Infosec focused free software, research, publications, community activities @oss_security. Tweets are announcements. Please direct questions to @solardiz.
Joined June 2010
- Tweets 384
- Following 14
- Followers 7,214
- Likes 5
2 Photos and videos
Openwall retweeted
April 2026 was the busiest month for oss-security in 11 years. 311 messages posted. We surpassed the XZ backdoor spike of March-April 2024. We last had 300 in April 2015 when we still had CVE assignment via the list. Now we're back without that incentive. openwall.com/lists/oss-secur…
2
8
20
1,900
Linux Kernel Runtime Guard @lkrg_org 1.0.1 by @Adam_pi3 @solardiz @kerneltoast et al. is out, adds support for Linux 6.19 and 7.0, contains hardening changes and bug fixes openwall.com/lists/announce/…
10
20
3,512
passwdqc 2.1.0 is out, adding built-in common passwords list. We effectively include top 100k of HIBPv8 overlap with RockYou, optimized and compressed to under 200 KB embedded in program binary. None of JtR password.lst 1.8 million are accepted by default. openwall.com/lists/announce/…
passwdqc 2.0.3 releases for Unix-like and Windows systems are out, with many minor additions and changes. Leaked password filter files updated to HIBP v8, encoding the 847 million unique passwords (from billions of accounts) in a 3.5 GB file. openwall.com/lists/announce/…
5
18
2,679
Openwall retweeted
Sponsor spotlight: @Openwall
The people behind John the Ripper and decades of open-source security work. If anyone understands community-driven security, it's them.
Thank you for backing #BSidesLjubljana.
#InfoSec #Cybersecurity #Openwall
ALT openwall
1
2
572
At #NullconBerlin2025, @solardiz unpacked how Linux Kernel Runtime Guard (LKRG) 1.0 brings real-time integrity checking & exploit detection to the Linux kernel, even across different versions & edge-case environments.
Watch Now: youtu.be/9hQULqxFdBs?si=yp1L…
#LKRG #LinuxSecurity
1
6
15
4,454
Openwall retweeted
22 Oct 2025
What should @Openwall's simpler vulnerability scoring system (CVSS alternative) be called? Note that we already have OVE openwall.com/ove/ as a CVE alternative, but unfortunately the OVSS acronym already has a bit of use in CS/AI for "open-vocabulary semantic segmentation".
15%
No preference or Other
35%
OVSS
25%
SVSS
25%
OSVSS
20 votes • Final results
2
1
2
1,456
Openwall retweeted
20 Oct 2025
Hash Suite 4.0 (Windows) adds support for custom Python scripts as key-provider, updated wordlists to download, better high-resolution support, and should have fewer antivirus false positives. hashsuite.openwall.net/downl…
2
5
1,201
We've just published the slides of @solardiz's @Nullcon Berlin 2025 talk "Linux Kernel Runtime Guard (LKRG) 1.0" openwall.com/lists/announce/… #LKRG #nullconBerlin2025 #nullcon
ALT What is LKRG - Project of Adam 'pi3' Zabrocki - Brought under Openwall umbrella for its first public release in 2018 - (Post-)detection of (and response to) kernel rootkits and exploits - Linux kernel module that performs - Runtime integrity checking of the *kernel* and *modules* (including itself) <- "code" - and of *CPU* flags and *globals* and the kernel's view of running *processes* <- "data" - Sanity-checking of *control flow* (stack unwinding) and blocking some APIs - Response to (almost-)successful attacks and encrypted remote logging - 20 contributors total, 4 very active this release cycle (0.9.9 to 1.0.0) - Also users contribute testing beyond what we could perform ourselves - Independent project with some corporate support - Remote logging research and initial implementation in 2022 by Binarly - Many general improvements, releases, packaging in 2023-2025 by CIQ
17
38
8,921
Openwall retweeted
17 Sep 2025
Strengthening Linux Security With Kernel Runtime Guard 🎯
#Linux security remains a pressing concern as vulnerabilities continue to expose critical systems.
@solardiz, founder of @Openwall, and senior principal security engineer at CIQ, said Linux Kernel Runtime Guard's, or LKRG, 1.0 release brought major improvements in testing and code cleanup.
Watch his full interview with @aseemjakhar: inforisktoday.com/strengthen…
#ISMGNews #ISMGStudio #cybersecurity #NullconBerlin2025 @nullcon
3
6
2,826
Linux Kernel Runtime Guard @lkrg_org 1.0.0 by @Adam_pi3 @solardiz @kerneltoast et al. is out, adds support for Linux 6.13 (tested to 6.17-rc4), forward-edge CFI (Intel CET IBT, KCFI), ..., reduces performance overhead, shrinks the codebase by ~2500 lines. openwall.com/lists/announce/…
Heading to Nullcon Berlin 2025? @solardiz will share his LKRG expertise by taking an in-depth look at kernel hardening challenges and what it takes to protect systems in the real world.
nullcon.net/berlin-2025/spea…
#NullconBerlin2025 #LinuxSecurity #RLC_H
8
20
2,886
At #NullconBerlin2025, @solardiz will walk us through the journey from LKRG’s edgy debut to its 1.0 release – complete with real-world attacks, trade-offs, nasty bugs, & some honest truths about kernel hardening.
Know More: nullcon.net/berlin-2025/spea…
#LKRG #LinuxSecurity
1
6
14
3,135
End of an era: our CVSweb service turned 21 today, and was promptly retired. Our anoncvs was similarly shut down at the age of 21 two years ago, quietly.
All of our projects previously maintained in CVS are now in Git (yes, older ones with commit histories for ~20 years) and under the Openwall organization on GitHub. There are a total of 22 Git repositories now. openwall.com/lists/announce/… github.com/openwall
2
12
2,604
🔒 Enhancing LKRG: A Step Toward Stronger Security. CIQ's own Sultan Alsawaf recently contributed impactful updates to the LKRG project, fixing longstanding bugs & making it stronger & more stable than ever.
Learn more here 🔗 hubs.li/Q03jDBsj0
#HPC #IT #LKRG #OpenSource #Linux
6
8
1,608
Openwall retweeted
16 Apr 2025
#MITRE #CVE is great (dead?), but @Openwall 's #OVE has been a system for vuln. tracking-ID since 2016 !
Ex: #Exim CVE-2019-13917 also has OVE ID: OVE-20190718-0006
I used both for tracking vulnerabilities since 2k16.
Time to give #OVE more visibility:
openwall.com/ove/
2
3
1,467
Openwall retweeted
11 Mar 2025
I'm happy to build upon and extend the ideas and approaches we had tested and proven, and expertise gained building @Openwall's security enhanced Linux distribution, now for @CtrlIQ's wider audience and in a modern context.
📣 Exciting news from CIQ! 📣 Announcing Rocky Linux from CIQ - Hardened!
Read the press release: hubs.li/Q03blcsv0
#RLCHardened #RLC #RockyLinux #CIQ #SysAdmin #ProductLaunch
1
7
18
10,539
Openwall retweeted
3 Feb 2025
Interview with @Adam_pi3 and me about LKRG, in English adwersarz.pl/polish-it-secur… and Polish
3 Feb 2025
Czas na wywiad! Rozmawiamy z @Adam_pi3 i @solardiz o LKRG (Linux Runtime Kernel Guard), które może znacznie utrudnić zhackowanie Linuxa. Co słychać i jak przebiega rozwój projektu, czy ktoś próbował skutecznie obejść LKRG? Zapraszamy do lektury! adwersarz.pl/polskie-projekt…
1
12
25
6,453
Linux Kernel Runtime Guard @lkrg_org 0.9.9 by @Adam_pi3 et al. is out, adds support for Linux 6.11 , 6.10.10 , 5.10.220 , CentOS Stream 9 (upcoming RHEL 9.5). openwall.com/lists/announce/…
Updated packages for Rocky Linux 9.4 and 8.10 being released sig-security.rocky.page/pack… @rocky_linux
1
5
21
2,764
Openwall retweeted
We sponsored the porting of the yescrypt Linux password hash algorithm to Go as an open source project. Read more below. This is now part of our agentless password auditor feature on Linux as well.
Announcing yescrypt-go, our pure Go reimplementation of yescrypt key derivation function (KDF) and password hashing scheme. Builds upon @dchest's Go scrypt, with yescrypt support added by @solardiz. Sponsored by @SandflySecurity. openwall.com/lists/announce/…
x.com/SandflySecurity/status…
1
3
10
2,561
Announcing yescrypt-go, our pure Go reimplementation of yescrypt key derivation function (KDF) and password hashing scheme. Builds upon @dchest's Go scrypt, with yescrypt support added by @solardiz. Sponsored by @SandflySecurity. openwall.com/lists/announce/…
x.com/SandflySecurity/status…
15 Aug 2024
Sandfly 5.1.1 features yescrypt support for our agentless Linux password auditor, new detection modules for debugger activity, and an important performance fix for the database. Read more about these new features below:
sandflysecurity.com/about-us…
6
12
4,954
Openwall retweeted
24 May 2024
Updated my @offensive_con keynote talk slides page to include links to our other related presentations openwall.com/presentations/O…
ALT "Optimization" slide from "Password cracking: past, present, future" showing the break-down into speed vs. focus and the many trade-offs
Just published slides of @solardiz's @offensive_con keynote talk "Password cracking: past, present, future" openwall.com/lists/announce/…
1
23
59
16,274