVUL-Head-of-…
An Interesting bug/issue found by our team member @CurseRed 🥳👍🏼👏🏼 Hopefully we will be allowed to share the details.
Now let my sweet fuzzer work for me to make money 7x24h😜 I will go to sleep. The truly POF(prove of fuzzing)📷😂
We are organising a conference on 26th - 27th June 2024 Attention Speakers: Our 2024 Call for Papers is now open! #OffByOne2024? Learn all about it: offbyone.sg/cfp/
Great work by our team members. We saw that Apple updated list & our team member, @peternguyen14 is credited for CVE-2023-42928 support.apple.com/en-us/HT213982 He was also credited recently with another team member, @Peterpan980927 CVE-2023-32734 CVE-2023-32441 support.apple.com/en-us/HT213841
Operation Triangulation targets an integer overflow in mach_make_memory_entry, while puaf_smith hits vm_copy. Check out two completely different PoCs for CVE-2023-32434 on our GitHub: github.com/DarkNavySecuri…
In this article, you will learn what SELinux is, how it works, and how to bypass its policies: 8ksec.io/android-selinu… Explore practical examples, commands and tools that you can use to manipulate #SELinux on your own device #AndroidSecurity #MobileSecurity #CyberSecurity
Useful interactive map of the Linux kernel Map: makelinux.github.io/kernel/map/ Source repo: github.com/makelinux/linu… #Linux #cybersecurity
KernelGPT: Enhanced Kernel Fuzzing via Large Language Models A paper by @cy1yang et. al about using the GPT4 LLM neural network for automatically generating syzkaller descriptions. arxiv.org/pdf/2401.00563…
Get your macOS 13.0 - 14.3 CodeQL databases here! 🎉 🎉 🎉 Thanks to an absolutely epic PR from @0xjprx ❤️ we’ve got xnu compiling now for macOS 13-14 (and booting for 14.3 🤯) Would ya look at all that green! I mean would ya just look at it! ✅👀 github.com/blacktop/darwi…
This was my last day @offsectraining ! I'm grateful for the past 4 years, for having the opportunity of developing an offensive macOS training (🐙) and working with incredible and very smart people at a really great place! Thank you!
Introduction guide to Linux kernel internals and modules development (updated to 5.x kernels) "The Linux Kernel Module Programming Guide" sysprog21.github.io/lkmpg/ #Linux #kernel
Dirty pagetable technique for pwning Linux kernel (CTF challenge) Mitigations KASLR, SMAP, SMEP, KPTI and slab freelist randomization ptr-yudai.hatenablog.com/entry/2023/12/… #Linux #cybersecurity
Analysis of the Huawei Security Hypervisor Worth a reading! Credits @the_impalabs Hypervisor analysis: blog.impalabs.com/2212_huawei-se… OOB vuln: blog.impalabs.com/2212_advisory_… #huawei #infosec