Syahrul Akbar R
@sahruldotidVulnerably Researcher (wannabe) | Tweets are my own | 🗣️ English, Indonesia
Similar User
@rootbakar
@_3venthorizon
@adib_dz
@p0wden
@YosuaKristanto
@vaints_
@G123Nj4
@pwnsploit
@Fat_BoyLucifier
@huyK85770870
@a_arelli_
@kingtot31410584
@Bet0_Shinoda
@FauzanMaghribi
New Windows Driver Signature bypass allows kernel rootkit installs - @billtoulas bleepingcomputer.com/news/security/…">bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…">bleepingcomputer.com/news/security/…
As promised, I just dropped a dozen new sandbox escape vulnerabilities at #POC2024 If you missed the talk, here is the blog post: jhftss.github.io/A-New-Era-of-m… Slides: github.com/jhftss/jhftss.… Enjoy and find your own bugs 😎
Actually, 15+ new sandbox escape vulnerabilities discovered. All of them are simple logic issues. You may find your own sandbox 0-days by yourself after listening to this talk!🔥🔥🔥
The Kaspersky incident, the Sophos report, and now the Unit 42 one all push me towards never installing an EDR of any flavor on personal devices.
Mine and @_dirkjan's @defcon talk, Abusing Windows Hello Without a Severed Hand went live yesterday. We discuss both privileged and unprivileged Windows Hello abuse. Hope you all enjoy it. youtu.be/mFJ-NUnFBac?fe…
Invoke-SMBRemoting. utilizes the SMB protocol to establish a connection with the target machine, and sends commands (and receives outputs) using Named Pipes. by @L3o4j github.com/Leo4j/Invoke-S…
The next generation of binary obfuscation for the Windows platform is now public. No source code annotations required, full SEH support, CET support, ACG compliant. Join the Discord: discord.gg/VMUpEP2rNg Website: codedefender.io
Dehooking for babies I'm sitting on this one for a while now, but Trend never ack anything. Changing your exe name with explorer.exe or Chrome.exe avoid the injection of the DLL and the setup of the userland hooks... Can be easily found with the DLL reverse engineering
My blog is live! Decided to share a few thoughts on SQL injection polyglot payloads for my first post. RTs and feedback greatly appreciated nastystereo.com/security/sqli-…
I've written a post on SELinux and some public bypasses for Android kernel exploitation. It's especially relevant for Samsung and Huawei devices due to their use of hypervisors. Check it out here: klecko.github.io/posts/selinux-…
In case you weren't at #nohat2024 but still wanna nerd over RPC, authentication and what's in between, we summarized everything to a blogpost as well. Slides and PoC are on our Github as well. akamai.com/blog/security-…
Reversing Tips: (Almost) Automatically renaming functions with Ghidra: blog.convisoappsec.com/en/automatical…
Born too late to buy a home. Born just in time to have my personal data constantly leaked online.
New Blog Alert! 🚨 Introducing Early Cascade Injection, a stealthy process injection technique that targets Windows process creation, avoids cross-process APCs, and evades top-tier EDRs. Learn how it combines Early Bird APC Injection & EDR-Preloading: outflank.nl/blog/2024/10/1…
THC RELEASE: 🎁Execute arbitrary backdoors 🚪on targets that do NOT allow execution 🙈 (noexec). Without ptrace() or mmap(). With only BASH _or_ PHP.👉Trick BASH to make (any)❗️SYSCALLS ❗️to the kernel. 🤪 #ISPScare iq.thc.org/bypassing-noex…
From HTTP request to ROP chain in Node.js! 🔥 Our latest blog post explains how to turn a file write vulnerability in a Node.js application into RCE – even though the target's file system is read-only: sonarsource.com/blog/why-code-…
Oh man, when your POC ends up in LWiS even though it's dropped same day! You guys are doing amazing work @badsectorlabs blog.badsectorlabs.com
#exploit Techniques for Privilege Escalation on Windows Part 1: zerodayinitiative.com/blog/2024/7/29… Part 2: zerodayinitiative.com/blog/2024/7/30… Part 3: zerodayinitiative.com/blog/2024/7/31…
Guest vs Null session on Windows - @Defte_ blog.whiteflag.io/blog/guest-vs-…
An Introduction to Chrome Exploitation - Maglev Edition :: — uf0 matteomalvica.com/blog/2024/06/0…
Thanks to a great article from @itm4n, I discovered a bypass to install vulnerable printer's drivers when low level users are allowed to install them on Windows allowing escalating privileges. He published a detailed explanation: itm4n.github.io/printnightmare…
United States Trends
- 1. Mike Rogers 137 B posts
- 2. #FridayVibes 6.908 posts
- 3. Good Friday 64,4 B posts
- 4. $mad 5.480 posts
- 5. Happy Friyay 2.721 posts
- 6. CONGRATULATIONS JIMIN 311 B posts
- 7. Jason Kelce 1.730 posts
- 8. Pam Bondi 321 B posts
- 9. #FridayMotivation 11,4 B posts
- 10. #FridayFeeling 3.528 posts
- 11. #KashOnly 70,5 B posts
- 12. McCabe 25,3 B posts
- 13. #FursuitFriday 12 B posts
- 14. Chris Brown 30,9 B posts
- 15. Randle 7.503 posts
- 16. President John F. Kennedy 7.663 posts
- 17. Finally Friday 3.307 posts
- 18. Kang 35,5 B posts
- 19. Jameis 71,7 B posts
- 20. St. Cecilia 1.531 posts
Who to follow
-
Rootbakar Official
@rootbakar -
HawkEye
@_3venthorizon -
Adib Dzulfikar
@adib_dz -
P0wden
@p0wden -
Han*
@YosuaKristanto -
Vaints
@vaints_ -
G123N1Nj4
@G123Nj4 -
Pwnsploit
@pwnsploit -
Dark Phoenix
@Fat_BoyLucifier -
huyK
@huyK85770870 -
Anil Arelli
@a_arelli_ -
kingtoto
@kingtot31410584 -
rugb
@Bet0_Shinoda -
Fauzan Maghribi
@FauzanMaghribi
Something went wrong.
Something went wrong.