After seeing Ian Beer's talk at offensivecon about the webp exploit, something I didn't understand finally clicked. So I created a small app to visualize and play around with the overflow. You can enter a count[] array and it will show you all writes (red) outside the buffer

Hextree is in closed early access. If you signed up to the waiting list, keep an eye out on your inbox 👀 We want to release slowly to make sure we can catch bugs early. Please be patient with us 😅 In August we will move into public early access and everybody can sign up 👏

Then why are you exempting yourself and your colleagues from it? Stop lying, and stop trying to invade our privacy. I’m so tired of having to fight this every few years. How often do we - the people - have to say NO?

As a civilian, especially being non-US, I don't even f'n know whether US is my friend or not. How are we supposed to build trust into these intelligence efforts when details of these operations never get declassified? I am glad the post does provide some concrete examples, but

Do the thing

Proudly storing JWT auth token in localStorage in 2024 🥇

We worked with Raspberry Pi to bring some really cool stuff to DEF CON - I'm super excited about it!

It's kinda surreal to see our logo next to Raspberry Pi 🤯 Crazy what stacksmashing has been working on. Hardware security stuff coming to hextree.io soon™️

Learning how to use ls, grep, xargs, sed, and curl will save you months of Python script writing

Hello Black Hat! Catch my talk on using electro-magnetic side-channels + EMFI to hack into Apple’s ACE3 chip tomorrow at 10:20am! Send me a message if you want to meet up - or if you know what parties are worth attending 😀

Let's talk about some of the security features of the new Raspberry Pi RP2350, because they are 🔥🧵

Thrilled to release my latest research on Apache HTTP Server, revealing several architectural issues! blog.orange.tw/2024/08/confus… Highlights include: ⚡ Escaping from DocumentRoot to System Root ⚡ Bypassing built-in ACL/Auth with just a '?' ⚡ Turning XSS into RCE with legacy code

I created defrom.lol which make's it easier for #DEFCON32 attendees to flash their badge with custom GB ROMs, as well as provide a way to revert to original firmware. We also have a patched copy of the DEF CON game that is 100% completed with some fun cheats.

🕵️‍♂️ Bug hunters, is the vulnerability your dependency scanner reported really legit? 🤔 Don't let false positives fool you! Learn how to separate the real vulnerabilities from the noise in our latest blog post: bughunters.google.com/blog/630252276…

We are happy to announce the launch of the Google Cloud Vulnerability Reward Program! The Cloud VRP is specifically dedicated to products and services that are part of Google Cloud. ☁️ 🐞 🤑 cloud.google.com/blog/products/…

Yes, not all sites use ads because there is risk. That being said, if XSS popup phishing impact is considered a vulnerability, you should be consistent and report it also on non-banking sites. Let me share a few more thoughts on this 👇 Ads are used for phishing on non-banking

I loathe when people say working in cybersecurity doesn't require coding. Sure, you can work at a cybersecurity company and be responsible for finance. But that's not the point! I think that whole mindset breeds incompetence. You can’t break or secure what you don’t understand.

Alright everyone, it's up! I'm hiring an entry-level Associate Red Team Consultant on my team at Mandiant (part of Google Cloud). This role is focused on the netsec-side, performing red team assessments, penetration tests, and more. google.com/about/careers/…