ϻг_ϻε
@steventseeley
Followers
22K
Following
12K
Media
385
Statuses
6K
Artist disguised as a logician. Pwn2Own Winner. Spiritual Alchemy. Divine Science.
Joined April 2011
This full chain analysis from discovery to exploit has been added to Full Stack Web Attack. The last training for this year is at Romhack between 24th-27th of September at https://t.co/CcyF6FIJL0. Student discount codes available, PM me but I only have a few left.
romhack.io
3
9
52
thanks to everyone who attended my #TheSAS2025 talk "Typographic hit job: when fonts pull the trigger". 🙏 I've written an accompanying blogpost that goes over all the details:
haxx.in
Last year we (PHP HOOLIGANS) competed in Pwn2Own (ireland, 2024) once again. One of our (succesful) entries was against a little pet peeve target of mine, the CANON ImageCLASS printer. In this post...
4
37
124
Best Returner and DB in the state of Michigan. Week in week out they try and kick it away from me but when they do, Touchdown! @alex_pallone @AllenTrieu @MichFBFrenzy @TheDZone @MIexposure @247Sports @PrepRedzoneMI
0
2
6
@FitFounder Being too “nice” at the expense of myself. I paid a huge price by avoiding tough conversations. I betrayed myself by allowing continual mistreatment. It set a bad example for others.
6
9
250
The assumption of deviating from expertise _IS_ the problem here, the responsibility is on all of us to have a more inclusive world. Sorry if that takes some additional time out of your research time. The long term benefits outweigh the short term results.
@RichardDawkins In 2023 I was asked by @NatureAstronomy to suggest alternate reviewers from "underrepresented communities". I politely declined; deviating from expertise as the criterion damages our trustworthiness. The editor responded that "... the Western/white/male worldview is ingrained
1
0
5
Trump economy: Wealth gap wider. Car loan defaults highest in decades. Credit card defaults highest since 2010. Student loan defaults surging. Household debt all-time high. Consumer sentiment lower than in financial crisis. 87% of stocks held by top 1/3. Read Full Article:
10
102
161
Unconventional ideas tend to come from unconventional people
Leonardo da Vinci invented the self supporting bridge between 1485-1487 This is how it works
0
3
17
Heading to @CHCon_nz next week! Come say hi at the @PentesterLab booth 👋 First people with an active PentesterLab sub get a free t-shirt 🎁 First in, first served!
0
3
19
Why am I not surprised 🫠
0
0
37
The story of how I almost pwned the Lexmark Postscript stack for Pwn2Own 2025... And I would have gotten away with it too, if it hadn't been for those meddling firmware updates! https://t.co/yn9SSqfHmO
boredpentester.com
I spent the last few months researching Lexmark’s printer for this year’s Pwn2Own Ireland 2025. Unfortunately, my bug got patched out a week before the competition, so I thought it might be fun to...
2
30
115
These cereal boxes make the cutest grocery haul 🥹 what day do you do your shopping?
15
76
1K
Looks like it’s time to drop some Java RCE soon, you know, the non-attention grabbing kind and gets you a shell from a default config.
4
5
81
We implemented an exploit for RediShell (CVE-2025-49844). While doing so, we discovered that the publicly available PoC incorrectly uses loadstring to trigger the Redis UAF. Kudos to @wiz_io for the interesting findings!
0
69
304
There has always been too much focus on HIStory and not the MYstery. The Holy texts were never meant for rational and literal interpretations.
1
0
2
Hacking the same target at p2o 5 years in a row. This is the first time I never acquired or tested on the physical device. 1 bug. No ROP, no hard coded offsets. Screenshot is very satisfying. HUGE thanks to @boredpentester for helping with firmware.
5
10
120
Serious bugs often occur in third-party components integrated by other software. @ifsecure and I found this vulnerability in the Dolby Unified Decoder. It affects Android, iOS and Windows among other platforms, sometimes 0-click. https://t.co/LchMIdKP0P
8
67
273
@0xMstar OSCP first, but then I’d go for CWEE instead (Gold Annual from HTB). If you want specific appsec - https://t.co/DaEldybakp for code review, and n-day/research @steventseeley ‘s full Stack course (he wrote the OG modern OSWE course material from memory)
0
3
12
CVE-2025-55680 cldflt.sys EoP exploited in TyphoonPWN 2025 A direct bypass of @tiraniddo 's bug from 2020 ( https://t.co/rufFO8D4dj) unpatched for 5 years
1
30
200