Francesco Mifsud

@HackSysTeam Extreme Vulnerable Driver Python Solutions github.com/GradiusX/HEVD-…

Tap the link and join the game where you can mine crypto via DePIN by scanning networks! Use my code 19e0446d and get 25K Data Chips as a gift: chirptoken.io/kage

@alisaesage Maybe something like the HackSys Extreme Vulnerable Driver but for browsers/virtual environments/iOS/Android/etc would definitely increase the level in exploit dev

I’m thinking about it. “Zero Day Engineering for beginners” training

‼️ Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027) 🔥 #MobileSecurity #AndroidSecurity by @census_labs census-labs.com/news/2021/04/1…

Ransomware is now your biggest online security nightmare. And it's about to get worse ow.ly/KZsg30qUqOF

If you need a fast/light way to instrument and save each instruction (with general purpose & r/e flags) in all levels of execution (User-mode/Kernel-mode/Hypervisor) then use my new customized version of QEMU. github.com/SinaKarvandi/m…

As promised, posting the next lazy write-up, this is how I went from Git to RCE. Bounty: $3500 #bug #bughunter #bugbounty #bounty If you enjoy these and want to see more, I will be posting others soon again.

I'm publishing some 🔥 research today, a major design flaw in Windows that's existed for almost *two decades*. I wrote a blog post on the story of the discovery all the way through to exploitation. googleprojectzero.blogspot.com/2019/08/down-r…

I made a subleq (esoteric one instruction computer) interpreter in ROP for the ropship challenge at @oooverflow's DEFCON CTF Finals, and an assembler that made it reasonable to write programs against github.com/lunixbochs/sub…

#flareon6 Solve the full version of Memecat Battlestation and bypass the first level of this year's flare-on challenge, which is the demo version of this awesome game. flare-on.com/BHUSA2019.zip password "BHUSA2019"

#Windows #ProcessInjection: KnownDlls Cache Poisoning – modexp modexp.wordpress.com/2019/08/12/win…

I'm writing simple chrome v8 exploit tutorial on my github :) Although i'm not very good at Browser exploitation and didn't complete this tutorials, yet, but i hope this one will be helpful for someone. I will make 4 ~ 5 types exploit tutorials ! github.com/vngkv123/aSiag…

SQLite Code Execution using an arbitrary database. research.checkpoint.com/select-code_ex…

We just finished delivering our @defcon workshop about Kerberos delegation attacks. As promised, here's the slide deck for those that couldn't attend: shenaniganslabs.io/2019/08/08/Wor…

Oh, great! #67. @GradiusX we did it! What a great team work. Too bad @msftsecresponse could not include your name in front of mine. Such a great journey!

@fabiopirespt @msftsecresponse Indeed mate. Super disappointed but anyways it was an amazing journey and exceptional teamwork! one for the books. Maybe next year :P

On Wednesday we'll update @Burp_Suite with a scan check for a massively overlooked vulnerability class that @albinowax will unveil at #BHUSA. This issue is very widespread in modern web stacks and often has critical consequences. #http-desync-attacks-smashing-into-the-cell-next-door-15153" target="_blank" rel="nofollow noopener">blackhat.com/us-19/briefing…

Big news! I bypassed Google's search limiting CAPTCHA! No proxies, no delays and it always works! Writing a python library, brb 🔥 Meanwhile, suggest a good name for the library.

Nintendo ROM reversing sounds like FUN! Are you ready for the 6th Annual FLARE-On Challenge? @FireEye @nickharbour fireeye.com/blog/threat-re…

Coming soon to @Burp_Suite ... WebSockets in Burp Repeater

Decided to take @qwertyoruiopz's nday and write a full exploit for it. Here is a exploit for iOS 12.3.1 doing SOP bypass via arbitrary read/write