Slava Moskvin | Path Cybersec
@slava_moskvin_
Followers
994
Following
4K
Media
46
Statuses
210
RT @POC_Crew: ๐ ๏ธ [POC2025] TRAINING. MacOS/iOS Kernel User Fuzzing Training.by Meysam Firouzi (@R00tkitSMM). ๐
Nov 10-12 (3 days).๐ Four Seโฆ.
0
23
0
Proof that AI can now find 0-days even w/o agents or advanced tooling. Also pretty cool: o3 managed to find the known vulnerability only 8 out of 100 times, and the 0-day just 1 out of 100. I hadnโt realized it might take that many tries to get a useful result from AI.
0
0
0
My network fuzzer net-shredder found a remote NULL pointer dereference in the Linux kernel's SMB server (ksmbd)
0
12
68
Slides and fuzzer code from the Fuzzing Linux kernel modules stream are now live: Thanks again to @Steph3nSims for hosting!.
github.com
Minimal Linux kernel fuzzer demo targeting HFS+. Contribute to sl4v/hfsplus-kernel-fuzzing-demo development by creating an account on GitHub.
Fantastic demonstration from @slava_moskvin_ for those looking to get into fuzzing the Linux Kernel. Thanks for all of your preparation. You can watch the recorded version here:
0
14
85
Something fun happened just after a few minutes of running the final iteration of the fuzzer for this Thursday's stream with @Steph3nSims
0
0
28
We're gonna write a fuzzer potentially capable of rediscovering CVE-2025-0927 OOB write in HFS+. Join 22.05 11 AM PT/8 PM CET!.
Stream Update. The @offby1security with @slava_moskvin_ on Fuzzing Linux Kernel Modules will now run this Thursday, May 22nd at 11AM! .
1
9
74
Excited to join Stephen for a stream on Linux kernel fuzzing! 23.05 8 pm CET / 11 am PT.
New Upcoming Stream for May 23rd at 11AM PT!. Fuzzing Linux Kernel Modules, with @slava_moskvin_ ! @offby1security .
0
3
29
RT @xvonfers: (ZDI-CAN-26505)[ksmbd] Attacker send malformed smb2 negotiate request -> smbd return error response -> attacker can send smb2โฆ.
0
4
0
Congrats @R00tkitSMM!.
[#Zer0Con2025] - SPEAKER 1โฃ. ๐โโ๏ธ@R00tkitSMM - Pishi Reloaded: Binary only address sanitizer for macOS KEXT
1
1
1
The sheer scale of this operation, as well as the investigation, is fascinating
0
0
3
I really liked how pragmatic and down to earth this blogpost is.
Today I'm releasing my JavaScript/v8 Fuzzer JS Raider. I developed the fuzzer for my master thesis and later improved the code for the "Fuzzilli Research Grant Program". You can find the source code, results and my key learnings in my blog post at:
0
0
2
Nice post, you should check it out ๐.
0
0
6
0
9
46
- A wild read on recovering a RSA private key when half of it is redacted from @CryptoHack__ : /end.
blog.cryptohack.org
The @CryptoHack__ account was pinged today by ENOENT, with a CTF-like challenge found in the wild: Source tweet. Hereโs a write-up covering how given a partially redacted PEM, the whole private key...
0
0
0
- Expansion on the ideas of the previous article from @R00tkitSMM : 3/.
r00tkitsmm.github.io
Hi everyone! Iโm really happy to tell you about my experimenting adventure today. I decided to experiment with KCOV and see how I can hook it into libfuzzer and boot the kernel without spending too...
1
0
4
- Old, but still really interesting article from @Cloudflare about hacking AFL to fuzz linux kernel with coverage gathered from KCOV 2/.
blog.cloudflare.com
For some time Iโve wanted to play with coverage-guided fuzzing. I decided to have a go at the Linux Kernel netlink machinery. It's a good target: it's an obscure part of kernel, and it's relatively...
1
0
1