Maddie Stone
@maddiestone
Followers
63,656
Following
847
Media
1,011
Statuses
7,793
Security Researcher - Google's Threat Analysis Group | 0days all day. Love all things bytes, assembly, and glitter. she/her.
Joined October 2014
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Nicolas
• 115950 Tweets
seokjin
• 82959 Tweets
Rio Grande do Sul
• 80085 Tweets
Gabigol
• 66005 Tweets
O Flamengo
• 58488 Tweets
#AEWDynamite
• 43282 Tweets
Mauro
• 42647 Tweets
Maracanã
• 32598 Tweets
フジコ・ヘミングさん
• 28481 Tweets
Rayados
• 28104 Tweets
MARTIN AL 9009
• 24960 Tweets
O Tite
• 24025 Tweets
Amazonas
• 23816 Tweets
Aashiyana
• 23261 Tweets
Carlos Miguel
• 18206 Tweets
Bautista
• 17634 Tweets
Monterrey
• 17266 Tweets
FEDERICO AL 9009
• 17231 Tweets
MEW X MONTBLANC
• 17214 Tweets
Maxi
• 16105 Tweets
ネルフェス
• 15601 Tweets
Columbus
• 13341 Tweets
ワンボタン瞬獄殺
• 13272 Tweets
Gerson
• 12619 Tweets
カード付き
• 10801 Tweets
Pinned Tweet
ohmygoodnessgracious. The one and only
@lilyhnewman
said some nice words about me... even after I made her come to the gym and do squat snatches.
41
119
1K
2nd semester of CS, I asked "What is a server?" in my intermediate program class.
Everyone laughed, the professor looked at me incredulously & I continued with "What do you mean a computer doesn't have a screen?"
And here we are today. Ask the questions until you understand.
189
931
7K
Dear
#Infosec
I've been "warned" 3x that if I keep posting that Black Lives Matter, I'm unhireable.
If I, a white, cis, straight, US-born... woman w public evidence of my work can be "unhireable" due to just saying
#BlackLivesMatter
, how can Black hackers even hope to be hired?
167
1K
6K
I’m really fucking tired. On average, about every week I receive some message about how I’m “unskilled”, “P0’s biggest mistake”, “not technical”. And about every other month one of these messages is posted very publicly or emailed to my managers. 1/7
146
370
2K
🌟v2 of my free Intro to Android App Reverse Engineering workshop is here! 🌟
I've added 3 new exercises, walk-through videos for all 7 exercises, a new module on obfuscation, & exercises on vuln hunting rather than just malware. I hope it helps!
46
886
2K
This doesn't feel like it can be real... I got promoted to L6 Staff Security Engineer!!!! 😁😊😭🎉
130
21
2K
I just fell for a scam email.
Yep, I'm a security pro & I fell for one 🙋🏽♀️
It's not "my fault" as a user & I don't think it's anything to be ashamed of. It happens🤷🏽♀️If we don't admit it happened, we can't work to remediate & learn from it. So let's normalize talking about it 😊
117
268
2K
It's finally here! I have published my Intro to Android App Reverse Engineering workshop! If you're interested in learning how to begin RE'ing Android apps (both DEX and native code), check out this workshop.
#reverseengineering
#android
#infosec
35
784
2K
After 6.5 year, today was my last day at Google. What a chapter it's been. From Android Security to Project Zero to TAG, I've had opportunities to tackle technically challenging and meaningful projects & work with the best people along the way.
60
52
2K
Turns out you won't hit your breakpoints if the debugger is attached to a different process.
44
75
2K
My 2nd year in the industry, a more sr engineer told me that the only people who make these comments are those who aren’t technically capable themselves. He’s right. The ones who are more skilled are doing the work & helping me grow. They share, not tear people down. 4/7
8
96
1K
A recruiter has found my dad's cell phone number and keeps calling him trying to get in touch with me. Recruiters (and anyone else), don't pull this fucking shit. I can't even begin to describe how disrespectful and creepy this is.
60
75
1K
Side note: It’s also total bullshit that somehow technical skills == your right to be respected & how much you belong in infosec. Infosec would never get shit done if it wasn’t for people who had the management, communication, legal, etc skills. 6/7
12
91
1K
Who needs a 0-click when you have MITM? ✨ Working with
@billmarczak
&
@citizenlab
we discovered 3 iOS and 1 Chrome 0-day from Intellexa, used to install Predator spyware in Egypt 🇪🇬
7
301
1K
*~ BuT iT's A mErItOcRaCy!! ~*
No, it's not. If people posting that another group of people deserve to live without being murdered make you or your company uncomfortable and that you can't hire them. You are part of the racism problem. Fix it now.
5
110
967
Canadian immigration officer asked me if I was here for a bachelorette party. I looked at him strangely. He said “Oh, the nail color is usually a sign for bachelorettes”.
No, sir, my hot pink nails & I are presenting on reversing a complex anti-analysis native Android library.
15
92
970
Kernel privilege escalation bug in Android affecting fully patched Pixel 2 & others. Reported under 7 day deadline due to evidence of in-the-wild exploit.
@tehjh
and I quickly wrote a POC to get arbitrary kernel r/w using this bug, released in tracker.
20
425
943
Turns out my security measures against dick pics work equally as well against N Korean hackers.
28
78
919
So this is my reality, but my reality is also that I’ve had the honor to work with really really good people. I love my work & I know I’m damn good at it. And while these people spend their time creating fake accounts to send me msgs, I just keep getting better & better. 7/7
66
23
914
pov: you're a security researcher with 15 different phones on your desk and they all suddenly start going off with flash flood warnings at the same time
0/10 recommend
20
33
887
tfw you google a question and your own blog post is the first result
...and it answers your question
35
35
845
Security is quite literally just my job and paycheck. I love my job (and paycheck), but I would not be doing it if I wasn't paid for it.
Security isn't a job or a paycheck. It's a mindset. It is needing to know why or how. It is needing to know you can beat the system or make the system unbeatable. It's not 9-5. It's an obsession. A way you look at the world. The hardest part is not getting taken advantage of.
73
91
545
17
48
758
Would me doing a live streaming of teaching part of my Android App Reverse Engineering workshop while we're all stuck at home be something of interest/helpful?
🌟v2 of my free Intro to Android App Reverse Engineering workshop is here! 🌟
I've added 3 new exercises, walk-through videos for all 7 exercises, a new module on obfuscation, & exercises on vuln hunting rather than just malware. I hope it helps!
46
886
2K
46
124
748
✨ New Workshop! Android Exploits 101 🔥📱
I put together an introductory overview of the "shape" of modern 0-day exploit chains for Android. Hope it's helpful 😊
10
219
739
*whispers* It's only the Internet Explorer desktop application that's going out of support. The browser engine, MSHTML, will be supported on Windows machines until 2029...
11
167
740
I've been thinking a lot (again) about all the encouragement for women to drop "hedge words": the words that soften what we're trying to say.
But in my experience, when I drop them, it's received very poorly. This isn't about whether people like me, but whether I get shit done.
36
75
729
@AlexThomp
@rubycramer
Hi, security professional here. VP Harris is correct: Bluetooth is a security risk. If she was hacked, it could affect us all so being willing to use wired headphones and keep Bluetooth off is responsibility, not a "phobia".
14
38
708
This is 30! 🎉💕 I've been accidentally telling people I'm 30 for the past few years so I'm glad I won't be lying anymore 😂
80
0
707
👩🏽🎓Graduated with 3 degrees
✈️Traveled to 42 countries, 35+ solo
🦵🏽Relearned to walk
👩🏽💻Learned to hack, reverse, & code
💕Became kinder & more compassionate
💲Paid off all debt
💪🏽Survived assault & abuse
🤗Grew life-long friendships
🏋🏽♀️Got strong
I did good. I'm proud of me.
26
18
706
North Korean actors 🇰🇵 are targeting security researchers again including use of at least one 0-day. IOCs in the blog ⬇️ If you've been in contact, please reach out
15
337
688
We're naming names 🔥 because the harm is not hypothetical.
Today we share "Buying Spying", our new report diving into the commercial surveillance/spyware industry. We dive into the players, the campaigns, the spyware, & the harm it perpetuates.
11
316
664
Here are the slides from my
@BlackHatEvents
talk on reversing Android pre-installed apps & case studies of pre-installed security issues!
#BHUSA
14
224
615
After a decade of coding, today I learned how to cut and paste in vim.
36
24
609
The quality & volume of work I’ve done, the mentoring, the presentations, the reviewing, the developing teaching materials...that’s all done while I also have to devote a portion of my energy processing the harassment. Even when you know it's false, you still have to process. 5/7
3
24
590
If you’re getting these messages too, it’s not about you. I’ve quite literally done everything these folks asked: I’ve done novel research at every level between a die on a CPU and applications. I have the CVEs. Large volumes of my work are publicly available...and yet. 3/7
1
21
584
Hi, my name is Maddie and so far this morning I've crashed my VM four times, IDA three times, BinDiff twice, and my computer once. It's 8:54 am.
37
19
557
Pink shells make you hack 34% better(1). It's science. 💁🏽♀️
[1] All my 0-days have been found in a pink shell.
@offensive_con
29
58
547
Today we're sharing our Year in Review of 0-days exploited in-the-wild in 2021. Here's our takeaways from this record breaking year.
2
225
548
I get asked all the time how to get started in binary RE. There are tons of great resources out there, so
#1
is just get started with something, anything! But if you're open to suggestions for building a strong, general reverse engineering foundation, here are my suggestions:
11
185
544
✨Root Cause Analysis for in-the-wild 0day CVE-2021-1647✨
The Windows Defender RCE that was exploited in-the-wild and patched in January.
5
228
546
Hey you, it's not just you. Life is hard and yet you're doing a fucking great job. 💜
13
72
531
This is nothing new since I first was an intern. It’s damn clear that the comments are bullshit. That the people taking the time to send me these msgs or create the anonymous accounts are telling a lot more about themselves than about me. But it’s still exhausting. 2/7
3
15
529
This evening, a man in a light blue collared shirt with a walkie talkie, entered my room with a key without knocking while I was getting dressed. He left when I started screaming.
@CaesarsPalace
is investigating whether it was a hotel employee.
@defcon
has also been alerted.
49
197
518
In Oct 2020, we discovered seven 0-day exploits in-the-wild from two exploit servers. The exploit chains targeted Android, Windows, and iOS devices.
Each step we take towards making 0-day hard, makes all of us safer.
9
162
524
I’m really stinkin’ proud of this paper. 12 mths ago I’d never analyzed a piece of malware & knew nothing about Android. Leaving my comfort zone of HW & firmware hacking was terrifying. Honestly, I didn’t know if I’d be good at or enjoy anything else. Boy I’m glad I took the leap
15
70
506
2 yrs ago I joined the Android Security team never having looked at Android nor malware. I've had the honor of working with incredible teammates who've challenged me, given me opportunities to lead, & listened to my dad jokes (repeatedly) as we worked to protect all Android users
Welcome Maddie Stone (
@maddiestone
) to Project Zero! Maddie is leading a new effort to study 0day exploits in the wild.
28
47
638
18
30
493
At 5.5 months post surgery (labral repair, open bicep tendonesis, & capsulorrhaphy) I can do push-ups!! This was my third one! Putting in the work pays off 😄💪🏽
23
1
492
Clarification: I didn't share this because I need a job or to hear that I'm "doing the right thing".
I share cuz it clearly shows what underrepresented groups (in this case Black ppl) are up against. But we can change it. YOU CAN CHANGE IT. Take an active role in hiring TODAY.
4
40
480
Since I've talked to a few people who were surprised by this, I'll say it again.
DEFCON IS FREE TO ATTEND! NO REGISTRATION NECESSARY!
We don't know who needs to hear this right now, but
#defconsafemode
is free to attend. You don't have to register. It starts in one week. You should join us.
34
2K
3K
9
214
488
With 22 0-day exploits, 2020 has officially surpassed 2019 in number of 0-days detected as exploited in-the-wild.
As a reminder, Project Zero tracks all publicly known itw 0-day exploits going back to 2014 here:
6
131
479
At least 50% of the in-the-wild 0-days that we've tracked so far in 2022 are variants of previously patched vulnerabilities.
8
168
482
Lately, I've been watching talks from pre-2010. There's so much important infosec work/history out there, but you need to know what to look for.
What are some of your favorite talks, blogs, events, etc from 2012 or before that you'd recommend to those newer to the industry?
54
107
475
🌟 RCA for WebKit itw 0-day CVE-2021-30858 🌟
#itw0days
I do love me a tweetable poc:
var fontFace1 = new FontFace("font1", "", {});
var fontFaceSet = new FontFaceSet([fontFace1]);
= "font2";
10
133
459
Infosec doesn't have to be your hobby.
15
47
458
hetero man: but guys is gender neutral!
me: how many guys have you fucked?
man: 😲 0. I've only been with women.
me: ...
narrator: guys is not gender neutral.
28
70
453
I DID IT!!! I SUMMITED MT KILIMANJARO!!! 5895m/19,341ft
It was the best 8 days trekking up & down from Uhuru peak along the Lemosho route. We had 0 connectivity, showers, or toilets, but OMG I SUMMITED KILI! More to come, but first, shower.
#maddiedoeskili
➡️
#maddieDIDkili
35
10
452
Back in 2017, I taught an Introduction to Reverse Engineering Workshop called "n00b to l33t" which introduced the concepts of assembly and reversing. Thanks to
@JHUAPL
for open sourcing the materials for all!
5
145
431
nbd just the CEO tweeting about your report 🤗😊
New report from our Threat Analysis Group +
@Mandiant
observed 97 zero-day vulnerabilities exploited in the wild in 2023, up 50% from 2022. Good news: investments are making a difference - vulnerabilities once common are virtually non-existent today.
85
118
667
11
17
427
Here are the slides from
@tiraniddo
and my talk, "The Print Spooler Bug that Wasn't" this morning at
@offensive_con
. We take you through our investigation into CVE-2022-41073, an in-the-wild 0-day that Microsoft patched in Nov 2022.
#OffensiveCon2023
6
136
421
Detailed analysis of an Android in-the-wild 0-day exploit developed by surveillance vendor Wintego by Xingyu Jin from Android Security Research team:
1
157
414
Blog post on CVE-2019-2215, the Android binder bug that was exploited in-the-wild and affected most Android devices manufactured prior to Fall 2018.
5
198
415
btw...I've moved to Google TAG!!🎉⚡️💃🏽
We're building a team focused on ITW 0days & commercial surveillance vendors, combining the ITW work from Project Zero and TAG into this one new team. I couldn't be more excited to work with
@_clem1
@benoitsevens
&
@vladhiewsha
on this!
🎯
@vladhiewsha
@_clem1
, Bahare, and I from Google TAG, discovered two new in-the-wild 0-days that were patched today: CVE-2023-36874 and CVE-2023-36884. Big thanks to Microsoft for the quick turn around on patches! 👏🏽
#itw0days
5
37
157
21
24
418
Along with many others in infosec, I've always cautioned against any of the voice activated smart gadgets, largely thinking there's only marginal benefit for the risks of an always-on microphone.
Recovering from surgery with only one usable arm has completely changed my views.1/
10
61
411
✨ Story time from my 1st reverse engineering project at work ✨
I joined the organization straight out of undergrad as a red teamer, but they knew I loved assembly. (I was TA for computer arch & created new projs for the class.) So they asked me if I'd like to try RE... 1/7
8
98
411
Wow! I'm overwhelmed with the interest. Let's do it!
🌟 This FRIDAY, 24 April 7:30am-11:30am PDT 🌟
I'm offering this for free, but if you are able, please consider donating to the SF-Marin food bank (drive ⬇️) or your local food bank.
#AndroidAppRELive
Would me doing a live streaming of teaching part of my Android App Reverse Engineering workshop while we're all stuck at home be something of interest/helpful?
46
124
748
13
162
409
Déjà vu-lnerability: A Year in Review of 0-days Exploited in-the-wild in 2020 🔎🐞💻🔥
7
166
405
So you've learned asm syntax & don't know what to do next? This writeup by
@bcdannyboy
shows you how common patterns in C++ code map to asm instructions to get your started in reverse engineering.
0
168
398
A lot of dudes regularly ask me how they can better support & encourage women in tech. Shut this shit down. My TL is full of women speaking up, but there are very few men.
Make this stop.
@fsf
is prioritizing a single abuser over the safety and inclusion of women as a whole.
What fresh hell is this?
Another unrepentant abuser getting away with it after a short blink of a non-career-limiting pause in which no self reflection, personal growth, or remorse was pursued nor expected before his inglorious infamous return.
#DeprecateRMS
#DeprecateToxicity
63
422
1K
6
155
390
@TheMarquezF
My girl
@Fox0x01
is answering everything you didn't know you wanted to know about the heap in this series
7
54
390
I wrote a “Year in Review” of the in-the-wild 0-day exploits from 2019. In addition, we’re also publishing the root cause analyses (RCAs) that we performed on these 0-days exploits. These RCAs were the foundations for the conclusions in the report. 1/3
8
169
395
Well that sure is something. Blocked by EC-Council for this tweet.
Option D. When one of the largest issuers of certifications in the industry
@ECCOUNCIL
believe that women are not capable of doing this job or just need a lil encouragement.
23
75
348
29
79
383
In May, Kaspersky (
@oct0xor
) discovered CVE-2020-0986 in Windows splwow64 was exploited itw as a 0day. Microsoft released a patch in June, but that patch didnt fix the vuln. After reporting that bad fix in Sept under a 90day deadline, it's still not fixed.
4
148
379
Here are the slides from my
@BlackHatEvents
talk "Reversing the Root: Identifying the Exploited Vulnerability in 0-days Used In-The-Wild".
7
118
374
So...like...what am I supposed to be doing with LinkedIn? Why do people want to "connect" if we've never met? What do you do once you "connect"? I just don't understand 😕
77
13
372
2013: Bug is fixed
2016: Fix is regressed
2022: Exploited in-the-wild and fixed again
#itw0days
Here's the story of CVE-2022-22620, including zombies 🧟♀️
4
114
373
Spent the last 4 days in Yosemite with no cell service, no wifi, lots of exploring, countless games of 4-way solitaire, and all of Yosemite's (sometimes quite smoky) magic. What a beautiful world. ✨🌎☀️🏔️
9
4
370
The fantastic
@natashenka
sharing the bugs that she and
@5aelo
found in iMessage.
And closing it out with a demo of a "no hands required!" exploit.
"Breaking your ASLR, please wait..."
4
122
367
...and Chrome just patched 2 in-the-wild 0-days CVE-2021-30632 (out of bounds write in v8) and CVE-2021-30633 (use-after-free in Indexed DB)
What a Monday
4
121
365
New blog! ✨ TFW you-get-really-excited-you-patch-diffed-a-0day-used-in-the-wild-but-then-find-out-it-is-the-wrong-vuln, aka my first adventure into Windows kernel land.
8
120
368
For the people in the back: DO NOT HIRE A WOMAN OR ANYONE FROM OTHER UNDERREPRESENTED GROUPS INTO TEAMS YOU KNOW WONT WELCOME THEM.
And especially do NOT hire them into the toxic culture and expect them to fix it.
Seriously, please please please don’t do this.
6
77
362
*whispers* If a patch is available, it's not a 0-day...
Words are hard & there is grey in the nitty gritty of when exactly is a bug no longer 0-day, but...I think we need to agree that if the patch is released and *then* exploitation occurs, that is not "exploiting a 0-day".
7
59
363
It's my birthday! 🎉
I'm so thankful for friends & family who don't make me choose between my 2 favorite desserts & instead make me both brownies (fudgy not 🙅🏽♀️cakey) and lemon cake with lemon cream cheese icing
55
0
352
Yesterday was quite the day. Five 0-days exploited in the wild disclosed: 4 in Exchange, 1 in Chrome. 12 so far for 2021...
The Project Zero tracking sheet has been updated:
6
109
359
I just paid off all of my student loans & am officially debt free!! I paid back $86k, $22k of interest. A large chunk of $ was also forgiven when my mom became disabled & then died (complicated). I share because it shouldn't require working at "a Google" to afford an ugrad degree
25
14
358
First ever solo backpacking trip done! 2 days. 21 miles. 5100 ft elevation gain (and loss 🦵🏽). 1 bear checking out what I was cooking for dinner. Way too many pounds in my pack. 5 new trail friends. 1 dead Maddie.
📍Lands of the Ahwanechee - Northern Paiute Mono Lake people
18
1
356
My 8 yr old cousin spent the night and she lost a tooth...
Do you understand the pressure of being the tooth fairy?!
1 I had no cash. Quarters it is.
2 I was up most the night: should I do it now? What about now? Or now?
3 Quarters are loud.
4 I forgot to take the tooth.
21
11
352
I used to feel guilty about all the tabs of articles and blogs I'd have open that I'd been meaning to read.
Now I just add all those to the Chrome reading list. I still don't read them, but at least I no longer feel guilty.
15
17
351
2020 is wild. I'm so stinkin' honored to be listed among this group of people in the Wired25. 😊
It's been said that hell is other people. Not in 2020. Right now, other people are the only thing between us and species collapse.
Introducing the WIRED25. Undeterred by disaster, these innovators are using tech to make things better for all of us 1/
16
117
276
41
9
350
Ohmygoodnessgracious. I actually presented "Unpacking the Packed Unpacker: Reversing an Android Anti-Analysis Native Library" at
#BHUSA
last week!!
@BlackHatEvents
SLIDES:
SCRIPT/RESOURCES:
19
89
352