Joined March 2017
- Tweets 92
- Following 71
- Followers 1,373
- Likes 65
4 Photos and videos
4 Dec 2025
Local Privilege Escalation in Fedora Linux (CVE-2025-12744).
Red Hat has made this public, but patches aren't out yet. Reliable root for any local user.
Mitigation: sudo systemctl disable --now abrtd
Writeup PoC: initblog.com/2025/abrt-root/
10
22
2,470
18 Aug 2025
Drive-By Attack in Ollama Desktop v0.10.0
Found a bug in Ollama desktop GUI (not the core API) where malicious websites could hijack all private chats. Ollama crew patched it within hours. Make sure to update!
Tech details, video, IoCs, and PoC here: gitlab-com.gitlab.io/gl-secu…
1
271
20 Nov 2022
A lot has happened in a year! I’ve refreshed the dynamic data sources for passphrase-wordlist and generated a new file. If you’re into cracking complex passwords, this may be for you. Enjoy!
github.com/initstring/passph…
3
18 Nov 2022
I'm not very active on here, and probably won't be on the next one either. But just in case, here's the new Mastodon profile I set up: @initstring@infosec.exchange
11 May 2022
Spent some time recently formalizing our Red Team workflow at GitLab. The process is open-source, and we're sharing our issue templates to track logistics, goals, TTPs, reports, etc.
about.gitlab.com/blog/2022/0…
1
2
6
4 Oct 2021
Just pushed an update for passphrase-wordlist. Massive list of passphrases with hashcat rules for offline cracking of long, complex passwords. Enjoy! github.com/initstring/passph…
1
4
7
4 Oct 2021
Sometimes I like to just grep random things and see if it made it into the list.
$ grep covid ./passphrases.txt | wc -l
5937
Well, some of those are... interesting.
10 Sep 2021
Wanted to share this combo, as it's such a cool protection from drive-by attacks.
1. uBlock Origin with the "block access to LAN" filter-list
2. DNS rebind protection (available in pihole, NextDNS, dnsmasq, AsusWRT-Merlin, etc)
JS can no longer easily target your LAN!!!
2
4
10 Sep 2021
I've not yet spent time trying to bypass the combo, but that could be a fun adventure for the future.
7 Sep 2021
I discovered a drive-by #RCE in the @gitlab Development Kit (it's now fixed). This took chaining multiple vulnerabilities and would have allowed me to remotely compromise developer machines. Details and tips to protect yourself from similar exploits here:
about.gitlab.com/blog/2021/0…
7
11
30 Jul 2021
Stealing Bitcoin w/ CSRF via Ride The Lightning Umbrel. Thanks to the RTL devs for pushing a quick fix! Here's my write-up: initblog.com/2021/rtl-driveb…
2
21
40
19 Nov 2020
Great finding by @Sambal0x - and a good example of why e2e encryption is important in messaging apps. :)
19 Nov 2020
Be careful of which messenger apps you use.. trustwave.com/en-us/resource…
1
3
11 Nov 2020
Thanks to the @attackndefense team at @mozilla for inviting me on their blog!
This is a more personal overview on the Firefox Android bug I disclosed recently.
10 Nov 2020
Read our latest guest blog post from @init_string: blog.mozilla.org/attack-and-…
2
6
initstring retweeted
17 Oct 2020
Sharing my talk on Hacking Android Apps with Frida
youtube.com/watch?v=iMNs8YAy…
4
52
167
15 Sep 2020
Found a neat little Firefox for Android bug. Current version is not vulnerable, please make sure you are up to date. :) gitlab.com/gitlab-com/gl-sec…
5
122
304
15 Sep 2020
TLDR: Malicious SSDP server on WiFi can provide "Android Intents" as UPnP XML "LOCATION", essentially forcing mobile devices to open links with no interaction.
1
5
34
19 Sep 2020
As mentioned in the blog, the security team at Mozilla was an absolute pleasure to work with. Top-notch folks who are know their stuff and are very open and responsive. I highly recommend working with them!
2
14
26 Aug 2020
This is so cool, thanks @dafthack for the nomination!
25 Aug 2020
Cloud_enum will be giving $1577.7 to Doctors Without Borders @MSF_USA.
Thanks @init_string!
github.com/initstring/cloud_…
1
4 Jun 2020
I found a few privilege escalation bugs in Google Cloud's OS Login. They've all been patched now.
gitlab.com/gitlab-com/gl-sec…
55
129
initstring retweeted
13 Apr 2020
The 4/25 training session for my Breaching the Cloud Perimeter course has reached max capacity but don't worry... I'm teaching it again on 5/28 for FREE. New registration link is here: attendee.gotowebinar.com/reg…
25 Mar 2020
On April 25th I'll be giving a FREE 4-hour training course (w/ labs) that I've built called Breaching the Cloud Perimeter. Space will be limited so get registered now: attendee.gotowebinar.com/reg… @BHinfoSecurity
6
13