Ben Nagy 🐲 Turtle Girl 🐉 Finding instability is the same as finding a weird *state* though; whether you can prevent the wheels from falling off the weird machine you get is a different question. Also remember: The weird machine *need not* be turing complete to be useful.

Speaking of, which conferences have been the best for exploit development talks?

Hello everyone 📚 I would like to learn a new programming language. Which language is best suited for a new #InfoSec professional like myself ? Please reply with other suggestions. RT for reach, thank's all 🖥 ! #cybersecurity #developers #security #Coder

Feeling adventurous? Another exploit challenge has escaped from our servers. To support ecosystem diversity, the first woman/female-identifying solver will win a FREE seat to our browser exploitation training in June! Click here to play: ret2.io/battle

It's finally here! I have published my Intro to Android App Reverse Engineering workshop! If you're interested in learning how to begin RE'ing Android apps (both DEX and native code), check out this workshop. #reverseengineering #android #infosec maddiestone.github.io/AndroidAppRE

I guess I know there’s at least two people now ...

The start of a new series. We will try to learn some basics about browser exploitation. Specifically we will look at JavaScriptCore - the JavaScript engine from WebKit. liveoverflow.com/getting-into-b…

The first step of researching iMessage is bricking your phone by mistake: bugs.chromium.org/p/project-zero…

My Pwn2Own Firefox sbx escape got fixed: Language packs could be installed without user interaction via the AddonManager API, and this allowed for trivial XUL injection in the Chrome process (unsandboxed parent) mozilla.org/en-US/security…

I’m doing ok, but I’m running out of time 😅

I’m starting to consider going to 64 bit as a “raising the bar” mitigation 😂

🐲 Turtle Girl 🐉 ropemporium.com has challenges dedicated to rop. picoctf19 has a basic, rop64. guess there are more easy, stack based for real ones,but I only recall this very detailed write up on a heap vuln, but it's really nice to reimplement!: nandynarwhals.org/cve-2016-10190/

I haven’t used this account for ages… but maybe I should start up again?

🐲 Turtle Girl 🐉 @SensorLock Blaster and Sasser come to mind. Also wormable, so no user interaction was required, and as worms tend to do, they were self propagating. I worked for a hospital at the time (2003/4) and we had lots of vulnerable medical workstations, as we learned the hard way.