soon a phd student in motivic homotopy theory.. but my secret dream is to pwn browsers
Joined February 2018
- Tweets 1,259
- Following 504
- Followers 624
- Likes 3,823
68 Photos and videos
StormXploit retweeted
21 Jul 2023
Sharing another V8 Sandbox design document more widely: docs.google.com/document/d/1…
This one discusses how to protect code pointers - probably the most performance sensitive part touched by the sandbox - with (almost) no performance overhead.
2
61
222
27,684
StormXploit retweeted
8 Jul 2023
Hi Hackers,
Let’s celebrate all our wins and inspire others by dropping a link below to a write-up of some public security research you’re the most proud of!
Don’t be shy! Let’s goo! 👇
#CyberSecurity
19
14
89
25,021
StormXploit retweeted
3 Jul 2023
Here we go, new articles are ready on a brand new and exciting topic, smart contracts security! ⛓️
⏩To get things off to a good start, here's the first article, Blockchain 101.
Happy reading!
en.hackndo.com/blockchain/
2
37
127
11,258
StormXploit retweeted
3 Jul 2022
Google CTF 2022 d8: From V8 Bytecode to Code Execution: mem2019.github.io/jekyll/upd…
64
301
StormXploit retweeted
30 Jun 2022
Check out new lsassy release!
🔸New dump modules
🔸Usable TGT are displayed alongside credentials
🔸DPAPI Masterkeys are retrieved
For more details you can check release 3.1.2 description
github.com/Hackndo/lsassy/re…
1
37
116
StormXploit retweeted
27 Jun 2022
Exploiting an Unbounded memcpy in Parallels Desktop
A Pwn2Own 2021 Guest-to-Host Virtualization Escape blog.ret2.io/2022/05/19/pwn2…
1
47
163
Just publish the write up for the challenge that i’ve created for @_leHACK_ 2022 :)
You can read it here : github.com/W0rty/LeHack_Sala…
Gg to teams who solved it :)
2
9
64
StormXploit retweeted
20 Jun 2022
Retrouvez moi au @_leHACK_ ce week-end pour un workshop sur la traque des @interpolwanted grâce à l'OSINT (si, si, c'est possible !)
Où : Osint Village, sur le stand d'@OsintFr, Room 1
Quand : Dimanche, 2h30
Let's track Interpol Super Villains !
#osint #osint4good #roso
2
10
30
@LoginSecurite se sera battu jusqu'au bout🙂.
On a fini 5e.
Merci à @hack2g2 pour cette event!
Le Fake CTF était amusant.
2
7
StormXploit retweeted
Hello 😀
Vous l'attendiez tous, on organise un meet "Not Before LeHack" car il sera pendant, le Vendredi 24 Juin à partir de 18h30, voici le lien pour vous inscrire 😉
framadate.org/PiEl4NlVM4n6qA… #infosec #rtfm #lehack
7
15
7 Jun 2022
Hey, with @pwn2baguette we are building a CTF team for #LeHack. Feel free to dm if you want to join us 🙂
1
1
4
StormXploit retweeted
2 Jun 2022
AND APPARENTLY, even though I have iCloud backuping enabled, none of my photos from the past 4 years were backuped 😢
I have a lot of sentimental value on my phone, and was wondering if any one of ya'll can think of a way to help me out...
All ideas are welcome ♥️
3/3
1
1
StormXploit retweeted
26 May 2022
Unfortunately my BlackHat US submission about the V8 sandbox was rejected, but we should still have some cool announcements to share about how we're making V8 harder to exploit soon. In any case I'll be around at the conference! :)
5
4
177
StormXploit retweeted
18 May 2022
Watch the fight « @Synacktiv versus @Tesla » during the #Pwn2Own hacking contest. Tomorrow Thursday, May 19 at 7pm (UTC 2 🇫🇷).
18 May 2022
Interested in watching any of the #Pwn2Own Vancouver 2022 attempts but can't get to @CanSecWest? Watch the live streams of selected attempts here and on YouTube. Check out the full playlist here:
youtube.com/playlist?list=PL…
25
60
StormXploit retweeted
10 Apr 2022
Bonjour Twitter, mon petit cousin fait des parcours de billes avec des gouttières et autres et j aurais voulu lui trouver des vidéos/ idées (il a 7 ans) donc voilà si vous avez ce genre de source :p
1
1
StormXploit retweeted
24 Mar 2022
Here are the slides for my talk « Delegating Kerberos to bypass Kerberos delegation limitation » 😈 at @1ns0mn1h4ck #INS22 thehacker.recipes/ad/movemen…
16
231
590
Hello !
FuckThatPacker is now integrated to CobaltStrike. You can now generate obufscated powershell payloads directly within CobaltStrike :D
github.com/Unknow101/FuckTha…
retweet appreciated
3
125
340
StormXploit retweeted
11 Mar 2022
Today I am releasing part 1 of a 3 part series on “modern” browser exploitation targeting Windows.
Part 1 addresses configuring an environment, understanding how Chakra/ChakraCore manages objects in memory, and type confusion vulnerability analysis.
connormcgarr.github.io/type-…
2
160
430
StormXploit retweeted
4 Feb 2022
Here are the slides from the "Attacking JavaScript Engines in 2022" talk by @itszn13 and myself @offensive_con. It's a high-level talk about JS, JIT, various bug classes, and typical exploitation flows but with lots of references for further digging! saelo.github.io/presentation…
6
252
723