📢It's here! Part 2 of Norbert Szetei's (@73696e65) research into ksmbd. See how customized fuzzing & the appropriate sanitizers led to discovering 23 Linux kernel CVEs, including use-after-frees & out-of-bounds reads/writes. https://t.co/LmigwJtB2c #doyensec #appsec #security

Several members of the #doyensec team are here in Berlin 🇩🇪attending @offensive_con this weekend! Ping us or just say "hallo" in person, if you'd like to talk #appsec or grab a coffee. We're looking forward to some amazing talks! #offensivecon #security

Our @73696e65's latest research has resulted in at least 1⃣5⃣ CVEs in ksmbd🤯, including multiple use-after-frees, bounds checks, type confusion and overflows‼️ Check it out today! https://t.co/AiobDskF5e #doyensec #appsec #security #linux

The latest coordinated disclosure from our researchers (Norbert Szetei @73696e65 & Viktor Chuchurski @viktorot) details a SQLi and DoS via Prototype Pollution in #TypeORM! Time to update! More details: https://t.co/sQWGdWA3OW #doyensec #TypeScript #Electron #NodeJS #appsec

Our latest blog post takes the pain out of VirtualBox device driver fuzzing. We provide all the details necessary along with custom code patches to get you started! Check it out here: https://t.co/jCEwjuInLa

Can you survive a nuclear war? Yes, you can. As long as you are not in the physical blast zone your main goal is to create distance between yourself and the radiation and then wait it out. 220308 Episode 51 Nuclear War PUBLIC

Our new blog post is out! @73696e65 talks about his journey fuzzing Javascript engines with state of the art tools. We explore Dharma before setting up @5aelo's Fuzzilli, modifying it, and collecting CVEs in JerryScript https://t.co/8Tp7GFmLZM 🐛#fuzzing #fuzzilli #dharma

The Biggest Ideas in the Universe! Informal videos in which I try to explain big ideas one by one. Here is the announcement and intro video: https://t.co/lJ0oEzCCDD

Fuzzilli v0.9.1 is out: https://t.co/8DDSqXwSk2 Many thanks to everyone who helped make this release possible! :)

We put together our very own "Awesome" list on GitHub about @electronjs security! A frequently-updated repo with presentations, bug write-ups, and all kinds of content to help during Electron security testing https://t.co/Rb8yhyTVjU

Google recently awarded $10k for an exotic stored XSS on Google Scholar using polymorphic images. Another “magic” show performed by our own @lorenzostella! Read how on our latest blog post: https://t.co/sy7zvQGZNb #xss #bugbounty #magic

Norbert @73696e65 wrapped up his first #DoyensecResearch week with a nice bug in Django - a SQL injection in GIS functions (CVE-2020-9402) https://t.co/XnH6dCmtNk #Django #infosec

We have been busy lately...so it's about time to welcome @73696e65 for joining the @Doyensec team! 🙂 Welcome onboard Norbert!

Sneak peek under the hood of Electra's kexecute https://t.co/eN1B3WrNHo

#6 finally done, that was so nice! #flareon5

The slides from my talk "Practical recon techniques for bug hunters & pentesters" presented at @Bugcrowd LevelUp 0x02 in PDF format are here https://t.co/dRsBLe66vq #osint #appsec #recon

Another company which creates a huge "power" asymmetry between governments and individuals. Shame! Inside the secretive industry that helps government hackers get around encryption. https://t.co/TrPUJLjwfg

My first #FLAREOn4 badge received too, thank you @FireEye

Linux Exploitation Course: A Course on Intermediate Level #Linux #Exploitation by @nn_amon https://t.co/JgZsfjwvXo

The Art of Fuzzing (Slides and Demos) -