Explorer of weird machines. Founder/CEO @bynar_io
Joined July 2011
- Tweets 127
- Following 115
- Followers 144
- Likes 114
Photos and videos
Alfredo Pesoli retweeted
Discovery & Validation in the Linux Kernel
Three-part article by @sam4k1 about analyzing two vulnerabilities (in CAN sockets and FUSE) and attempting to use local LLMs to rediscover the bugs.
Final part: bynar.io/blog/discovery-vali…
1
13
53
4,527
May 20
We got curious about those kernel bugs we found last month and decided to test them on sub-70B local models (qwen/gemma). Same context the original model (Opus 4.6) that found the bug used and pointed them at the subsystems. Fancy graphs included.
To wrap-up the series, @sam4k1 puts local models running on a Mac Studio head-to-head with Opus 4.6 on the kernel bugs, CVE-2026-31532 & CVE-2026-31694, from parts 1 & 2.
bynar.io/blog/discovery-vali…
1
226
Alfredo Pesoli retweeted
May 18
Here's the PoC for Nginx CVE-2026-42945 which works against vanilla Ubuntu (and any other distro?) Nginx with ASLR enabled. I have included all iterations of the PoC the LLM was kicked to improve.
TL;DR: We can use an LFI/file-read primitive to leak enough details from /proc/<nginx-worker>/mem to bypass ASLR and achieve reliable RCE, in most cases at first shot.
There are still other ways to make it work, with even less subtle primitives. If you ask Geppetto nicely, he will help you ;)
github.com/Hamid-K/nginx-rif…
5
93
335
40,145
Continuing the series: @sam4k1 digs into CVE-2026-31694, a page cache overflow in the kernel's FUSE subsystem that our pipeline surfaced and validated with an LPE on Ubuntu 26.04 using Opus 4.6.
bynar.io/blog/discovery-vali…
23
63
7,214
In the first of a three-part series, @sam4k1 does a technical deep dive on CVE-2026-31532: a race condition in the Linux kernel's SocketCAN subsystem discovered, validated, and patched by our pipeline.
bynar.io/blog/discovery-vali…
15
50
14,795
Apr 16
So happy to welcome @sam4k1!
I worked with Sam during my final years at Immunity. Just a few weeks after joining, he found a remote stack overflow in the Linux kernel.
Plenty of (pre-AI ;)) bugs later, I am thrilled to see him join @bynar_io.
He’s cooking already ;)
We're excited to welcome @sam4k1 as Head of Vulnerability Research.
With AI reshaping the cybersecurity landscape, our focus is making sure defensive capabilities keep pace - without getting lost in noise.
At Bynario, our goal is to combine autonomous approaches with domain expertise, reducing the gap between discovery and remediation.
The goal is simple: less guessing, more fixing.
Great to have Sam onboard!
Link to our blog below:
1
1
4
408
Apr 16
Defense needs to scale, we are building that.
Everyone is talking about Mythos, we were already finding vulnerabilities in one of the most complex closed software ecosystems out there - last year.
Proud to be building this with @lcavallaro and the rest of the team!
We launched Bynario in Nov. 2025, an AI system designed to:
- Analyze software at the binary level and surface unknown vulnerabilities
- Anticipate and validate risk before exploitation
- Bring true prevention into production environments
We validated our solution last August when we identified and reported 7 vulnerabilities in macOS, iOS, and iPadOS.
Our goal is to restore trust and control over the software you run, here's why:
1
5
384
Alfredo Pesoli retweeted
Stealth died 😢 A member of Team-Teso, Phrack staff, and many other groups. A true hacker—perhaps as true as a hacker can ever be. WE MISS YOU. 🩷
More: thc.org/404
<stealth> we had joy we had fun we had a rootshell on a sun.
24
122
606
89,780
Wanna see me load Ransomware without touching disk? Wanna see me do it again? For those of you that missed my talk on Sickle @BlackHatEvents you can find it here:
youtu.be/FKcX-6jReAc?si=NZiP…
1
6
21
4,092
I'm excited to be presenting Sickle at Arsenal at Black Hat USA 2025, to join me click here app.ingo.me/q/3n4vn #BHUSA. I'm really looking forward to meeting all of you!
5
22
4,902
So far in the Windows Kernel Exploitation series we have successfully exploited a Stack Overflow against both Windows 7 (x86) and Windows 11 (x64). This week you'll be getting an introduction on how to exploit a Use-After-Free within the Windows Kernel!
github.com/wetw0rk/wetw0rk.g…
2
50
195
11,947
I recently created a blog and decided to have my first post be my analysis of the Hells Gate Malware😈🔥.
Interested in reversing engineering, low level shenanigan's, or plan to fight your local EDR?
I GOT U GANG 🗣️🔥🗣️🔥:
wetw0rk.github.io/posts/ezek…
4
8
742
Here’s the advisory on a remote stack overflow I found in the Linux Kernel’s TIPC networking module :)
openwall.com/lists/oss-secur…
2
45
144
29 Oct 2021
I've added the option to boot into Recovery mode to KhaosT (full credit for project and private headers) fantastic MacVM project github.com/apesoli/MacVM
4
Alfredo Pesoli retweeted
3 Jun 2021
8 years ago, our friend & co-founder Aaron Swartz took his life while being threatened with decades in prison under an overly broad interpretation of the CFAA.
Today, a small sliver of justice has been delivered by the Supreme Court's ruling to restrict the scope of the CFAA.
4
113
261
Alfredo Pesoli retweeted
4 May 2021
Fascinating data from the Apple/Epic lawsuit.
If you want to start your own competing store, spend 11 million on buying the rights to various games, and that brings you 18 million players. So you spend less than a dollar to acquire a user, 10 dollars to acquire a customer:
4
61
259
Alfredo Pesoli retweeted
2 Jul 2020
Rest In Peace, Reckful.
What a terrible tragedy. You can tell he meant so much to so many people.
If you are having suicidal thoughts, then please speak to a trusted friend/family member or a professional.
I can’t stress this enough: life gets better. I promise.
64
857
15,101
Alfredo Pesoli retweeted
1 Jun 2020
George Floyd died of asphyxia, finds autopsy ordered by family of black man whose death in Minneapolis sparked riots bbc.in/3dpSvwX
805
7,713
20,553