@cor_ctf profile picture
Crusaders of Rust @cor_ctf

A European and American Security Research Group

Joined February 2021
  • Tweets 118
  • Following 40
  • Followers 2,760
44 Photos and videos
ItS ToO dAnGeRoUs 🤡 @AnthropicAI
strellic
@strellic
Jun 9
it might be over for me
2
113
Offensivecon 2026 talks are out! Check out the Minecraft 1-click RCE talk from our teammate @ryaagard at youtu.be/QgybUtLXS9U😎

OffensiveCon26 - Hrvoje Misetic - 4-Byte Heap Overflow To RCE In...

https://www.offensivecon.org/speakers/2026/hrvoje-misetic.html

youtube.com
15
78
6,589
We had a blast this weekend at @offensive_con 🔥- thank you to @Binary_Gecko for the awesome conference! Congrats to our teammates @caueobici for his pwn2own success and @ryaagard for his talk on a 1-click Minecraft 0day😎
4
65
2,675
The research is out now! Come find out how we had a live universal XSS on Samsung phones for the past 6 months😎
OtterSec
@osec_io
Apr 1
Replying to @osec_io
osec.io/blog/2026-04-01-patc…
1
5
47
5,338
We finally did something outside of kernel security research? Thank you to @osec_io for the collab🔥 Long live the patch gaps🫡
OtterSec
@osec_io
Mar 24
We've had a renderer RCE -> UXSS exploit on Samsung phones since last November, in collaboration with @cor_ctf. Full writeup coming next week.
0:20
1
40
3,714
Awesome research from @ryaagard 👀
OtterSec
@osec_io
Mar 17
We achieved a guest-to-host escape by exploiting a QEMU 0-day where the bytes written out of bounds were uncontrolled. Full breakdown of the technique, glibc allocator behavior, and our heap spray/RIP-control primitive ↓
1
23
2,813
Crusaders of Rust retweeted
kqx
@kqx_io
Mar 8
played DiceCTF quals and managed to blood the kernel pwn challenge and won the $150 bounty! check out the writeup: kqx.io/writeups/cornelslop/
1
24
187
11,576
Crusaders of Rust retweeted
chompie
@chompie1337
24 Nov 2025
Watch XOR’s talk CUDA de Grâce: Owning AI Cloud Infrastructure with GPU exploits Kernel driver bugs aren’t just a LPE problem, they’re a cloud problem. With the explosion of AI in the cloud, NVIDIA’s GPU drivers have become a valuable attack surface youtu.be/Lvz2_ZHj3lo

HEXACON 2025 - CUDA de Grâce by Valentina Palmiotti & Samuel Lovejoy

Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

youtube.com
5
74
297
52,437
Crusaders of Rust retweeted
Pumpkin 🎃@u1f383
25 Nov 2025
My HEXACON talk video is out! It covers a small race condition in the Linux kernel’s io_uring. I recommend watching it at 1.25× speed since I’m still not great at speaking 😅 youtube.com/watch?v=Ry4eOgLC… Here is the slide! u1f383.github.io/slides/talk…
4
46
148
14,653
Our @hexacon_fr talk is out on Youtube now😎 youtu.be/C-52Gwmce3w Follow the slides at: storage.googleapis.com/stati…

HEXACON 2025 - An RbTree Family Drama by William Liu & Savino Dicanosa

Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

youtube.com
22
77
12,466
Crusaders of Rust retweeted
Hexacon@hexacon_fr
24 Nov 2025
If you missed HEXACON 2025 or want to rewatch some of the talks, they’re now available on our YouTube channel 📽️ Enjoy the content, and see you in 2026! youtube.com/playlist?list=PL…

HEXACON 2025

youtube.com
1
58
132
28,811
Congrats @ryaagard 👀 We will not be connecting to any Minecraft servers you host.
OtterSec
@osec_io
12 Nov 2025
Our research team achieved client RCE on Minecraft Bedrock Edition via a heap overflow to bypass ASLR and sidestep CFG. Writeup to come.
0:34
145
10,379
We at CoR ( @u1f383) had a great experience at @hexacon_fr this weekend Met many skilled VR people, the venue was amazing, and the speaker gifts were simply🔥 Best offensive security conference we have seen so far - thanks again to the organizers for the opportunity!
1
54
9,452
Crusaders of Rust retweeted
Hexacon@hexacon_fr
11 Oct 2025
An RbTree Family Drama: Exploiting a Linux Kernel 0-day Through Red-Black Tree Transformations by William Liu and Savino Dicanosa
2
37
3,593
Wanna learn how to perform OOP in functional programming all in Google Sheets? Come check out our team member @MaxCai33447144 research, which he made into a corCTF 2025 challenge! cor.team/posts/corctf-2025-p…
1
15
1,743
We have a🔥presentation ready for Hexacon. Come grab a beer with us afterwards! See everyone in Paris🇫🇷🫡
Hexacon@hexacon_fr
17 Sep 2025
📢 An RbTree Family Drama: Exploiting a Linux Kernel 0-day Through Red-Black Tree Transformations by William Liu & Savino Dicanosa
3
36
3,411
Say hello to Eternal Tux🐧, a 0-click RCE exploit against the Linux kernel from KSMBD N-Days (CVE-2023-52440 & CVE-2023-4130) willsroot.io/2025/09/ksmbd-0… Cheers to @u1f383 for finding these CVEs the OffensiveCon talk from gteissier & @laomaiweng for inspiration!
1:13
11
199
754
81,680
Check out our teammate's retrospective on his kernel fuzzing summer: willsroot.io/2025/09/syz-sum… It covers a net/sched fuzzing quirk (inspiring HangBuzz101 in corCTF), and summarizes the kernelCTF adventures of our team. Another really cool exploit write-up will drop this Sunday 👀
25
91
7,522
For corCTF2025 our teammate D3vil (syst3mfailure.io) wrote an Android kernel pwn. Congrats to @u1f383 for the only solve! Make sure to read his writeup!

Posts

Low Level Software Exploitation

syst3mfailure.io
Pumpkin 🎃@u1f383
8 Sep 2025
Last weekend, I participated in corCTF and solved the Android Pwn challenge - corphone. It was a great challenge, and I learned a lot from it. Here's my write-up :) u1f383.github.io/android/202…
3
41
4,309
We recently claimed the cos-113 slot with an exploit for CVE-2024-58240😎 A backport for an exploitable UAF was missed for 6.1.x for the past 1.5 years🧐 Maybe when we have healed from our recent 100k bug bounty typo will we tell the full story🤪
1
7
96
6,442
Load more