English
English Español Português Pусский Deutsch Français Itaaano Nederlands Polski Indonesia العربية ไทย Tiếng Việt Türkçe 繁體中文 简体中文 日本語 한국어
@_esoj1 Profile picture

Esoj

@_esoj1

Pwning stuff

Joined July 2020
91Posts 414Followers 174Following
Similar User
Pietro Borrello photo

@borrello_pietro

Jordy Zomer photo

@pwningsystems

Matteo Rizzo photo

@_MatteoRizzo

faulty *ptrrr photo

@0x_shaq

celesian photo

@c3l3si4n

Bien 🇻🇳 photo

@bienpnn

inferigang photo

@inferigang

sam4k photo

@sam4k1

POC_Crew 👨‍👩‍👦‍👦 photo

@POC_Crew

Rodrigo Branco photo

@bsdaemon

Zhenpeng Lin photo

@Markak_

caioluders photo

@caioluders

Danis Jiang photo

@danis_jiang

Sector 7 photo

@sector7_nl

Luan Herrera photo

@lbherrera_

Esoj Reposted
gris_ufrj Profile Picture
GRIS UFRJ
 @gris_ufrj
8 Jan

Junte-se ao GRIS: Se você é estudante ou entusiasta da segurança da informação e deseja participar ativamente de pesquisas inovadoras ou competições de CTF, o GRIS é o lugar certo para você. Link do forms - docs.google.com/forms/d/19Cffu…

0
3
7
0
429
Esoj Reposted
fkaasan Profile Picture
Alexandra Sandulescu
 @fkaasan
24 Jul 2023

Tavis found a fascinating architectural CPU bug 🐞

Profile Picture
Tavis Ormandy
@taviso
24 Jul 2023

First big result from our new CPU research project, a use-after-free in AMD Zen2 processors! 🔥 AMD have just released updated microcode for affected systems, please update! lock.cmpxchg8b.com/zenbleed.html

37
685
2K
180
330K
3
4
37
3
8K
Esoj Reposted
bsdaemon Profile Picture
Rodrigo Branco
@bsdaemon
7 Jul 2023

The video for the talk is available. I hope folks enjoy and feel free to send me feedback, comments, criticisms (privately or publicly, either way is welcome!)

Profile Picture
hardwear.io
 @hardwear_io
5 Jul 2023

🔼Keynote talk upload! 🖥️Hear out interesting lesser known µarch & hardware security stories by our Keynote speaker Rodrigo Branco @bsdaemon from his rich experience 📽️Click to watch▶️youtu.be/WlcQrx7VK00 #hw_ioUSA2023 #hardwaresecurity #Conference #microarchitecture

1
13
32
8
26K
5
20
47
3
22K
Esoj Reposted
bsdaemon Profile Picture
Rodrigo Branco
@bsdaemon
12 Jun 2023

The slides for my keynote at Hardwear.io are available (as all others) - it has a few less known stories on uarch/HW security: bit.ly/HardwearKeynot… @hardwear_io

Tweet Image
hardwear.io | Hardware Security Conference & Training | Netherlands, Germany & USA
Source: https://t.co/pFeCb8lDzo
2
45
119
21
22K
_esoj1 Profile Picture
Esoj
 @_esoj1
11 May 2023

In RET2ASLR we can leak ASLR from the BTB in under a minute. Plz use the speculation control feature for userspace applications dealing with sensitive data. docs.kernel.org/userspace-api/…

2
4
31
6
3K
Esoj Reposted
eltctfbr Profile Picture
Epic Leet Team
 @eltctfbr
4 May 2023

Novo artigo em parceria com @mentebinaria ! É sobre segurança de OAuth 2.0! Confiram! Está bem legal! Autor: @vrechson mentebinaria.com.br/artigos/segura… Toda a produção da parceria está em epicleet.team/articles Se quer ler algo específico nos nossos artigos, comenta aí!

0
5
10
0
977
Esoj Reposted
pwningsystems Profile Picture
Jordy Zomer
@pwningsystems
18 Apr 2023

Found some Spectre-v1/MDS gadgets in the Linux kernel at work with @fkaasan, including one in ‘copy_from_user’ 😁😁 github.com/google/securit…

Tweet Image
Linux Kernel: Spectre-v1 gadgets
Source: https://t.co/sTdt2S1ADJ
1
17
66
12
23K
Esoj Reposted
bsdaemon Profile Picture
Rodrigo Branco
@bsdaemon
12 Apr 2023

Google embargo on another linux kernel issue found by @_esoj1 and I finally lifted... here is the advisory: github.com/google/securit…

Tweet Image
Linux Kernel: Spectre v2 SMT mitigations problem
Source: https://t.co/ZQ9EmEvtwW
2
31
89
13
21K
Esoj Reposted
bsdaemon Profile Picture
Rodrigo Branco
@bsdaemon
20 Feb 2023

So, @_esoj1 and I found another linux kernel spectre v2 mitigation problem (lkml.org/lkml/2023/2/20…). At this point: is there anyone who actually care? No one is testing?

1
8
28
4
6K
Esoj Reposted
bsdaemon Profile Picture
Rodrigo Branco
@bsdaemon
4 Feb 2023

This finding by @_esoj1 and I just demonstrates how much the side channel issues are still misunderstood.

Profile Picture
Esoj
 @_esoj1
4 Feb 2023

It turns out that the user-mode spectre-BTI mitigations were slightly broken since four years ago when they were introduced in prctl syscall... github.com/es0j/CVE-2023-…

0
25
73
6
18K
0
8
31
2
7K
Esoj Reposted
CoppeSistemas Profile Picture
Coppe Sistemas
 @CoppeSistemas
4 Feb 2023

HEADS' member @_esoj1 (José Oliveira) has disclosed a previously unknown flaw in the Linux Kernel that allows the bypassing of Spectre-BTI mitigations. github.com/es0j/CVE-2023-…

Tweet Image 1
0
4
11
0
487
_esoj1 Profile Picture
Esoj
 @_esoj1
4 Feb 2023

It turns out that the user-mode spectre-BTI mitigations were slightly broken since four years ago when they were introduced in prctl syscall... github.com/es0j/CVE-2023-…

Tweet Image
GitHub - es0j/CVE-2023-0045
Source: https://t.co/LF3d0XaoCf
0
25
73
6
18K
Esoj Reposted
bsdaemon Profile Picture
Rodrigo Branco
@bsdaemon
4 Jan 2023

Apparently naming bugs really works on getting attention. So much that the name becomes the focus and folks fail to realize it is literally just a parody. Our industry is doomed.

3
3
33
1
5K
Esoj Reposted
bsdaemon Profile Picture
Rodrigo Branco
@bsdaemon
1 Jan 2023

Bugs properly reported, time to go drink and celebrate all the blessings of the year, pray for the dreams to keep coming true and for health to family and loved ones. And for peace in the world.

0
1
30
0
3K
Esoj Reposted
caioluders Profile Picture
caioluders
 @caioluders
6 Dec 2022

XSS 2 RCE on @flipper_zero Got RCE through an XSS on lab.flipper.net , here's the writeup thread github.com/caioluders/poc… (PoC Video, printing 1337 on the flipper screen)

8
78
354
52
0
Esoj Reposted
r3tr074 Profile Picture
@[email protected]
 @r3tr074
1 Dec 2022

Da uma lida lá pessoal, deu trabalho escrever kkk, e fica ligado q logo tem mais posts sobre browser internals

Profile Picture
ret2one
 @ret2one
1 Dec 2022

Quer aprofundar seus conhecimentos sobre browser? Se liga na série de posts sobre e aproveita pra aprender sobre arquitetura de navegadores até compiladores JIT! harddisk.com.br/p/pt-br-browse… harddisk.com.br/p/pt-br-jit-lu…

0
0
2
0
0
0
3
10
0
0
Esoj Reposted
felipenovais42 Profile Picture
Felipe Novais
 @felipenovais42
19 Nov 2022

It's tomorrow. For sure, I ain't sleeping this night 💀

Tweet Image 1
0
1
1
1
0
generative art; noobish hacking and portuguese poetry. player of @eltctfbr @duph0use

caioluders

@caioluders
Just an opinionated security researcher. Opinions are my own H2HC (Hackers 2 Hackers Conference)

Rodrigo Branco

@bsdaemon
Programming, Hacking, SDR, Tesla Coils, Drones. Creator of OpenSatelliteProject, Cursed Transistors 📡PU2NVX Streamer for @He4rtDevs Ele/Dele/He/Him

Cybernetic Lover

@lucasteske
Professor of Computer Science and Engineering at @UFSCarOficial. PhD in Computational Physics from @ifscUSP. Ham radio operator PY2UID. CTF player @ELTctfBR.

Paulo Matias

@thotypous
Brazilian CTF Team! @Pwn2Win CTF Organizer. Proud member of @ctfbr.

Epic Leet Team

@eltctfbr
baboseiras e (in)verdades do mundo de infosec (conteúdo descontraído não leve a sério) - tretas on my own it does not represent any bribes or vendors

Infosec1000grau

@infosec1000grau

Luan Herrera

@lbherrera_

celesian

@c3l3si4n
Links: https://t.co/YsvLNWVMyU

Kali Nathalie 🏳️‍⚧️

@K4L1_FS
android/linux kernel @vigilant_labs • prev blockchain @osec_io • ctf/pwn @cor_ctf + @eltctfbr

0xTen

@_0xTen
Security Engineer at a magic internet money exchange

Rafael

@beescoitu
artista digital e engenheira de software

Ingrid

@GuaraNull
Security research | https://t.co/0JQ2SjUVJZ founder | CTF pwn/rev @eltctfbr + @r3kapig | yes, I'm the browser guy

@[email protected]

@r3tr074
@antperson@infosec.exchange

Alexandra Sandulescu

@fkaasan
CTFer / APT hunter / RedTeam / BlueTeam the member of @r3kapig the leader of @ShadowChasing1 CVE-2022-30190 find job opportunities opinions are own not group

crazyman_army

@CrazymanArmy
| Security | Osint | Threat Research | Opsec | Threat Intelligence | Infosec | Threat Hunting |

Clandestine

@akaclandestine
Director of Research @Crowdfense. Windows Vulnerability Researcher and Exploit Developer, ex-@XI_Research

Paolo Stagno (VoidSec)

@Void_Sec
it's never too late to learn

_4vil4ric$

@zhuan1243
Engineer working on UEFI, BIOS, firmware, coreboot, slimbootloader, embedded systems, security, networking...These are my opinions, not those of my employer

vincent zimmer

@vincentzimmer
Pois dias ruins, todo mundo tem!

Arthur Gonçalves

@arthurn29
It can't rain all the time. Mãe de 2 birbs.

Mari

@calopmari
beep boop beep beep

bimbus

@bimbus37

Ronald Lopez

@RonaldL98362806
Making @Ubuntu go fast at @Canonical / CompE @UFRGS. Every so often on the air as PY3PK. Also phckopper@infosec.exchange Opinions are my own

Pedro Kopper

@phckopper
browser/kernel security miqu!

Renan

@hyhy_100
🇧🇷 - Hacking to make world be better! Red Team | CTF Player | World Skills Brazil Competitor

KttsXD

@KiltzxH
Vivam cada dia como se fosse uma obra de arte e deixem a marca de vocês no mundo.

Jgx 💻

@descriptografad
exploit development | reverse engineering

Carolina Trigo

@trig0x00
Douglas // Cyber Security - Information Security, CTF #RTFM-CTF OSCP+E Tweets are my own

away.ca☕️

@_4waY
Cybersecurity Specialist

Lucas Moretti

@LucasMoretti

Lul

@sisifrufru
Cogito ergo sum

violet

@violetgco

jskew

@jskew2012
cybercrackhead

#

@stderr___
Hacking for fun and profit

BassSlayer

@BassSlayer6
There is no name like MAK...

MAK

@MAK90953490

root

@root13370
Interested in malware dev && red teaming.

zing

@zing7k
being no one, going nowhere :)

𝕜𝕒𝕣𝕕𝕖𝕔.

@kaardeco

Matthew Torres

@MatthewTor54665
All appearances are false

binxiangTang

@Emperor_Tbx
cybersecurity / head @hawkstrikebot & @trendvisionbot @ rev/pwn | devops, full-stack developer, *nix researcher, algorithmic trading

fantasy

@fantasy0x1
MG Química Industrial - UFU

Luciano

@lucianomacarv

Fox

@c4rpel
Security Engineer @ Google, likes fuzzing, static analysis and VR. The opinions stated here are my own, not those of my company.

Jordy Zomer

@pwningsystems
Low Level Security: CPUs, Kernels, Hypervisors and the like. I mostly break stuff. Offensive side of things.

Pawel Wieczorkiewicz

@wipawel
ela/dela minha atual personalidade é ter cabelo vermelho

Mari

@hiwicw
just i'm try to learn russian and malware.

nameless

@na_mele55
enter the wired

11hsu

@0xbhsu

deepfuckingvalue

@11cooks
New Vibe

E$DR4$

@esdr4s_arti
Je to v zubech!

Jan Starka

@janstarka
Consultor e IT Security Researcher. Computer Forensics.

Filipe Balestra

@filipebalestra

dev.thiaguin

@DevThiaguin

G0D

@CrypticEg0d

Loading…

@loading_0x41

Matheus.

@luk4c5
If it works, you can hack it @nullbytecon founder and organizer.

tuxtrack

@tuxtrack
CTF Player. Bug Bounty as a hobby.

Manoel Abreu

@reefbr
.

Flavinho

@Flavin27

GRIS UFRJ

@gris_ufrj
Just another cowboy in the cyberspace 🤠 • This machine moves fascists to /dev/null • my views are my own.

renato

@renatoisnotreal

test domain

@User2Micro
RE, VR , Fuzzing , Windows internals

Sprinter

@0xSpr1nter
Fighting evil by moonlight. Security Researcher

Gabriela Lopez

@Gaby_Bytes_Back
Que sera, sera

Thai S.D

@krixov
I don't even see the code. All I see is 0xB00B5

leonardo

@m0ndrag0n__
generative art; noobish hacking and portuguese poetry. player of @eltctfbr @duph0use

caioluders

@caioluders
The largest collection of malware source code, samples, and papers on the internet. Password: infected

vx-underground

@vxunderground
Co-founder and hacker @zellic_io and @pb_ctf | https://t.co/nlNai6iiMP | 24 I may be slow to reply to DMs, please email for business inquiries

cts🌸🏳️‍⚧️

@gf_256
Just an opinionated security researcher. Opinions are my own H2HC (Hackers 2 Hackers Conference)

Rodrigo Branco

@bsdaemon
wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio

LiveOverflow 🔴

@LiveOverflow
✨my opinions are on my own✨ mobile security engineer, android wizard, reverse engineering, drums. autist+ah/sd, fighting fibromyalgia. 🇧🇷🇦🇷🇺🇸🇧🇪

invoke-virtual {Daiane},

@wh0isdxk
Programming, Hacking, SDR, Tesla Coils, Drones. Creator of OpenSatelliteProject, Cursed Transistors 📡PU2NVX Streamer for @He4rtDevs Ele/Dele/He/Him

Cybernetic Lover

@lucasteske
Professor of Computer Science and Engineering at @UFSCarOficial. PhD in Computational Physics from @ifscUSP. Ham radio operator PY2UID. CTF player @ELTctfBR.

Paulo Matias

@thotypous
Brazilian CTF Team! @Pwn2Win CTF Organizer. Proud member of @ctfbr.

Epic Leet Team

@eltctfbr
Bug bounty & VDP platform trusted by the world’s largest organisations! 🌍

Intigriti

@intigriti
Trend Micro’s Zero Day Initiative (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.

Zero Day Initiative

@thezdi
hacker, weird machine mechanic, exploit dev @xforce

chompie

@chompie1337
baboseiras e (in)verdades do mundo de infosec (conteúdo descontraído não leve a sério) - tretas on my own it does not represent any bribes or vendors

Infosec1000grau

@infosec1000grau

Luan Herrera

@lbherrera_

celesian

@c3l3si4n
Hacker. Friend. Cybersecurity Researcher @HuntressLabs || https://t.co/qUeDM3lSCl

John Hammond

@_JohnHammond
Instituição de Ensino e Pesquisa em Computação Sem Fins Lucrativos. Fazemos o https://t.co/YRRo86JoCc e muito mais.

Mente Binária

@mentebinaria
Links: https://t.co/YsvLNWVMyU

Kali Nathalie 🏳️‍⚧️

@K4L1_FS
This is 🍊

Orange Tsai 🍊

@orange_8361
android/linux kernel @vigilant_labs • prev blockchain @osec_io • ctf/pwn @cor_ctf + @eltctfbr

0xTen

@_0xTen
The UEFI Forum advances globally-adopted firmware specifications through enhanced security to the evolution of devices, firmware and operating systems.

UEFI Forum

@UEFIForum
Engineer working on UEFI, BIOS, firmware, coreboot, slimbootloader, embedded systems, security, networking...These are my opinions, not those of my employer

vincent zimmer

@vincentzimmer
miro/orange~ I made Fear & Hunger and F&H2: Termina

Happy Paintings

@happy_paintings
'É um revisionista extremista supremacista mentiroso... Tipo, muito mentiroso mesmo!' - Webcomunista com retrato de Stálin na estante

Thiago Braga

@thiagao_braga
O prego. https://t.co/kC1jzZ8QEP Assista meu podcast ao vivo e na integra.

Monark

@monarkbanido
🔶 Que papinho hein

?M.Alves! 🔸🔶

@Alvarinho
Since 1985

Phrack Zine

@phrack
Tecnologia é no Rio e para todes!

Tech In Rio Community

@techinrio

Gabriel Galdino

@gabogaldino
Partner & Head of Threat Research @ Hakai Security

Carlos Vieira (lynx)

@carlos_crowsec
Staff Scientist - Quantum at @cmcmicrosystems (views are my own). Divulgando física e computação quântica!

Bruna Shinohara ⚛️

@Shinossaura
Founder, No Starch Press and Hacker Initiative. Views expressed are *entirely* my own. He/him/his Contact our editors at: editors@nostarch.com

Bill Pollock -- [email protected]

@billpollock
Security Engineer @ Google, likes fuzzing, static analysis and VR. The opinions stated here are my own, not those of my company.

Jordy Zomer

@pwningsystems
PhD student in EECS at MIT. MSc CS from ETH Zürich and BSc CS from VU Amsterdam.

Daniël Trujillo

@thedantrujillo

Lukas Hermann

@LukasHermannBFS
ela/dela minha atual personalidade é ter cabelo vermelho

Mari

@hiwicw
nah fuck this social you can find me on the blue brabuleta

danielhe4rt

@danielhe4rt
We strive to reimagine vulnerability research, program analysis, and security education as it exists today. An @RPISEC corporation.

RET2 Systems

@ret2systems
shitpost post until 2077 | owner @Necati_coskun_ | Dm for credit and removals | NO PROMOS/ADS

Shitpost 2077

@shitpost_2077

GRIS UFRJ

@gris_ufrj
Vulnerability researcher at Google. This is a personal stream, opinions expressed are mine. I'm also @taviso@social.sdf.org

Tavis Ormandy

@taviso
Security engineer at https://t.co/027VXUlgOx. Focusing on the Linux kernel. Maintaining @linkersec. Trainings at https://t.co/D5MrxmYimS.

Andrey Konovalov

@andreyknvl
neon lights and neon dreams

eu to de capuz

@lasgalenbr
#HardwareSecurity Training & Conference Upcoming Conference & Training #hw_ioUSA2025

hardwear.io

@hardwear_io
We like shells. The # kind and the 🐚 kind.

Nautilus Institute

@Nautilus_CTF

Mathias Krause | @[email protected]

@_minipli
A bot that posts the latest blog posts and disclosures from Google's Project Zero

Project Zero Bugs

@ProjectZeroBugs
Technical Director, Platform Operations and Research at @cse_cst. Windows Internals author and trainer. He/Him. RTs are not endorsements, opinions are my own.

Alex Ionescu

@aionescu
I'm researching security of Intel's platforms. I'm not working for Intel

Mark Ermolov

@_markel___
CEO @faradaysec. Founder of @ekoparty security conference, Usual suspect, Troublemaker

Federico Kirschbaum

@fede_k
Electrical Engineering undergraduete at UFSC. Infosec \\ CTF player.

Gustavo Régis

@gregiss__

sei lá lek

@Trhaax
Suffering from Stand Alone Complex

Dur4ndal

@Rodr_Mamedio
🔬Founder & CEO @Binarly_io, #codeXplorer, #efiXplorer, @REhints and "Rootkits and Bootkits" book. Previously worked at Nvidia, Cylance, Intel, ESET, Yandex.

Alex Matrosov

@matrosov

Ottoboni

@0tt0b0n1

pedrolucascurcio

@curciopedro
Conference on composable software supply chain integrity and hardware-assisted platform security, with OpenEmbedded, OpenXT and other ecosystems

Platform Security Summit

@platformsec
I don’t know anymore

scallop

@sc4ll0p
I make animated computer science videos • product & design @pdiscoveryio • blog at https://t.co/RLiSNOVQ0W

PwnFunction

@PwnFunction
Grupo de Resposta a Incidentes de Segurança do Distrito Federal

CSIRT-DF

@csirtdf

Marcus Lima

@Marcsvll
tl;dr

Daniel

@ergot86
Security researcher, team lead & speaker. Low-level design, firmware and system software. Fuzzing & testing automation for CI/CD pipelines.

Alexander Ermolov

@flothrone
to escrevendo umas coisas aí num (quase) diário | ele/dele

bronto

@jpedrodelacerda
Software developer. Big fan of C, Common Lisp and Rust. Author of linux-insides.

0xAX

@0xAX
United States Trends
Who to follow

Something went wrong.


Something went wrong.