Pwn Live
@PwnLive_
Followers
95
Following
224
Media
14
Statuses
83
Streaming en español, sobre reversing, exploiting, programación y hacking en general... https://t.co/yNLkTS3T6l https://t.co/EL94BRXIe8
Joined July 2023
El día 16 estaremos con Pablo Aravena, donde nos contará sobre su investigación en un dron comercial que realizó. Nos vemos a las 21hs GMT-3 en: https://t.co/YZgVY4w4v0
0
1
4
EDR Analysis: Leveraging Fake DLLs, Guard Pages, and VEH for Enhanced Detection https://t.co/ZzjOqqeNhf
2
58
267
Very nice, STAR Labs were able to leverage the auth bypass (CVE-2024-51978) and stack buffer overflow (CVE-2024-51979) we disclosed earlier this year, for unauth RCE against a Brother MFC-J1010DW, by chaining to a firmware downgrade bug 🔥
🖨️ Brother, can you spare us a root shell? We were ready for Pwn2Own but they patched it on the LAST DAY of registration 😭 Hope you enjoy this new blog post from us. 📖
1
4
54
Another Nim C2-Framework developed by @virtualloc. Can't believe you actually wrote the whole client in Nim as well 😂 Nice one! https://t.co/2rPGuqzbqr Including a Blog for parts of it: https://t.co/YvVxQpEjFG
5
77
279
exploited in v8ctf
(CVE-2025-10891)[443765373][ignition]Integer Overflow https://t.co/NIGVYJcRT5
https://t.co/ofvwHiSQrd Reported by Google Big Sleep
0
4
32
While playing @defcon CTF Finals with @shellphish I managed to solve the ICO challenge using LLMs (GPT5 + Cursor) and almost no human intervention. You can read how I did it here!
wilgibbs.com
DEF CON CTF Every year world-class teams play difficult CTFs such as Plaid CTF and HITCON CTF in an attempt to qualify for DEF CON CTF by getting first place. There are usually only 3-4 CTFs a year...
6
113
381
2
87
395
It's been a long time since I published a write-up, so... Here's my little article about log strings obfuscation in modern iBoot and 2 methods I found to (partially) deobfuscate them Read on your own risk! https://t.co/rbkLhuVE3O
2
27
290
Following their presentation at @hexacon_fr, Mehdi & Etienne detail how they exploited CVE-2023-40129, a critical vulnerability affecting the Bluetooth stack in Android ⬇️ https://t.co/OS63LQ4tJE
synacktiv.com
Paint it blue: Attacking the bluetooth stack
0
52
146
Cracking the Pixel 8: Exploiting the Undocumented DSP to Bypass MTE - @Peterpan980927 @st424204 from @starlabs_sg
https://t.co/BBogFGPjWc
1
47
194
Team Z3 at Pwn2Own Ireland found that WhatsApp 0click 0day RCE exploit. Meanwhile GrapheneOS with MTE enabled for user installed apps shows:
13
97
1K
Fantastic @offby1security session with @leonjza on finding bugs in Windows bloatware. It's available on YouTube here:
0
18
73
Windows Heap Exploitation - From Heap Overflow to Arbitrary R/W
mrt4ntr4.github.io
TLDR I was unable to find some good writeups/blogposts on Windows user mode heap exploitation which inspired me to write an introductory but practical post on Windows heap internals and exploitati
0
28
111
There's a sick linenoise article by @iximeow in @phrack 71 called "Learning An ISA By Force Of Will", where ixi goes from unknown binary blob, to manual instruction decoding, to figuring out control flow, and gives a critique of the RE'd ISA. https://t.co/LK4R6e6lUI
phrack.org
Click to read the article on phrack
How do you program an unknown CPU? The original specs are gone; no compilers exist, and the ISA is completely unrecognized. It happens more often than you think, behind very closed doors. It's almost always military hardware.
4
33
158
I’ve brought you a real iOS MTE bypass retrospectively: the overflow happens inside the co-processor (no MTE), then abuses trusted RPCs to gain kernel R/W — sidestepping MTE on the AP entirely. https://t.co/r54afStxXb
5
52
322
Metamorphic compilation (@tijme), Windows Secure Calls (@33y0re), macOS race condition exploit (@patch1t), NTLM relaying (@elad_shamir), and more!
blog.badsectorlabs.com
Metamorphic compilation (@tijme), Windows Secure Calls (@33y0re), macOS race condition exploit (@patch1t), NTLM relaying (@elad_shamir), iOS zero-click RE (@quarkslab), and more!
0
5
26