Today is the 10 year anniversary of the first time I ever pwned anything!. My first exploit was a simple stack smash, overwrite return ptr, jump to admin function. This was an in internal recruiting CTF by @gaasedelen for the RPISEC . Before that day I had never even considered.

RT @ret2systems: What does it take to hack a @Sonos Era 300 for Pwn2Own? . Take a look at our process of adapting existing research, establ….

RT @mahal0z: I'm proud to announce that myself and @AtipriyaBajaj have created the Workshop on Software Understanding and Reverse Engineeri….

Anyone know if there is a "official" name for this semi-fractal? It's like a soap-bubble version of the Sierpinski triangle. It was generated though fuzzing deterministic cellular automata rules (via AFL++ against the JXL file decoder library)

RT @ret2systems: New blogpost! Want to see how we exploited @Synology network-attached-storage devices at Pwn2Own Ireland?. RCE to root via….

A study of photos I took today using the iPhone camera sensor without any editing or image modification. #GlitchArt

Claude reversing a binary using Binary Ninja via MCP while I get a snack. @bl4sty.@ziyadedher.@vector35

RT @ret2systems: Be ambitious, do absurd things. Full-stack Reverse Engineering of the Original Microsoft Xbox from the inaugural @REverseC….

RT @REverseConf: Our first video from RE//verse 2025 is live! Part journey of personal discovery, part technical deep-dive, this presentati….

RT @REverseConf: Our 2025 RE//verse talk schedule is now live! Talks start Friday, but don't forget to check the Thursday schedule and arri….

RT @filpizlo: This is what I mean by Fil-C being memory safe. On the left, quickjs from 2019-07-09 compiled with GCC (i.e. Yolo-C) running….

I asked claude to expand the o3 test-time compute chart to its natural conclusion

RT @voooooogel: .@itszn13 has opened a PR to @ollama to add support for cvecs, including hitting steered models via API. not merged yet but….

Using @voooooogel control vector library to backdoor a model so that it introduces command injection vulnerabilities rather than using safer subprocess methods

Convincing Claude that 7919 is not prime

Looks like this feature is not actually enabled yet, I had to do some feature hacking to get it to work in the UI. Here is how claude sees the difference:

View them on the profile since X is censoring the account in retweets.

X appears to be censoring these posts???

Here is how it went until it got blocked.

I tried to get claude to browse infinite internet and the API decided it was too dangerous to allow it to access the multiversal-internet. "This action is temporarily not available at this time due to enhanced protections for the beta release.".@simonw