Joshua Dow
@0xJDow
Followers
301
Following
1K
Media
3
Statuses
2K
Incoherent offsec retweets, hacking @ Scorpion Labs
Boston, MA
Joined December 2017
RT @al3x_n3ff: How to find the Entra ID sync server - A new NetExec module🔎. Inspired by the great Entra ID talks at #Troopers25, I looked….
0
140
0
RT @sourceincite: Here is a really cool blog post by wasamasa whos is a past student of our FSWA class: You can fi….
0
10
0
RT @shellterproject: 🔥🔥🔥.Raphael Mudge's take on Elastic's way of handling all this is pure gold. Thank you.
aff-wg.org
I have a personal interest in incidents of vendor disparagement and attacks on security researchers (and their security research). It’s in this context I need to address Elastic’s July 2025 b…
0
39
0
RT @starlabs_sg: One of our current intern, @goatmilkkk shared his Chrome-atic escape adventure using CVE-2024-30088.Epic obstacles documen….
starlabs.sg
For my internship, I was tasked by my mentor Le Qi to analyze CVE-2024-30088, a double-fetch race condition bug in the Windows Kernel Image ntoskrnl.exe. A public POC demonstrating EoP from Medium...
0
55
0
RT @spaceraccoonsec: Not all binaries are created equal. If you're a hacker, you need to know what you're looking at. Here are the 5 most….
0
9
0
RT @midwestneil: Turns out you can just hack any train in the USA and take control over the brakes. This is CVE-2025-1727 and it took me 12….
0
558
0
RT @spaceraccoonsec: Want a sneak peek of "From Day Zero to Zero Day" AND a guide to turn one vulnerability into a dozen?. I wrote a featur….
0
16
0
RT @SummerC0n: Thank You to @scorpion_labs joining us as a Silver Sponsor this year! "Scorpion Labs is a Boston-based offensive security te….
0
1
0
RT @slyd0g: This is so cool :). "Santa also supports file access authorization (FAA), restricting access to specif….
www.figma.com
Here's how we scaled Santa, an open-source binary authorization tool, across all Figmates’ laptops to boost endpoint security while keeping workflows seamless.
0
2
0
RT @C5pider: Introducing Havoc Professional: A Lethal Presence. We’re excited to share a first look at Havoc Professional, a next-generatio….
www.infinitycurve.org
An introduction to Havoc Professional and Kaine-kit, exploring the advanced features and capabilities that make them lucrative for modern security professionals.
0
183
0
RT @mariuszbit: 🔥 Modern Initial Access 2.0 is here🔥. Long-awaited class finally opens for registration, but only three live classes & then….
0
30
0
RT @samwcyo: When applying for a job at McDonald's, over 90% of franchises use "Olivia," an AI-powered chatbot. We (@iangcarroll and I) dis….
ian.sh
When applying for a job at McDonald's, over 90% of franchises use "Olivia," an AI-powered chatbot. We discovered a vulnerability that could allow an attacker to access more than 64 million job...
0
117
0
RT @Atredis: We recently identified a number of privilege escalation vulnerabilities in Lenovo Vantage on Windows; check out our latest blo….
www.atredis.com
0
16
0
RT @_xpn_: Awesome talk from @Cyb3rWard0g on AI Agents. this for me is the immediate future of LLM's and it's so exciting! .
www.youtube.com
Unlock the potential of LLM-based AI agents to transform security workflows. From reasoning loops and critic agents to orchestrating autonomous systems with ...
0
48
0
RT @vxunderground: I want to share my opinion on @GuidedHacking . When GuidedHacking acted as a sponsor for vx-underground I received small….
0
30
0
RT @TrustedSec: Chrome Remote Desktop can offer red teamers a subtle way to bypass restrictions—if they know how to use it. In this blog, @….
trustedsec.com
0
85
0