k0shl
@KeyZ3r0
Followers
7K
Following
973
Media
30
Statuses
606
BOOMBAP!
China
Joined December 2016
Our slide is online: https://t.co/vpdHxw7NV5 Glad to share our pre-auth DoS & RCE bug hunting research at #BHUSA! Thanks @BlackHatEvents for the pre-recording, as we couldn’t attend in person this time for personal reasons. Questions? DM us @vv474172261 @XiaoWei___ @edwardzpeng
7
57
185
We released our Fuzzilli-based V8 Sandbox fuzzer: https://t.co/eVkR1bl76n It explores the heap to find interesting objects and corrupts them in a deterministic way using V8's memory corruption API. Happy fuzzing!
github.com
This is a basic fuzzer for the V8 Sandbox. It uses the memory corruption API to implement a random-but-deterministic (given a seed) traversal through the V8 heap object graph and corrupts some obje...
2
74
292
Well. Happy to be on the MVRs annual list again and again — twice in a year 😂! Ended up #11. Thanks @msftsecresponse and congrats all!
Our previously published Most Valuable Researchers (MVR) leaderboard contained inaccuracies due to technical issues on our end. We apologize for the error and have since resolved the issue. We’re now sharing a fully refreshed and accurate leaderboard. The Microsoft Researcher
2
0
20
During #BHUSA Briefing "Diving into Windows HTTP: Unveiling Hidden Preauth Vulnerabilities in Windows HTTP Services," we will discuss the different architectures of Windows HTTP services and share multiple previously undisclosed vulnerability cases and attacks. We will also
0
1
14
Happy to make list again! Thank you @msftsecresponse and congrats all!
The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers by discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s
1
1
24
In #BHUSA Briefings "Diving into Windows HTTP: Unveiling Hidden Preauth Vulnerabilities in Windows HTTP Services" where the speakers will discuss the different architectures of Windows HTTP services and share multiple previously undisclosed vulnerability cases and attacks. They
0
3
9
Excited to announce our talk has been accepted by @BlackHatEvents #BHUSA!🥳🥳🥳 In my part of presentation, I’ll cover logic-based pre-auth remote vulnerabilities uncovered via novel abuse of Windows native HTTP API. Can't wait to see y'all in Las Vegas! https://t.co/XMIhb60Bqz
10
19
154
[Official Announcement]: https://t.co/KYlSs1jYqJ 2025 IS COMING!!! This is a community-driven, non-profit information security closed-door symposium, where technology speaks loudest. 🌐 https://t.co/b53eHDnMgp 📅 June 16, 2025 📍 Shanghai, China 📧 x@deepsec.cc
0
11
35
I'm unable to join the conference Insomni’hack 2025, so I write a part of content into a blog, hope you enjoy my blog.
7
39
127
We are publishing less here now. But here is a recent post by @Tuan_Linh_98 & lots of guidance by @cplearns2h4ck
https://t.co/mdnnxhQv8E
starlabs.sg
Executive Summary CVE-2024-26230 is a critical vulnerability found in the Windows Telephony Service (TapiSrv), which can lead to an elevation of privilege on affected systems. The exploit leverages a...
2
44
119
Think you’ve got what it takes to pop shells and snag your ticket to... @REverseConf and @offbyoneconf ? 😏 https://t.co/Bof9oxLd6z
1
46
138
Received my MVR swag box at the last day of 2024, thank you @msftsecresponse ! And happy new year you all!
2
1
27
🎄 All I Want for Christmas is a CVE-2024-30085 Exploit 🎄 As always, we at @starlabs_sg are sharing what we learnt. This time, it's brought to you by Cherie-Anne Lee https://t.co/NHVNlLpwzU
starlabs.sg
TLDR CVE-2024-30085 is a heap-based buffer overflow vulnerability affecting the Windows Cloud Files Mini Filter Driver cldflt.sys. By crafting a custom reparse point, it is possible to trigger the...
0
51
170
I have posted the slides for the talk @chompie1337 and I gave this past weekend at @h2hconference -> The Kernel Hacker’s Guide to the Galaxy: Automating Exploit Engineering Workflows #H2HC
https://t.co/Cl8b58KkAv
17
218
747
Finally received my PwnieAwards @PwnieAwards and a cute letter from @chompie1337 , thank you and @FuzzySec for congratulations and international delivery, it's definitely a milestone in my hacker's career. Just stay hungry and keep hunting!
5
9
156
I definitely had some discussions with MSRC during this quarter period, I reported some logical based issues and shared how them work and why with them. Thanks MSRC and bounty team for their understanding, quick response and kind help as always.😄
1
0
22
I'm happy to get BEST RCE as my first pwnie awards! A new archievement in my career. Thanks @PwnieAwards and CONGRATS to all pwnies, same to my friend @chompie1337 🥳🥳🥳
Congrats @KeyZ3r0
1
8
100
Glad to be #15 on overrall list and #6 on Windows list, thanks MSRC and bounty team as always. Congrats all on the list!
The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers by discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s
3
0
28
Nice work! I'm glad that my blog post could be a little helpful in inspiring the discovery of such a beautiful bug.😃😃
I’m thrilled to share my latest blog post! This one focuses on the bug hunting process: inspiration, approach, and execution. I also provide a retrospective on how the bug was introduced and analyze the insufficient “patch”. Check it out:
1
1
25