#39c3 #togetherwehitharder #onelife #hacking #Germany

I'm still looking for two (2) tickets for 39c3 for my friends, who otherwise would be forced to dress as service-dog to maybe have a chance to enter the conference. If any of you got a plug please hit me up!

Read my latest article: Introduction to root-cause analysis on Linux:

https://t.co/SQtGtDSW0Y

Hey fuzzer folks! Want to learn how to use LibAFL ? Check this super exercices made by @addisoncrump_vr https://t.co/SvyjY84UzK

New bug I've reported: CVE-2025-52194 - IRCAM File Processing Buffer Overflow in LibSndfile Write-up:

I'm quite happy to share that Apple have published a vulnerability I have reported. This vulnerability affects multiple MacOS versions and affects the program `file`. First bug in Apple product 🥳

Introducing Havoc Professional: A Lethal Presence We’re excited to share a first look at Havoc Professional, a next-generation, highly modular Command and Control framework, and Kaine-kit our fully Position Independent Code agent engineered for stealth! https://t.co/0aPVihoFIU

Joining @rektoff_xyz bootcamp about Solana Rust Security! Really thrilled and thankful to start this one :D

Releasing this fun tool Golem based on @0xdea, LLVM, LLM and @semgrep Golem automates C/C++ vulnerability discovery by combining Semgrep rule scans, LLVM call-graph & CFG slicing, and AI-driven context analysis. Tool: https://t.co/BX9a2nSZXi Article:

turns out running thing on server and locally are not the same, who would have guess???

Note: It's a BETA, it's vibe coded A LOT, it doesnt handle any sensitive info, please report bugs if you find some (you will) thanks kiss kiss

Just launched Code Auditor CTF — https://t.co/S87nvpjfht A web platform to practice finding real-world C/C++ vulnerabilities • 8000+ challenges • Progress tracking + leaderboard • Beginner-friendly • Fully open source (beta):

Write-up of my v8 bug: Critical type confusion in V8's Turboshaft compiler allowed stale pointers to bypass GC, leading to exploitable memory corruption. Full details + PoC:

I wrote a comprehensive guide on harnessing libraries for effective fuzzing with AFL++ ! Have a look =>

✨️ Happy new year hackers! ✨️

Going to #38c3 was on my wishlist for MANY years. I am extremely happy to have been able to attend this super fun con for the first time, I've watch many great talks, met a bunch of really cool nerds and loved the hacking atmosphere! ✨️

🥳CVE-2024-53589: I discovered a heap buffer-overflow vulnerability in objdump affecting version 2.43, during a fuzzing campaign with @aflplusplus More details:

Following 7zip 24.08 release, @thezdi disclosed yesterday my vulnerability in 7zip 24.07: CopyCoder Infinite Loop Denial-of-Service Vulnerability - CVE-2024-11612 I found this vulnerability last summer during a fuzzing campaign with @aflplusplus https://t.co/v4UVV7TOGt

My talk at lehack! Hacking satellites from SDR to RCE