Sn0rkY

Slides of our talk “Turning your BMC into a revolving door” are online airbus-seclab.github.io/ilo/ZERONIGHTS… #Zeronights cc: Alex.G @0xf4b @ZeroNights @AirbusSecLab @Synacktiv

Do you watch Netflix in your free time? Try hackflix for security conference talks h4ckfl1x.com #cybersecurity #bugbounty

🚀 WE ARE OFFICIALLY BACK for our third edition! 📅 Dates: 14 to 15 September 2026 📍 Venue: Grand Copthorne Waterfront Hotel Singapore 👉🏻 Submit your CFP here: cfp.offbyone.sg/2026/cfp More to come! More details: linkedin.com/posts/off-by-o… #OB12026 #OffensiveSecurity #Singapore

@SudoR00tMe @offensive_con Hope you will quickly recover man! Take care of you!

Got into a minor accident with 18 stitches in Berlin. But thanks to good host @offensive_con and good friends, I feel better 👍

🔐 Releasing LUKSbox: encrypted vaults that survive the next decade. Drop sensitive files on any cloud or USB. The provider gets one random-looking blob they can't read, even under subpoena. ✅ FIDO2 (YubiKey, Titan, Nitrokey, Windows Hello) ✅ TPM 2.0 keyslots ✅ Post-quantum hybrid (ML-KEM-768/1024 - FIPS 203) ✅ Detached header → zero metadata on the container ✅ Linux / macOS / Windows ✅ Rust, Apache-2.0, 30M+ fuzz iterations v0.1.0 is out! 👉 github.com/PentHertz/LUKS… #infosec #encryption #postquantum #FIDO2 #rust #opensource #cryptography #penthertz

May the fourth be with you

@Enno_Insinuator @pinkflawd @DrAzureAD @Earl553 @WEareTROOPERS @ChadBrigance @theevilbit Ready on my side 😁

@pinkflawd @DrAzureAD @Earl553 @WEareTROOPERS @ChadBrigance @_Sn0rkY @theevilbit Catching up after a little training break. Luckily still 60 days to the legend @WEareTROOPERS #TROOPERS26 10K run 🏃‍♀️🏃‍♂️

139 days until the @WEareTROOPERS #TROOPERS26 #10K 🏃🏃🏻‍♀️🏃🏾‍♂️= 139 days to get back into shape 😀. #startingtoday cc @pinkflawd @ChadBrigance @_Sn0rkY @theevilbit @onkelenzo @Schtrudel @Earl553

@bbonfils 😂 j’ai passé trop de temps à ramasser l’épice sur Dune 2000 via un écran il fallait que je teste en vrai

@_Sn0rkY Je suis aussi fan de Dune de F. Herbert mais la tu vas trop loin 😂

45 years old today so tomorrow let’s go for 40th Marathon Des Sables, 270km in the desert ! Will be AFK for a week 😁

@ch0ks @BSidesSF Please share your slides after the conference 🤓

Speaking at @BSidesSF 2026 Sunday 4:10pm PDT AMC Theatre 10! From Noise to Notes: Orchestrating SAST with Developers through AI-Driven Remediation Lessons from rolling out SAST: cut noise, rebuild trust, measure adoption, use AI (Vibe Security Patching) to remediate findings.

@matthias_kaiser All the best man 🤘

This week is my last week at my current employer. The last few months were quite intense, so after 18 months, I finally made the decision to start working as an independent vulnerability researcher. I wish the company all the best and speedy recovery. 1/2

I infected my iPhone with the ‘Coruna’ spyware. Here’s what I found. youtu.be/XQvZ2mLnZVI

@theevilbit Excellent 🤩 good luck and keep us posted on your progress

After long time planning, last week I have started my UIMLA International Mountain Leader training, which will take minimum of 2 years. I will be around IT for long time, but I eventually plan to take people to the mountains as well. IFMGA/UIAGM (guides) and UIMLA (leaders) are the only two globally recognized, international certifications for mountain professionals. IFMGA covers technical, glacial, and high-altitude mountaineering, whereas UIMLA focuses on trekking, hiking, and snowshoeing in non-technical terrain.

@ITSecurityguard @domchell Excellent write up 🤓 thanks for sharing this

I finally let Claude do my pentest this week. Full 5-day engagement, zero human input. Here's what the client got: 😏 clawd.it/posts/10-repla… #bugbounty #pentesting #AI #cybersecurity #infosec #claudeai

@matrosov All the best with your next gig Alex !

To the Binarly Board, Team, Investors, Partners, and Community: When I started Binarly, we weren’t trying to build another “security” company. We built Binarly to solve a problem that the industry kept ignoring: You can’t secure what you can’t see, and in the software supply chain, too much is invisible. Over the last five years, we built something real. We advanced the state of the art in program analysis, accelerated real-world AI adoption, and raised the bar for vulnerability research. We brought supply-chain security out of theory and into production. We shipped the most advanced product in the market, and we launched open-source projects that have helped raise the bar for the entire industry. Most importantly, we built a team that refuses to accept limits, people who keep going after the hard problems because they matter. That day is now. Not because my passion is gone; far from it. But because it’s time for me to pursue new ventures and contribute in new ways. I’m incredibly proud of what we’ve built, and I’m confident in what comes next. Binarly is entering its next phase, and it deserves leadership that wakes up every morning thinking about the mission: scaling this platform, always improving customer service, and winning the market. To our team: You are the reason Binarly exists and succeeds. To our investors: Thank you for your conviction, your patience, and your partnership, especially when the work was hard and the outcome isn’t guaranteed. To our customers and partners: Thank you for trusting us with mission-critical risk, for pushing us to be better, and for placing your trust in Binarly when the stakes were highest. As a continuing Board member, I will remain deeply connected to Binarly and its mission, and I’ll be cheering for this team every step of the way. With gratitude for the journey, and full confidence in the road ahead.

Lands of Packets TTL exceeded. I would like to collect texts from the scene about FX in his memory. A collection of obituaries that will then be posted on phenoelit.de. If anyone would like to contribute, please contact me. Mail: joernchen@phenoelit.de Signal: jrn.07

An interesting wrap-up presentation from the security researcher who found the COROS watch security vulnerabilities last year. Worth a watch if you're into geekery: youtube.com/watch?v=WmY9XB…

RIP @41414141 🕯️ youtube.com/watch?v=IZYQIL…

RIP my dear friend and thanks so much and you know why …

Is ESLogger or Mac Monitor your friend for dynamic malware analysis on macOS? Then i've got something that might come to use! An browser based ES/Mac Monitor log analyzer with a lot of neat features like story timelines, Sigma rule matching, an in-depth process tree analyzer and much more and the neat thing is, nothing is uploaded to any backend! I'm looking for feedback! Take a look at es.decompiler.dev #macos #malware #reverseengineering #re #ThreatHunting #dfir