Max @_mxms
rpisec Cascadia Joined December 2010-
Tweets10K
-
Followers2K
-
Following405
-
Likes6K
Fortunately this http.sys bug was an internal find by our team. This one thanks to @_mxms, @fzzyhd1 and everyone who contributes to our tooling and automation.
Happy Patch Tuesday! #Adobe and #Microsoft have released their regularly scheduled updates, and @dustin_childs has all the details of the bugs squashed this month - including a wormable bug in http.sys. bit.ly/33xsfxl
@tekknolagi A child can attach to its parent if the parent calls ptrace(PTRACE_TRACEME, ...) or you modify yama_scope; whether or not gdb will be able to use the tty properly, I don’t know :p
Do you want to gamble on fat bears for charity? #FatBear2020 is here. Get your brackets in before the 30th! Details here: gist.github.com/yrp604/088bd20…
These, combined with recent @WIRED reporting on Chinese espionage campaign Operation Skeleton Key targeting the Taiwan Semiconductor Industry (wired.com/story/chinese-…), suggests possibility of an explosion of new homegrown semiconductor companies in the mainland.
There’s also a format string bug going the opposite direction (when your phones name is %p%p%p...)
If you have an AppleTV named as an XSS-payload it will trigger when AirPlay is used in Safari on iOS. A pretty far-fetched UXSS I would say.
The second annual infosec fat bear bracket is here. Let’s gamble on some fat bears for charity. Brackets due ASAP. dpaste.de/OZ1U
It's not obvious from the advisory, but the same code runs in RDP client. The issues have been patched in both. This would have allowed a malicious server to compromise a client without any alerting behavior, or a MitM attack with a warning confirmation.
August Patch Tuesday includes fixes for our internal finds in RDP, including RCE and remote info disclosure, and affecting Win 10 latest. The team successfully built a full exploit chain using some of these, so it's likely someone else will as well. Patch and enable NLA.
August 2019 Security Update includes fixes for wormable RCE vulnerabilities in Remote Desktop Services (RDS), affecting all in-support versions of Windows. These should be patched quickly. For more information, see msrc-blog.microsoft.com/2019/08/13/pat…
Did anyone find / exploit the serialization bugs in TelOoOgram during DEF CON CTF?
We've built tools for fuzzing based on emulation of a process snapshot captured via minidump. We're considering open sourcing the tool, and I'm curious about interest level from the rest of the world. (1/3)
@RolfRolles @aaronportnoy Last year RPISEC was at the RPI club fair, and a person of color came to our table and saw the book, and asked the same thing. I’m incredibly happy they asked instead of assuming
#RealWorldCTF2018 RPISEC has successfully pwned the Safari browser and spawned a calculator on the victim host at their first attampt during the demostration!
Vectorized Emulation: Hardware accelerated taint tracking at 2 trillion instructions per second gamozolabs.github.io/fuzzing/2018/1…
After Trump was elected, I felt unsafe. I thought that electing a man as president who has assaulted women would normalize that behavior, make assault seem inconsequential to a perpetrator. Right now, I feel worse. It’s normalized, all right.
So what’re we supposed to be doing about the ongoing calls from numbers in our area code? It’s old...
Came in 1st in CSAW 2018 Quals! Kudos to all who played, it was a tough competition this year! See y'all at finals!
48-hour Quals is officially done. Nicely done, @osirislab! #CTF scoreboard is frozen. Thank you so much to all the teams who participated this weekend. Check out the scores here: ctf.csaw.io/scoreboard. Official announcement of Finalists will be posted in early October.
Brendan Dolan-Gavitt @moyix
33K Followers 6K Following Building offsec agents: https://t.co/G9EtnC2Gl3 PGP https://t.co/3WXr0RfRkv
LiveOverflow 🔴 @LiveOverflow
160K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio
Perri Adams @perribus
7K Followers 987 Following @Dartmouth ISTS Fellow & @SAISHopkins Adjunct Prof., inter alia. Former @DARPA, @DEFCON CTF, etc. @DistrictCon, @hexacon_fr, @LABScon_io CFP Review Boards
Axel Souchet @0vercl0k
13K Followers 582 Following ¯\_(ツ)_/¯, blogging on https://t.co/36oOc8Mgha and posting codes on https://t.co/P83Oen94Rc.
Zion Leonahenahe Basq... @mahal0z
3K Followers 278 Following Native Hawaiian Hacker | Prev Co-captain of @Shellphish | Incoming Assistant Professor at University of Georgia
Richard Johnson @richinseattle
19K Followers 3K Following Computer Security, Reverse Engineering, and Fuzzing; Training & Publications @ https://t.co/mloVP6rPB7; hacking the planet since 1995; Undercurrents BOFH
thomas🌦 @zemnmez
4K Followers 5K Following teaching computers love @openai. previously @google @twitch @ncsc. @forbesunder30 alumnus & @defcon black badge holder
Conrad Kramer @conradev
12K Followers 2K Following @openai, previously co-founder @SkyBySoftware, shortcuts @Apple. convivial optimizer
3eirn0 3eirn0 @3eirn0
2 Followers 203 Following
🇨🇳🇹🇼天�... @tw1450438438
163 Followers 532 Following
akash_offsec @akashoffsec
392 Followers 2K Following Security Researcher🧑💻 | Bug Hunter | Penetration Tester
Jevin Sweval @jevinskie
2K Followers 5K Following Fuck Elon Musk and his fascist & racist friends This account is archived. Find me elsewhere. https://t.co/aPN2y5oggJ
Patrick-léon @gkpl0010
79 Followers 1K Following Software Engineering Student, Cybersecurity Enthusiastic
h4urek @h4urek
15 Followers 296 Following
Michael DePlante @izobashi
4K Followers 771 Following Security Researcher at the Zero Day Initiative. DMs open.
cbwang505 @cbwang505
617 Followers 155 Following Chief Vulnerability Researcher | Windows full-chain exploitation / kernel internals / COM security | 2024 MSRC MVR Top 100|Pwn2Own Berlin 2026 |TyphoonPWN 2026
Ubreakaw @Ubreakaw32079
24 Followers 1K Following
Jarod @stewartjarod
523 Followers 2K Following Building Wraps - The email platform that sends through your AWS. https://t.co/Ory9d42XNN • https://t.co/Y9eSmxOhYl • https://t.co/fBhhSl6jkb
Alex Rebert @ayper
522 Followers 662 Following Security @ Google. Previously co-founder of @ForAllSecure. Opinions here are my own. @[email protected]
Adriaan Jacobs @a3_jacobs
71 Followers 118 Following Systems security researcher and PhD student at DistriNet, KU Leuven
Sven @SvenHoeper
2 Followers 1K Following
WATER_PAKMEN @Babimuu12
3 Followers 48 Following
Leo @leolin113
46 Followers 2K Following
0x00ne @0x00l62120
18 Followers 249 Following For computer repairs, dm we talk || cysec enthusiast || data science and analytics
RexSonic @rexs0nic
154 Followers 2K Following I think this could be the beginning of a beautiful business relationship
tejas krishna @tejaskrshna
12 Followers 2K Following
Kumar Anshuman @Anshuman9187
3 Followers 442 Following
Nicolas Vivet @nizox
229 Followers 560 Following Infosec enthusiast, Software Engineer at @DatadogHQ, former @SqreenIO
yeshuibo @yeshuibo
109 Followers 6K Following
Gerrard Tai @gerrard_tai
359 Followers 525 Following vuln research and pwn | ex csgo pro for team "Counter-Terrorists"
vierito5 @vierito5
2K Followers 4K Following Gneeeeeeeeeeinfoseeeeeeeeeeeec. Broken villain, former something.
Bùi Quang Hiếu �... @tykawaii98
729 Followers 636 Following MSRC MVR 2021 - Researcher at @crowdfense - Tweets are my own
David ⚡⚛⚡ @dbph
886 Followers 4K Following /me yet another random hacker. @atlassian. Journalist as defined by the Evidence Act 1995. Subject to gdpr. @[email protected] & dbph @ blue sky
Michael Paktinat @michaelpaktinat
331 Followers 4K Following Data/Systems Analyst/Engineer training you on computer things.
hawkedota @hawkedota
52 Followers 1K Following
`Ivan @Ivanlef0u
11K Followers 4K Following
muricula @muricula
13 Followers 294 Following
Bikash Dash @Memport
164 Followers 2K Following गते शोको न कर्तव्यो भविष्यं नैव चिंतयेत्। वर्तमानेन कालेन वर्तयंति विचक्षणाः॥ Vuln Research♧Exploitation♧Fuzzing♧PenTest
Reggae77x @reggae77x
0 Followers 144 Following
masecu @masecu2
1 Followers 264 Following
melina @melina_almasi
290 Followers 1K Following
S4mbl4ck S4mbl4ck @s4mbl4ck
4 Followers 374 Following
EG888 @EG_888
29 Followers 650 Following I'am retweting a lot of pixel art wich (I think) looks good
WSA @jhg93887193
0 Followers 129 Following
Brendan Dolan-Gavitt @moyix
33K Followers 6K Following Building offsec agents: https://t.co/G9EtnC2Gl3 PGP https://t.co/3WXr0RfRkv
Halvar Flake @halvarflake
45K Followers 3K Following Choose disfavour where obedience does not bring honour. I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected]
Project Zero Bugs @ProjectZeroBugs
37K Followers 0 Following A bot that posts the latest blog posts and disclosures from Google's Project Zero
𝗥𝗬𝗔𝗡 𝗦... @withzombies
3K Followers 1K Following "im not distilled! im not distilled!!", i continue to insist as i slowly shrink and transform into a prompt
mdowd @mdowd
33K Followers 754 Following Internet Hacker. Founder of @vigilant_labs. Previously, co-founder of Azimuth Security (now L3Harris Trenchant)
Jordan Wiens @psifertex
6K Followers 1K Following Worst developer among many good ones making https://t.co/XCCx7ED5uf
Adam Doupé @adamdoupe
6K Followers 1K Following Former DEF CON CTF organizer. Professor @ASU. Web, system, and network security. Loves CTFs. Hacks w/ @shellphish. Hosts @ctfradiooo. Open DMs.
lcamtuf @lcamtuf
40K Followers 499 Following Substack: https://t.co/yFvmNisGW3 Homepage: https://t.co/iFAXZxCO5H
Stefan Esser @i0n1c
108K Followers 462 Following CEO of @Antid0tecom (former CEO of @SektionEins) (contact: [email protected])
Perri Adams @perribus
7K Followers 987 Following @Dartmouth ISTS Fellow & @SAISHopkins Adjunct Prof., inter alia. Former @DARPA, @DEFCON CTF, etc. @DistrictCon, @hexacon_fr, @LABScon_io CFP Review Boards
Axel Souchet @0vercl0k
13K Followers 582 Following ¯\_(ツ)_/¯, blogging on https://t.co/36oOc8Mgha and posting codes on https://t.co/P83Oen94Rc.
Zion Leonahenahe Basq... @mahal0z
3K Followers 278 Following Native Hawaiian Hacker | Prev Co-captain of @Shellphish | Incoming Assistant Professor at University of Georgia
thomas🌦 @zemnmez
4K Followers 5K Following teaching computers love @openai. previously @google @twitch @ncsc. @forbesunder30 alumnus & @defcon black badge holder
comex @comex
146K Followers 285 Following Mastodon: @[email protected] / https://t.co/MZ1EDnKsAI | Cohost (inactive): https://t.co/BkMXfegtxe
Conrad Kramer @conradev
12K Followers 2K Following @openai, previously co-founder @SkyBySoftware, shortcuts @Apple. convivial optimizer
jvoisin @dustriorg
943 Followers 0 Following This account is inactive, use the following instead: - https://t.co/V1HC4hS2oJ - https://t.co/8xth5l1Rn8 - https://t.co/BPuGer3Owz
Michal Melewski @carste1n
4K Followers 346 Following Security Engineer @ Somewhere ex-Google, ex-Cloudflare I use bad software and bad machines for the wrong things. My writing: https://t.co/Z7uucr5BYW
Lee Holmes @Lee_Holmes
19K Followers 777 Following Partner Security Architect, Azure Security. PowerShell developer, fanatical hobbyist, and author of the PowerShell Cookbook. @[email protected]
Jonathan Protzenko @_protz_
875 Followers 391 Following Principal Cheese Researcher at Microsoft Research. I tweet about cheese, and occasionally formal verification, cryptography (HACL*/EverCrypt), type systems, etc
Felix Gröbert @fel1x
4K Followers 620 Following Principal Engineer, Product Security Engineering at Google Cloud. Opinions own. Tweets deleted periodically.
Jessica Payne @jepayneMSFT
30K Followers 31 Following Security Person at Microsoft, currently in Windows Defender Security Research. Opinions are my own.
lukas @dreselli
925 Followers 379 Following CTFs and research in fuzzing/concolic at the UCSB SecLab, co-captain of @shellphish, lead Shellphish's AIxCC team with @cl4sm
Ben Kaiser @benhkaiser
411 Followers 680 Following Working on privacy and AI trust @DuckDuckGo. Previously a researcher @PrincetonCITP, @MITLL, and @RPI.
Dr. Silvia Cristina S... @silvia_stegaru
337 Followers 538 Following 👩🔬 Co-founder @codettero 💼Software Engineer @Adobe 🏷 She/her 💡 Views are my own 🚀
Mateusz Krzywicki @krzywix
2K Followers 831 Following 🐛 bugs and 🤯 exploits (Opinions are my own and not my employer)
max.rss @tekknolagi
2K Followers 911 Following fmr Chief Potato; he/him gone here. find me on: https://t.co/q3ainEJ9sW https://t.co/ui3S5mSXEd
Jade @jadequery
24 Followers 39 Following Interested in computers and urbanism. Alumnus #RPISEC. she/they 🏳️⚧️
Bader @GH0S1
598 Followers 1K Following Hacking, F1, metal music, cooking, and other postings | CTF with Shellphish, b01lers, and WCSC | posts are my own | https://t.co/exhnuIJfFL gh0s1
Fist0urs @Fist0urs
845 Followers 335 Following Fun passwords/Windows are fun. Tweets are my lol not my employer. I don't understand twitter. I only tweet when I remember about this account. I'm MJ hee/hee
Mike Pizza @michaeljpizza
94 Followers 296 Following
Milo Trujillo @illegaldaydream
2K Followers 1K Following Systems scientist, engineer, activist. Research+practice with decentralized online social groups @ #DDoSecrets @CoMMLabNU @NUnetsi
Kate McInnes @kate_mcinnes
2K Followers 636 Following 🇦🇺 in Bay Area | lover of 🍷, ☀️, 🎵, ✈️, my puppy 🐶 and meeting new people | security engineering manager | views are my own
Alibaba Security Resp... @AsrcSecurity
4K Followers 3K Following Alibaba Security Response Center (ASRC), Point of Contact of all the Alibaba related vulnerabilities, cooperations, and so on.
Benjamin Chetioui @_SIben_
1K Followers 1K Following Currently JAX & Pallas @GoogleDeepMind 🇨🇭 (prev XLA @Google 🇨🇭🇧🇻, PL PhD @UiB 🇧🇻) | ⚪⚫ Go player, 🇫🇷🥈'25 | Prev CTF @FlatNetworkOrg. Opinions my own
Fish Wang @LtFish_
460 Followers 30 Following Reverse binaries sometimes. Love reading decompiled code. Would do anything for flags.
John McMaster @johndmcmaster
15K Followers 173 Following IC reverse engineering, #mtvre, CTO @LabsmoreLLC https://t.co/kTAlHvruKe https://t.co/ICN8cRMGIi
Brijesh Rakholia @rakholiabrijesh
124 Followers 937 Following Security Engineer @Microsoft MORSE Team
Ethan Burger @h_burguesa
196 Followers 1K Following security research, IoT / embedded defense, bug bounties. once wrote a paper on RE'ing hdds and got job offers from Russia & almost sued in the same week.
Mitch Altman @maltman23
7K Followers 0 Following Inventor of TV-B-Gone, Co-founder of Noisebridge (San Francisco hackerspace). Fediverse: @[email protected]
Jeremy Blackthorne @0xJeremy
1K Followers 413 Following Life-long student. Teacher. Marine. Instructor at @BosCybernetics. @RPISEC alumnus. السلام عليكم https://t.co/9GA7q1bmT5
Penny MacNeil @pennymacneil
255 Followers 177 Following
The Diana Initiative @DianaInitiative
10K Followers 2K Following 501c3 nonprofit To create a more inclusive infosec industry.
May → Bluesky 🦋 ... @SleepyEntropy
2K Followers 1K Following infosec & aurora chasing now on bluesky
burrito @burritofun
36 Followers 210 Following
mongo @mongobug
11K Followers 193 Following I like bug bounty programs and breaking things that other people have built. I love kudos.
John "Penjdoe" Doe @SiouxDenim
56 Followers 279 Following husband • father • christian • umbrella enthusiast • pathological liarYou might like
