Grzegorz Wypych @horac341
Security Researcher Joined February 2017-
Tweets115
-
Followers572
-
Following52
-
Likes86
When you think world moved somewhere.. and AI take over everything.. My first tower ever i have still alive.. Hope someday someone will find it and listen this beautiful sound from 50W old JVC speakers.. when the world we know will end up.
if you think all attack vectors for hw fault injection, explain what happened during emfi attack looking on picture
Finally, I started project with offensive security academy. First 5 people that will enroll will get 15% discount code. Who knows me, knows that I will not sign under bullshit my name. promotion code: W3LCOM377 academy.pwnsec.pl/course/hardwar…
0.1 mm plot example via my library on Snapmaker. Green - visited probe color. Yellow - some error but not crash. Red - crash. Best spot will be the one with most yellow points. Inspired by raelize.com guys methodology.
Working on XYZ python automation library. Really recommend Snapmaker F350 as machine. Up to 0.05mm resolution, solid metal, silent and used chip do not require any physical stop switches. F350 has big enough workbench to work on most EMFI projects.
hardwear.io/usa-2021/train… Join us July online, to learn Fault Injection attacks using open source tools we created with @rfidiot during hardwear.io trainings session. Find and exploit vulnerabilities with us that are not exploitable without injection attacks !
New Raiden extension board is coming ! Right now in production, will get you know when it will work as planned. Support for voltage fault injection, USB sniffing, power analysis and EMFi connection. It's designed by me and @rfidiot to work with our Raiden project (arty A7)
Zapraszam wszystkich zaintersowanych do wzięcia udziału w konferencji OH MY H@ACK i na spotkanie z projektem open source "Raiden" w boju. Zniżka 20% z poniższym kodem Kod: p455w0rd Link do rejestracji: app.evenea.pl/event/omh2020/ *zniżka dotyczy wszystkich typów biletów
Happy to announce our project with @rfidiot called Raiden for pulse generator finally open sourced ! We first release it at Black Hat Asia 2020. Happy hardware hacking! github.com/IBM/raiden-pyt… github.com/IBM/raiden
Small plugin for Ghidra that fix issues with string reference for ARM64 v8. IDA Pro by default convert ADRP instruction + ADD to ADRL, however Ghidra or Binary Ninja not, because of that it looses references to strings. Plugin simulate ADRL for Ghidra github.com/h0rac/Ghidra-A…
We just released new 0day for Thales microcontrollers with @major Adam Laurie. For more details join today RedCon session securityintelligence.com/posts/new-vuln…
In case you have problems with wLength limit on Linux hosts which by default allow only 4096 bytes you can bypass that by editing github.com/libusb/libusb/… and changing MAX_CTRL_BUFFER_LENGTH to 65535 should allow to set 0xFFFF as wLength parameter for USB HID/Descriptor messages
Amscope and ChipShouter brothers ! What I really like in chipshouter is HW trigger, using custom FPGA you can drive your signal directly to probe endpoint. Superfast, no MCU involved - Great product from NewAE supporting not only other NewAE portfolio but also custom stuff.
It's important to note when you use Voltage glitching (Not EMFI) with NewAE PhyWhisperer (USB trigger device) and glitch power on USB VBUS you will lose power cycling capability from PhyWhisperer, but Raiden helps to use same line for glitching and powercycling supporting Phy
It's time to release Raiden. We are proud to announce that it will be released during Black Hat Asia event. More details below, and hope see you there blackhat.com/asia-20/briefi…
Rado RC1 @RabbitPro
5K Followers 662 Following Exploitation, hardware, embedded, reverse engineering, automotive security. Pwn2Own Master of Pwn Flashback team (@FlashbackPwn).b33f | 🇺🇦✊ @FuzzySec
32K Followers 844 Following 意志 / Antiquarian @ IBM Adversary Services / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabsTravis Goodspeed @travisgoodspeed
25K Followers 4K Following Merchant of Dead Trees and Licensed Proselytizer of the Gospel of the Weird Machines with Pwnage, PoC, and Secular Rock.Philippe Teuwen @doegox
4K Followers 1K Following If you can't root it you don't own it. doegox infosec exchangeLudovic Tyack @LudovicTyack
467 Followers 420 Following HW & SW pentester during the day; HW & SW security researcher at nightGynvael Coldwind @gynvael
38K Followers 1K Following security researcher/programmer/director @ HexArcana Cybersecurity GmbH ⁂ @pagedout_zine ⁂ @DragonSectorCTF ⁂ https://t.co/ShG2c5As1K ⁂ ex-Google ⁂ he/himLynn @mslynn85ok
8 Followers 173 Following Christ Follower. Mom. Aunnie. Sister. Friend. Reader. Writer. Speaker. Teacher. Gardener. Lover of Life. Happy Person. #realwomankaanezder @kaanezder
698 Followers 841 Following physics & low level stuff a.k.a aventador (daily account @psyduccckkkk)Lanette Perman @LanettePer21825
2 Followers 33 FollowingM @DialecticalMath
38 Followers 36 FollowingLukasz Filip @lfldp11
6 Followers 48 FollowingDr_Salica @Dr_Salica
26 Followers 114 FollowingKeshet Meir @Kesh__22
7 Followers 29 FollowingSpeci @SpeciBirb
19 Followers 939 Following Pfp by @whewwhosthis!!! | 19 | 🇺🇲 | 💜💜💜 | You can DM me but only follow if we're close and you're 18+ plzAdam Laurie @rfidiot
6K Followers 119 Following Global Associate Partner at IBM X-Force Red, Security researcher, DEF CON Quartermaster (Major Malfunction), DC4420 POC.crawler_cookie_0 @crawler_cookie0
59 Followers 4K FollowingAndreas92 @Andreasa_9_2
12 Followers 50 FollowingBinary Gecko @Binary_Gecko
353 Followers 23 Following Binary Gecko GmbH. Securing the digital world through vulnerability research.🦎m3ntal @m3ntal6
28 Followers 66 FollowingJakub Pyszczak @JakubPyszczak
14 Followers 222 FollowingMateusz Szczyrzyca @Eszekesze
158 Followers 976 Following DevOps, Linux, Programming (Go, Python, Rust), Securityatic atic @whysoserioooous
25 Followers 274 FollowingArun Magesh @marunmagesh
804 Followers 1K Following New profile with 20% more BS! If my tweet pisses you off; you can piss off too. Electronics, Infosec & loads of opinion. Catch me in 🟦🏙️hYTeCiA @hYTeCiA_
8 Followers 353 FollowingEdgar @embarbosa
1K Followers 552 Followingefvjdyx @efvjdyx
33 Followers 171 FollowingPA14 @PA147
13 Followers 85 FollowingErcü @Ercukac
22 Followers 254 FollowingPiotr Szeptynski @pszeptynski
40 Followers 1K FollowingPlasma @b1tw1z4rd
1 Followers 5K FollowingKololo Ngemba Pax @paxkololo
97 Followers 1K Following Chrétien, Pasteur, Congolaise de la Rdcongo et Ingénieur en télécommunicationMagicBox @MagicBo45196967
199 Followers 5K FollowingCyber News @tremilainfo
61 Followers 1K Following News | Ethical Hacking | PenTest | RedTeam | Cybersecurity | Osint | Sigint | Kali | Gnuradio | sdr | webmaster | Electronics | Forensics | GNS3 | Bug BountyGabel @MaximalesEta
133 Followers 384 Following Naturliebhabender, elektronischer Informatiker mit überwiegend grimmiger Laune. RT/like/follow≠Endorsement #NoAfD Privat nix offiziell.li blidar @li_blidar
27 Followers 1K Following « Les gens ont tendance à oublier leurs devoirs mais se souviennent de leurs droits. » Indira GANDHIashish @batajoonp
546 Followers 4K Following #NetworkAutomation #IPv6 #Cloud #Optica . Tweets, retweets and likes are bookmarks, momentary and may change.Cristepher Hek @blade3609
23 Followers 117 Followingzeng jacky @zengjacky5
3 Followers 84 Followingshuliakova🇺🇦 @shuliakova_
388 Followers 5K Following Ukraine will be free🇺🇦 бойовий медик🇺🇦 морська піхота🇺🇦 please support Ukraine Army donate your fund 👍Iraj @0Xiraj
9 Followers 122 Following DevOps Engineer at day, Reverse engineering/hardware hacking guru at night.Abdullah 🇵🇰 @abdullah_6786
17 Followers 454 FollowingAndrey Konovalov @andreyknvl
6K Followers 666 Following Security engineer at https://t.co/027VXUlgOx. Focusing on the Linux kernel. Maintaining @linkersec. Trainings at https://t.co/D5MrxmYimS.︎ ︎ ︎ ︎ ︎ �.. @ke_0z
453 Followers 439 Following ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ ︎ Windows XPD ,Reverse Engineer, IR , Cars, Dad/HusbandPetteri @pethie
333 Followers 560 FollowingSinSinology @SinSinology
4K Followers 498 Following Pwn2Own 20{22,23,24}, i look for 0-Days but i find N-Days & i chase oranges 🍊LiveOverflow 🔴 @LiveOverflow
142K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeioPhilippe Teuwen @doegox
4K Followers 1K Following If you can't root it you don't own it. doegox infosec exchangeZero Day Initiative @thezdi
77K Followers 17 Following Trend Micro’s Zero Day Initiative (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.Gynvael Coldwind @gynvael
38K Followers 1K Following security researcher/programmer/director @ HexArcana Cybersecurity GmbH ⁂ @pagedout_zine ⁂ @DragonSectorCTF ⁂ https://t.co/ShG2c5As1K ⁂ ex-Google ⁂ he/himMichał Sajdak @sajdoor
6K Followers 38 Following Prowadzę https://t.co/AbQYioojzo, szkolę, pentestuję :)Keshet Meir @Kesh__22
7 Followers 29 FollowingBinary Gecko @Binary_Gecko
353 Followers 23 Following Binary Gecko GmbH. Securing the digital world through vulnerability research.🦎ISEC.pl @isec_pl
294 Followers 46 Followingfoxtrot_charlie @foxtrot_0x4fult
1K Followers 2K Following It won't get better. Brace for impact lads! IT security researcher/pentester, IRCop. Senior shitposter & meme evangelist.Vitaly Nikolenko @vnik5287
5K Followers 97 Following Security researcher @ DUASYNT. Kernels, browsers. PGP: 77B1 FBAC E0FD 2E94 F8AC 2D91 9566 2314 344F 85E8Andrey Konovalov @andreyknvl
6K Followers 666 Following Security engineer at https://t.co/027VXUlgOx. Focusing on the Linux kernel. Maintaining @linkersec. Trainings at https://t.co/D5MrxmYimS.Hussein Daher @HusseiN98D
43K Followers 151 Following Entrepreneur, Hacker 🇱🇧🇨🇮 @WebImmunify 27th/270000 BugCrowd Hacking PlatformMarcin Ludwiszewski @mludwiszewski
1K Followers 1K Following cybersec adversary simulations & defense ops, https://t.co/i9FRuB613x co-founder,| 6am | Challenge | Sport | Family | private accountOlivier THOMAS @reivilo_t
2K Followers 461 Following Founder & CTO at Texplained. Technology enthusiast & silicon hackerNils @nilsweiss@infos.. @we155_n
461 Followers 104 FollowingEnrico Pozzobon @epozzobon
95 Followers 15 FollowingJasper van Woudenberg @jzvw
2K Followers 432 Following I like puns and embedded security. CTO North America @riscure. Author https://t.co/T7Gtj9ArTC. Closet disco fan 🕺 mastodon: @[email protected]Sébastien Dudek 📡 @FlUxIuS
3K Followers 2K Following CEO of @PentHertz. Networks and computer security engineer in #Wireless systems, #SDR, #Mobile, #CarHacking and #IoTDM @tals0n0r
39 Followers 131 Following Security Researcher | VC Offensive Security Team Lead @ LogitechDoyensec @Doyensec
3K Followers 10 Following Doyensec works at the intersection of software development and offensive engineering. We discover vulnerabilities others cannot, and help mitigate the risk.Adam 'pi3' Zabrocki @Adam_pi3
3K Followers 306 Following Director of Offensive Security @NVIDIA, architecting @RISC_V, @LKRG_org Founder, @BlackHatEvents & @Defcon Speaker, #Phrack author, @PwnieAwards nomineeJoe Grand @joegrand
25K Followers 609 Following Hardware hacker, computer engineer, former L0pht member and juvenile delinquent, sometimes known as Kingpin.David M. N. Bryan - @.. @_videoman_
2K Followers 1K Following @XForceRed Hacker, @Defcon_TV Goon, @Thotcon OPER, Hardware Hacker, Geek, Security Geek, Pico-WISP Owner. Tweets are my own. He/Him/HisDmitry Nedospasov @nedos
6K Followers 296 Following Founder of @advsecio, @toothlessco and @walletfail. Working on @recoverytag. We audit wallets as @keylabsio. PhD in hardware security.Blenster Ⓥ @blenster
18K Followers 9K Following Hacker/maker, inventor, nerd, apprentice knife-maker, Co-Founder of @mrblinkybling. Rapid prototyper. Member of @LVL1Hackerspace https://t.co/x0Z0MyaZ6H (heSebastian Muniz @_topo
2K Followers 804 Following Security researcher, hardware crasher and some other useless characteristics in real life.Martijn Bogaard @jmartijnb
951 Followers 1K Following Reverse engineers source code by day and reviews binaries by night. TEEs, TAs, bootloaders (Secure Boot), RTOSs, firmware blobs and other low-level sw.Cristofaro Mune @pulsoid
2K Followers 698 Following Founder at Raelize! (@raelizecom) In between HW & SW. Fault Injection, TEEs, IoT & anything else challenging my curiosity.Edwin van Andel @Yafsec
5K Followers 2K Following https://t.co/N6FLQyoPB7 | CTO | Speaker | Security | Hacking | ALT-S Organizer | נקר ירוק | Last Unicorn Con | Defcon 003120 | @iamthecavalry | @[email protected]Pepe @_xPeps
317 Followers 343 FollowingCatherine Norcom @thingmakerQ
858 Followers 250 Following Hardware hacker, reverse engineer, circuit board surgeon, and micro-soldering pro. Conference speaker. Combat veteran.Payatu @payatulabs
4K Followers 636 Following Research Powered Cybersecurity Services and Training. IoT | Embedded | mobile | cloud | Infra security. Organizers of @nullcon @hardwear_ioNewAE Technology Inc @newaetech
3K Followers 1K Following NewAE Technology Inc. is the designer of the ChipWhisperer open-source embedded security analysis platform.Colin O'Flynn @colinoflynn
10K Followers 1K Following Active on: [email protected] (Mastodon) or @colinoflynn.bsky.social (BSky)Antriksh (Yoda) #Null.. @antriksh_s
6K Followers 561 Following Entrepreneur - nullcon & https://t.co/qUPTyLxl7S Security Conference (tweets are personal & not affiliated to any entity/organization), Vintage Computer 🍎Collectorhardwear.io @hardwear_io
9K Followers 521 Following #HardwareSecurity Training & Conference Upcoming Conference & Training #hw_ioNL2023Chris Gerlinsky @akacastor
3K Followers 1K Following @[email protected] - Wanna be hacker, code cracker, slacker, wastin' time with all the chatroom yakkers. (he/him)D.Snezhkov @Op_nomad
930 Followers 303 Following “Countless words count less than the silent balance between yin and yang” ― Lao Tzu, Tao Te Ching ☯ (That's before Lao discovered Twitter)Adam Laurie @rfidiot
6K Followers 119 Following Global Associate Partner at IBM X-Force Red, Security researcher, DEF CON Quartermaster (Major Malfunction), DC4420 POC.Larry W. Cashdollar @_larry0
5K Followers 4K Following Member of @Akamai SIRT. Security Researcher & Exploit Coder. Research covered by Slashdot, ZDNet, arstechnica, MSN.. Mitre CVE CNA.Limor Kessem, CISM, C.. @iCyberFighter
4K Followers 2K Following #Cybersecurity advisor #CyberCrisis, #CISO, #ThreatIntel, champion diversity & women in tech. Polyglot. Mom. Work at IBM, opinions strictly my own. She/her.j00ru//vx @j00ru
38K Followers 831 Following (Mostly) Windows hacker & vulnerability researcher. Google Project Zero. @DragonSectorCTFMauro Paredes @mauroparedes
246 Followers 1K Following Security Enthusiast | PenTester | Cybersecurity Consultant | Security Architect #InfoSec #OffSec #Hacking #AppSec (My tweets are my own)John Stauffacher @g33kspeed
4K Followers 5K Following MAKING THE INACCESSIBLE, CESSIBLE. The views expressed are all my own, and do not represent my employer....Thanks to the Hexacon team for inviting me as a speaker and organizing the conference! It was a great experience and I hope to see you around next year 👍
Thank you everyone for this amazing second edition! We hope you all had a blast and all the team is already eager to see you all next year for #HEXACON2024 🚀
[PL] W poniedziałek zaczynam serię szkoleń z hexedytorów i operowania na plikach binarnych. Pierwsze jest darmowe (tylko trzeba się zarejestrować), więc zapraszam :) gynvael.coldwind.pl/?lang=pl&id=775
Friday was my last day at Google. I'm saddened to leave behind my team of the last 12+ years, but I know Google's security is in great hands. It's time for a short break and then I'm moving on with plans I've made long ago – my own sec research, consulting, and education company.
Great writeup by @0vercl0k on pwning a TP-Link AC1750 (Pwn2Own 2021) A good read for anyone interested in consumer routers security doar-e.github.io/blog/2022/03/2… #iot #embedded #exploit #infosec #cybersecurity
Proud from this research ;-) CC: @AlexTereshkin, @jsc29a, @mbazaliy, @igoooo, @NVIDIAPSIRT nvidia.com/en-us/security…
Looks like this issue is now called EntryBleed 😎 willsroot.io/2022/12/entryb… Btw, as known by those who have taken my training 😉, you can use SIDT to find out the address of IDT (on CPUs without UMIP), so you don't even need to brute-force.
"If you had 24 hours with me, and I couldn't say 'No', what would we do?"
Ready to get on stage at @nohatcon Tips and techniques for achieving code execution with #faultinjection. And bypass FI SW-based countermeasures.
I am very excited to present my greatest work so far for the first time publicly at @hardwear_io ! If you can, come by and hang out with me :D
🔮Breaking into 📱iPhone's last Security Barrier 💡@tihmstar will present his work on attacking the iPhone's hardware AES crypto core through an EM-sidechannel in order to retrieve the hardware fused GID and UID keys 🎟️Grab your tickets 👉bit.ly/3BSDXU6 #hw_ioNL2022
This year I was nominated again (together with @matrosov and @AlexTereshkin) to @PwnieAwards for discovering a "backdoor"-like bug in Intel reference code... I'm also giving a talk on @defcon so if anyone would like to grab a beer (or a tea), just let me know :) #defcon30
There are some cases where you can bypass or disable the sandbox with a simple one-byte-write primitive💥 @binarly_io team will be speaking about Intel PPAM escapes at #BHUSA in a few days💣 🔬#FwHunt is on! blackhat.com/us-22/briefing…
Writing perfect SMM code in C is a good goal but probably not attainable or practical. You can 1) sandbox SMM to container vulns like we do in Secured Core 2) have a small attack surface like coreboot 3) mem safety like oreboot or firebloom
Ready to get on stage at #hw_ioUSA2022! Bypassing security...before a single line of SW is executed. #faultinjection #SoC #emfi
@Bob_Gedron To prawda. Miliony na media Yotuberów, influenserów, artystów. Niżej tylko przykład jak rząd sypał z waszych kieszeni, by straszyć i karmić propagandą. Gozdyra nawet mnie zbanował, jak zapytałem, czy wiedziała o przelewach.😂😂 Trzeba pamiętać wszystkich zamordystów i nagrodzić.
And if you wanna start experimenting with fault injection but have no money.... check out this thread! 😂
Something to finish off 2021 with a bang for you: It's now possible to build a (mostly safe) #EMFI tool for ~$50. Details are in the new 'PicoEMP' repository, including gerbers + design decision notes. Inspired from my @hackaday remoticon talk! github.com/newaetech/chip…
Never before published internal photo's of this smart water meter! FCC filing in 2009 marked confidential. Check them out here: wiki.recessim.com/view/Master_Me…
In our last training, most of our ECUs survived. So we can do it again! Join our automotive security training at @nullcon
Update BasicBBI "Rev1" Design posted here. So far untested as waiting on final PCBs. But based on working prototype so unless I really messed stuff up should be good! github.com/newaetech/chip…