Zhihua Yao @hackyzh Twitter Profile | Xstalk

Zhihua Yao

@hackyzh

487Posts 3KFollowers 550Following

Similar User

@eternalsakura13

@starlabs_sg

@YanZiShuang

@KeyZ3r0

@seal9055

@mj0011sec

@pwn_expoit

@80vul

@vv474172261

@_L4ys

@bestswngs

@linhlhq

@CurseRed

@P4nda20371774

@jq0904

Zhihua Yao

17 Sep

dma-buf: heaps: Fix off-by-one in CMA heap fault handler - Patchwork patchwork.freedesktop.org/patch/611976/ @1ce0ear 没想到给大佬提交了🤣

Zhihua Yao

17 Sep

Chomre delete this UAF.I missed this one🤡 chromium-review.googlesource.com/c/chromium/src…

Zhihua Yao

12 Sep

现在骗子也可以光明正大的打广告了？X也不管管

Tweet Image 1

Zhihua Yao

9 Sep

UPSTREAM: binder: fix UAF caused by offsets overwrite (5843736) · Gerrit Code Review (googlesource.com)

Tweet Image

Google Open Source

Source: https://t.co/UN8fUermet

Zhihua Yao Reposted

thomas

16 Jul

Speaker YYJB will be presenting "How to Exploit in Key Isolation Services Vulnerabilities at SgHACK 2024 (sghack.org) #SgHACK #WhiskeyCon #Cybersecurity #CybersecurityinSG

Zhihua Yao Reposted

Numen Cyber

28 Jun

Our researcher Slim (@HBh25Y) shared at @offbyoneconf: The Forgotten Treasure in Classic Targets: Despite powerful fuzzers like AFLplusplus & syzkaller, recent vulnerabilities show secrets lie deep in the code. Manual audits on Linux kernel & mobile decoders reveal many…

Tweet Image 1

Zhihua Yao Reposted

Off-By-One Conference

27 Jun

@offbyoneconf participants in 💡 deep-thoughts & fielding questions @ Q&A with @peterpan980927 & @st424204 from ✨ @starlabs_sg , at their presentation 𝐆𝐏𝐔𝐀𝐅 - 𝐔𝐬𝐢𝐧𝐠 𝐚 𝐠𝐞𝐧𝐞𝐫𝐚𝐥 𝐆𝐏𝐔 𝐞𝐱𝐩𝐥𝐨𝐢𝐭 𝐭𝐞𝐜𝐡 𝐭𝐨 𝐚𝐭𝐭𝐚𝐜𝐤 𝐏𝐢𝐱𝐞𝐥𝟖. Go go 🚀@starlabs_sg

Tweet Image 1

Tweet Image 2

Zhihua Yao Reposted

Man Yue Mo

26 Jun

In this post I'll use CVE-2024-3833, a type confusion in v8 to gain remote code execution in the Chrome renderer sandbox: github.blog/2024-06-26-att…

Tweet Image

Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties

Source: https://t.co/p37oaM71PL

Zhihua Yao

26 Jun

today learn a lot.Thanks off by one！

Off-By-One Conference

26 Jun

Stop by at the @offbyoneconf merchandise booth for some cool merch!

hacker, weird machine mechanic, exploit dev @xforce

chompie

@chompie1337

Founder https://t.co/dU7gVAkwY9

Jacob Soo

@_jsoo_

Ex street racer. Hermetic Initiate. Exploring conscience and the nature of reality. I also hack and ride things. 🧘🏻‍♂️

ϻг_ϻε

@steventseeley

# Exploit Reliability Engineer
# Developing a full-system snapshot fuzzer: https://t.co/mfVXhwoGYD
# Avi: https://t.co/3fsQfVprCf

h0mbre

@h0mbre_

CTFer / APT hunter / RedTeam / BlueTeam
the member of @r3kapig
the leader of @ShadowChasing1
CVE-2022-30190
find job opportunities
opinions are own not group

crazyman_army

@CrazymanArmy

Offensive Security fanatic... pom-pom girl... Who fuckin' cares ??

Whoami ? 👉
https://t.co/WId3WL9vNk

kmkz

@kmkz_security

Cyber_Security_Researchers || 0SINT || Digital Forensics System Analysis / incident Response II Pwn || @GHOST_3xP10iT || 0ld Accounts Suspended @0xSojalSec ||

Md Ismail Šojal

@0x0SojalSec

Interested in A.I. & Vulnerability Researcher

Dohyun Lee

@l33d0hyun

Here to learn! Infosec@Open Government Products | White Hat && SecOps

spaceraccoon | Eugene Lim

@spaceraccoonsec

CISSP | IoT | Binary | SDLC

M

@0xmuhe

Nathaniel

@nnwakelam

Perpetual Student | SANS Fellow | Musician | Braggart Hater | Gray Hat Hacking | VR | 🏂 | deadcode | https://t.co/CadJehomsU

Stephen Sims

@Steph3nSims

Security Consultant

Sefa Güler

@sefag_

Mathematician. Hunter.

Farid Bibijani

@Farid_Bibijani

Managing Director at ASCo Investments Limited.

Hon Kip

@_vdxx

Nothing is sure, nothing is unsure.

VoidSec

@Kaldor86

HACKER By Soul Bug-Bounty Hunter @Hacker0x01 & @Bugcrowd

Vishal Gupta

@HackerxTommy

RobertaCarmen

@znNGGX0esK6qO

Johntri-triggp

@JTriggp

Wukong AQA

@AqaWukong57862

Susnata Seal

@SusnataSeal

𝕙-𝕥-𝕞

@h_t_m_223

Focus on Android kernel, speaker at poc2024

0 cru5h

@0Cru5h48452

微信号WJ18024010856

昆仑修行人

@yun2jk44551

Phoenix

@_0xPhoenix

CyberXtian

@cyber_xtian

Windows Kernel & Hypervisor Vuln/Dev

Sean John

@Z0RG00

learning | fullstack scrub

sacrosanctuary

@htrowii

SSssssSsssSsssss8888SSS

@Ss8S8sss88sss

Head of Android Research @ Cellebrite.

shayb

@0F1F0F1F

Who has two thumbs and can count to ten. Does cyber security things | abyss gazer | opinions are my own | (he/him)

Brian Halbach ☕️

@brianhalbach

as long as you love me.

curlwa11

@tlnko0o

imoses

@imoses1

NSA

@noskillagency

KUEE

@yulnl2023

J3rvis Godfather

@j3rvisey

Tealeteet

@TealeteetxdEv

dad

@dad35833745

CYBER SECURITY eshte kompani me baze ne Tirane qe ofron sherbime te sigurise kibernetike.

CYBER SECURITY SHPK

@CYBERSECUR75261

jerry

@jackieandJerry

Sultry siren, уеаrning fоr sensual сonnеctions

Harriet 😍

@Harriet__B0

Security Researcher, Bug bounty hunter | https://t.co/hPhjiFw6N6

Gamiel Manbiotan

@oscuridad1010

[email protected]

@pengyandriver

I'm an independent stylist with color street and content creator ,would love to introduce you to the product!

Rhonda Sanford 🦴-Independent Stylist 🦴

@rhonda_sanford

liport10

@liport1011

YY

@CYY100

casper

@SleiCasper

Zard1991

@Zard1991161771

Xiling Gong

@GongXiling

Tech Enthusiast😃 | RE | Control and Instrumentation | VR | OT | Windows Internals Enthusiast 😀

Kagame Opana

@KagameO01

Seeking a dеереr сonnеction?

Dora 🍓

@Dora1464

CTFer@r3kapig | Bug hunter@Google

lime

@limeSec_

Self Certified 'Malware & Offensive Security Researcher' | Kernel Pwning❤️

Ojaswi Kumar Mishra

@0xojaxwi

.

@bshsnakskxjws

fuzzing & wifi & bt & mobile security

chen xujia

@xujia_chen

Hacker, Trader, Gamer ; Feel free to talk with me 😊

摸鱼的凯

@moefishkai

s

@_ylcao

Ngọc Quý

@ngocquy0307

Founder of https://t.co/Uoy4lqKOk0

Phosphataz

@phosphatazz

HillX

@HillX67

0xfd

@fdlucifer11

Vuln researcher, malware analyst. $ Vidar-Team

vvv_347

@vvv_347

hacker, weird machine mechanic, exploit dev @xforce

chompie

@chompie1337

| CyberSecurity | Reverse Engineering | C and Rust | Exploit | Linux kernel | PhD | My Tweets, My Opinions :) |

0xor0ne

@0xor0ne

A Singapore company that discovers vulnerabilities to help customers mitigate the risks of cyber attacks. Organisers of @offbyoneconf

starlabs

@starlabs_sg

Trend Micro’s Zero Day Initiative (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.

Zero Day Initiative

@thezdi

Orange Tsai 🍊

@orange_8361

Founder https://t.co/dU7gVAkwY9

Jacob Soo

@_jsoo_

Empowering IT Security Professionals through Hands-On Online Courses.

Ptrace Security GmbH

@ptracesecurity

Security Researcher. 2021-2024 Top 10 Chrome VRP. 2023 Top 2 Facebook Whitehat. MSRC Ranked 6th Q3 2024. BlackHat Asia/USA & Zer0Con speaker.

sakura

@eternalsakura13

Ex street racer. Hermetic Initiate. Exploring conscience and the nature of reality. I also hack and ride things. 🧘🏻‍♂️

ϻг_ϻε

@steventseeley

Tweets publicly disclosed bugs in Chromium. Not an official Google product. Run by @SecurityMB. Mastodon: @bugschromium@botsin.space

Chromium Disclosed Security Bugs

@BugsChromium

Freelancer | Full-time #BugBounty | @Hacker0x01 H1-Elite | $1,500,000 Overall Bounties | ❤️ IDA Pro | Mobile Hacker

Julien | MrTuxracer 🇪🇺

@MrTuxracer

Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Tweets about 0day, OS, mobile and embedded security.

Alex Plaskett

@alexjplaskett

A circus artist with a visual studio license

Yarden Shafir

@yarden_shafir

Reversing, exploits, {Windows, Hyper-V, *OS} internals, mitigations.
Apple SEAR. Opinions are my own.
@amarsaar@infosec.exchange

Saar Amar

@AmarSaar

Follower of Jesus | I hack stuff (legally) | Co-founder @boringmattress

Corben Leo

@hacker_

I'm still hungry. I will be world-class, @ohjin7@infosec.exchange

ohjin

@pwn_expoit

# Exploit Reliability Engineer
# Developing a full-system snapshot fuzzer: https://t.co/mfVXhwoGYD
# Avi: https://t.co/3fsQfVprCf

h0mbre

@h0mbre_

Co-founder, security researcher. Building an attack surface management platform, @assetnote

shubs

@infosec_au

Security researcher at Google Project Zero. Tweets are my own.
Backup @ifsecure@infosec.exchange

Ivan Fratric 💙💛

@ifsecure

CTFer / APT hunter / RedTeam / BlueTeam
the member of @r3kapig
the leader of @ShadowChasing1
CVE-2022-30190
find job opportunities
opinions are own not group

crazyman_army

@CrazymanArmy

95% random tweets, 5% security related tweets. Pwn2Own 2023/2024. YayTweetsAreMyOwnYay

Ken Gannon (伊藤剣)

@Yogehi

Official account of Vigilant Labs (https://t.co/PzW4HkfAwd).

Vigilant Labs

@vigilant_labs

Richard Zhu

@RZ_fluorescence

Vulnerability Research & Exploit Development (prev acc @azz_maher)

Maher Azzouzi

@maherazz2

weird machines programmer

Klecko

@klecko0

Head of Android Research @ Cellebrite.

shayb

@0F1F0F1F

BSides Oslo 2023 will be held September 21st 2023 at Vulkan Area. Few tickets left!

BSides Oslo

@OsloBSides

CTFer@r3kapig | Bug hunter@Google

lime

@limeSec_

Infosec @Apple | PGP: 0x62B08390 | Opinions are my own, unless retweeted

Pantelis

@PantelisStoufis

Security Engineer @ Cloudflare,
ex-Google ISE,
I use bad software and bad machines for the wrong things.
My writing: https://t.co/Z7uucr5BYW

Michal Melewski

@carste1n

Perpetual Student | SANS Fellow | Musician | Braggart Hater | Gray Hat Hacking | VR | 🏂 | deadcode | https://t.co/CadJehomsU

Stephen Sims

@Steph3nSims

Hi.. im that hacker / creative that your friends told you about.

STÖK ✌️

@stokfredrik

#BSidesBelfast will return with #BSidesBelfast25

https://t.co/AkzUoNimRa

BSides Belfast

@bsidesbelfast

Independent security researcher specializing in threat intelligence and APTs. #threatintel #cti #yara #chess #taekwondo black belt

Costin Raiu

@craiu

Orange Cyberdefense Switzerland

@orangecyberch

Offensive Security Trainings and Services
OnDemand Mobile Security Courses - https://t.co/B8Q31o3VXY
Follow us on Linkedin https://t.co/Td3Ww1vk61

8kSec

@8kSec

Java/Android Vulnerability Researcher. 0xACED. Ex-Apple. Now @matthiaskaiser.bsky.social

Matthias Kaiser

@matthias_kaiser

Vulnerability Researcher and Exploit Developer

Alexandre Borges

@ale_sp_brazil

Offensive security conference in the heart of Paris. 4-5th October 2024

Join our Discord server! https://t.co/Btl15G8LsI

Hexacon

@hexacon_fr

Security Researcher

Eugene Rodionov

@vxradius

GongXiling

@GXiling

Crowdfense is the world-leading research hub and acquisition platform for zero-day exploits and vulnerability research. We offer the highest bounties

Crowdfense

@crowdfense

Ingeniero Informático por la UPNA. Security researcher. Android. CTF player at @amn3s1a_team & @id10t_ctf as pwner.

Javier P Rufo

@javierprtd

CTO of @infosectcbr. Co-founder of @bsidescbr. Still hacking.

Silvio Cesare

@silviocesare

Security BSides Dublin (BSidesDub) Official Twitter account. Next conference taking place at Trinity College Dublin on 18th May 2024.

Security BSides Dublin

@BSidesDublin

GreHack is a hacking & scientific infosec conference in Grenoble, France. Nov. 15 & 16, 2024

GreHack

@GrehackConf

CMU CSD PhD student / Winner of Pwn2Own Vancouver '24, TyphoonPWN '24, kernelCTF, v8CTF, DEFCON 31 CTF, ... / PPP, KAIST GoN '18, @zer0pts

Xion

@0x10n

14th Dec 24 @ Novotel London West
Building security from the grassroots. Annual security conference built & delivered by the local community for the community.

BSidesLondon

@BSidesLondon

#BSidesBristol is an #infosec conference run under the international @SecurityBSides movement. Coming to UWE Bristol on 4th November 2023.

BSides Bristol

@bsidesbristol

Security consultant | @BlackHatEvents @BSidesCbr @BSidesSG @OWASPMelbourne Review Boards | @SDR_Melbourne | VK3HXX |@haXX_group | @sheasecurity🖖📚☕️

Pam O’Shea

@pamoshea

Aggregate Chromium security bugs.

Security Bug Aggregator

@BugsAggregator

Android Kernel Researcher @SAFATeamGmbH. Ex-@XI_Research. 🐘 @zlowram at infosec exchange

Sergi Martinez

@zlowram_

Exploit Developer & Vulnerability Researcher. Former Android Tech Lead at @XI_Research

Andrea Sindoni

@invictus1306

Founder & organiser of Au hackercon @BSidesCbr | Tech startup founder @infosectcbr | Network Engineering & Infosec Researcher

Kylie McDevitt

@kylieengineer

BSides Singapore Conference 2024 is on 20th September

BSides Singapore

@BSidesSG

CTFer at @Nu1L_Team / @StrawHat_CTF. Baby reverse engineer & noob of security research / Black Hat & off-by-one Speaker.

Mas0n

@Mas0nShi

FLARE OTF, DMs open.

Genwei Jiang

@binjo

Researcher at @crowdfense

Bùi Quang Hiếu 🇻🇳

@tykawaii98

Exploit Development Team Lead @InterruptLabs. Opinions are my own and not the views of my employer.

wintercoats

@w1ntercoats

A premier gathering of offensive cybersecurity professionals, researchers, thought leaders and innovators from around the region.

Off-By-One Conference

@offbyoneconf

CEO @epsilon_sec - an event planning company.

Jeremy Fetiveau

@__x86

See who gives a F*ck !
Spare the rod, spoil the child.

void *pencil

@0x00deadbeef

Pwn2Own 20{22,23,24,24.5}, i look for 0-Days but i find N-Days & i chase oranges 🍊

SinSinology

@SinSinology

Skating fraud and bug preservationist. Shell smuggling business in the past. I once had a Pwnie. Bon pour l'Orient. New(er) Labour.

G. Geshev

@munmap

Offensive Android Security Researcher, ARM assembly addict, Exploit Dev? and a part time CTF player @fr334aks.

Chalie

@pwnipc

Security Researcher

Sky Goh

@Rggu2zr

There are 10 types of people in the world. Those who understand binary, and those who don't. All opinions and views are my own. #BsidesDub organizer

Securityblog

@Securityblog

HBh25Y

@HBh25Y

Nerd content inside out. Opinions are my own. 👨🏻‍💻🇸🇬

Sebastian Wieseler

@kickino

United States Trends

1. Ravens 76,1 B posts
2. Steelers 103 B posts
3. Bears 109 B posts
4. Packers 68,8 B posts
5. Lamar 29,7 B posts
6. Jets 53,3 B posts
7. #HereWeGo 18,3 B posts
8. #GoPackGo 9.012 posts
9. Lions 87,9 B posts
10. Caleb 31,1 B posts
11. Justin Tucker 19,3 B posts
12. Taysom Hill 9.185 posts
13. Bills 95,8 B posts
14. Falcons 9.993 posts
15. WWIII 34,6 B posts
16. Russ 14,4 B posts
17. Browns 29,6 B posts
18. Worthy 45,5 B posts
19. Eberflus 8.663 posts
20. Colts 30,7 B posts

Who to follow

Something went wrong.

Something went wrong.