IRIS C2

1.2K posts

IRIS C2

@C2IRIS

The world's most advanced offensive cyber platform

McLean, VA Katılım Ocak 2025

217 Takip Edilen3.2K Takipçiler

IRIS C2@C2IRIS·2m

Some old books of mine about “agents” that came out long before the modern era of AI

English

IRIS C2@C2IRIS·3h

You could start with an EE degree at Carnegie Mellon or CalTech, ideally with a focus on microwave comms or optical computing. Spend 2 or 3 formative years commuting to a SCIF in Annapolis Junction—gaining the kind of institutional knowledge that no certification can confer. Then take your TS/SCI w/ full scope poly to a respected boutique in Tysons or Reston with a sharp niche offering — whether it's baseband exploitation, ICS implants or supply chain compromise. Bill out at $400/hr on a sole-source contract, then win a few quiet OTA awards, and watch your equity vest as the company gets acquired by a mid-tier prime for nine figures. Settle into a modest six-bedroom colonial on three wooded acres in Great Falls that’s so ensconced in trees that it defies commercial satellite coverage. Marry a quietly brilliant woman who works cyber policy for HPSCI. Join River Bend Country Club. Send the kids to Potomac School. Drive a sensible Range Rover. Cultivate a life so deliberately oblique that the only people who understand what you actually do are the handful of others doing it. But you will not.

crybaby 🖤@normietrashbmbo

You could start with an undergraduate degree at an Ivy League school, ideally Yale or Princeton. Spend two formative years at Goldman Sachs in IB or ECM, learning the rhythms of the Street. Then earn your MBA at Harvard Business School or Stanford GSB, where the real networks solidify. From there, make the calculated jump to a respected boutique bank with a sharp niche offering — whether it’s distressed credit, SPACs, tech M&A, or complex structured products. Execute flawlessly, close the right deals, and secure a $25M+ penthouse with sweeping Central Park and Manhattan skyline views that most people only see in magazines. Become a member of both the Yale Club and the Metropolitan Club, where old-world discretion still matters. Cultivate taste that is quietly superior to anything you’ll find at a Soho House rooftop. But you will not.

English

897

IRIS C2@C2IRIS·3h

@skglas_en I don’t find vulnerability research for its own sake to be all that intellectually interesting in its own right. I like to build effective electronic warfare systems and I see VR as one piece of that overall puzzle.

English

Sebastian@skglas_en·4h

@C2IRIS It should not be phenomenologically called "vulnerability research", rather "research on limitations in people and organizations and basic technology" that leads to lack of quality, which is lack of security as just one example.

English

IRIS C2@C2IRIS·21h

One thing I’ve always found interesting about vulnerability research, is how it seems to almost always be very age-bounded. You will meet the occasional 15 year old all-star. But usually it takes several years of serious experience to reach Jedi levels. But you almost never meet a 50 year old who still churning out bugs day to day. People “age out” for a lot of difference reasons.

English

29.1K

IRIS C2@C2IRIS·3h

@0day_ninja Probably not

English

176

𝕡𝕨𝕟.𝕋∅𝕔𝕙!@0day_ninja·20h

@C2IRIS Will i age out before reaching Jedi levels? I'm beginning to have a phobia for that possibility

English

1.3K

IRIS C2@C2IRIS·3h

@LeighGi66657535 In my head, it feels like a spacial reasoning problem. Once I get to whatever the attack surface is laid out in my head spatially, progress comes quickly. Lately it’s been media decoders. Many others tell me the same thing

English

238

LeighTrinity@LeighGi66657535·18h

@C2IRIS it took me two years of intense research before i found anything of value. being an assembly programmer helped but it’s a steep learning curve😊❤️

English

1.5K

IRIS C2@C2IRIS·3h

@0xcharlie Coming for all of us eventually

English

Charlie Miller@0xcharlie·18h

Me in Ida Pro once I hit 50.

GIF

IRIS C2@C2IRIS

English

8.1K

IRIS C2@C2IRIS·3h

@lachunas My gf has no idea what I do for a living. “Something with the computer”

English

300

Lachunas Berme 📷@lachunas·14h

People age out of hacking in general. Jedi level skill requires an enormous commitment in time and energy hat conflicts with having a healthy, well-rounded lifestyle. Besides, what's the point? The only people that care about elite level skills are other people with elite level skills. I've never met a woman that was impressed with the intricacies and exploits of my days as a redteamer.

English

1.1K

IRIS C2@C2IRIS·3h

@P0ystick Great work so far! The requirement for constant learning never goes away

English

151

Tarcísio Luchesi@P0ystick·9h

@C2IRIS Acredito muito nisso, eu não me titulo hacker por que não tenho no mínimo 10 anos, tenho 8 meses de experiência em bugbounty e 10+ CVEs, mas hacker tem sempre o que aprender

Português

304

IRIS C2@C2IRIS·1d

Who can relate?

Biscuit@OreoB1scuit

English

IRIS C2@C2IRIS·1d

@67_throwaway @SGgrc Coding snake was part of my introduction to AArch64 assembly. Although you have to be careful, because Apple SIP triggers when running perfectly innocent assembly for some reason, and shuts down the whole machine.

English

throwaway_account_67@67_throwaway·1d

@C2IRIS @SGgrc Coding in assembly also allows you to treat all kinds of retro games as an entire sandbox where so much is possible. I think it's a shame more don't learn it, there are many good reasons to.

English

IRIS C2@C2IRIS·2d

Fun fact: Most people like @SGgrc who actually code primarily in assembly end up with so many macros that it basically becomes a version of C anyway

shaurya@shauseth

met a guy who codes in assembly today

English

2.4K

IRIS C2@C2IRIS·2d

This is so true. DaVinci Resolve and Binary Ninja come to mind.

shaurya@shauseth

most delightful software ive used was entirely c++

English

3.1K

IRIS C2@C2IRIS·2d

Patriot.

vaxry@vaxryy

supply chain attacks? yeah no, I use C++. We don't even have a package manager.

Latviešu

3.1K

IRIS C2@C2IRIS·2d

If an LLM hands in a stack of 300 unreachable or highly mitigated-against bugs in a system like a browser, and then the developers use LLM generated code to fix those 300 bugs, what are the odds that in the process, they will introduce more bugs that actually are reachable?

English

2.3K

IRIS C2@C2IRIS·2d

@LunchM0n3ey9090 Just my subjective experience. You’re welcome to disagree.

English

Aug@LunchM0n3ey9090·2d

@C2IRIS There is literally no way to support this claim lol

English

IRIS C2@C2IRIS·3d

GPT 5.5 Cyber is definitely better than Mythos And it doesn't come with all the doomer, virtue-signaling histrionics from Anthropic

English

1.4K

IRIS C2@C2IRIS·2d

@JesusGodAndKing @gamaral23 Neither are bad models at all. The main advantage of 5.5 is that it seems to generate far fewer false positives when it comes to the existence and reachability of bugs.

English

JesusIsGodAndKing@JesusGodAndKing·2d

@gamaral23 @C2IRIS actully he is right the benchmarks do agree with him too

English

IRIS C2@C2IRIS·3d

Normal people still can’t implement AI against basic use-cases in a way that can be counted on to be reliable. That’s a major problem.

English

885

IRIS C2@C2IRIS·3d

Making your corporate network edge look like boring residential routers would probably be a far better security posture than employing millions of dollars worth of enterprise firewall hardware.

English

1.5K

Keşfet

@skglas_en @0day_ninja @LeighGi66657535 @0xcharlie @lachunas @P0ystick @67_throwaway @SGgrc