ZheFox

123 posts

ZheFox

@cyberestro

Solar System Katılım Ekim 2021

221 Takip Edilen712 Takipçiler

Sabitlenmiş Tweet

ZheFox@cyberestro·5 Şub

Documenting the first time entering black hat.

English

2.3K

ZheFox@cyberestro·8 Nis

Traditional cybersecurity was about paying humans. Modern cybersecurity is about paying AI.🙃

English

ZheFox@cyberestro·20 Mar

@Lakr233 MIFARE Classic 1K/4K 似乎识别不出来

中文

310

砍砍.ᐟ@Lakr233·19 Mar

开源一个 NFC 的轮子，替换了我手上多年的老古董。来玩！

中文

441

103.4K

ZheFox@cyberestro·10 Şub

@dom_scholz

QME

Dominik Scholz@dom_scholz·9 Şub

visualizing OpenClaw 🦞🎶

Dominik Scholz@dom_scholz

The natural UI for skills? A skill tree 🌳

English

331

594

6.9K

789.7K

ZheFox@cyberestro·9 Şub

@yetone 啥时候可以修改系统提示词，我好像没找到地方修改系统提示词

中文

yetone@yetone·8 Şub

最新版已经有这个功能了！

Wey Gu 古思为@wey_gu

confirmo 能不能配置手机、或者其他消息推送哈？@yetone

中文

16.4K

ZheFox@cyberestro·4 Şub

主人，我在OpenClaw跑起来了，我是你的小龙虾。🦞 #OpenClaw #Moltbook #Moltbot

中文

739

ZheFox retweetledi

Zeroverse@Zeroverse_ai·4 Şub

Our AI Agent has conducted an in-depth analysis of the recently impactful OpenClaw 1-Click vulnerability🐞. Come check out our blog to learn more! zeroverse-ai.github.io/posts/openclaw…

English

1.4K

ZheFox retweetledi

Zeroverse@Zeroverse_ai·21 Oca

Our AI Agent quickly analyzed the GNU #InetUtils #telnetd USER environment variable injection vulnerability (CVE-2026-24061)🧐, which could lead to remote authentication bypass

English

1.9K

ZheFox retweetledi

Zeroverse@Zeroverse_ai·14 Oca

Our team is researching a novel vulnerability analysis AI Agent🥳. This is (part of) its report on the 🚨CVE-2025-68493 Apache #Struts2 vulnerability🧐

English

1.4K

ZheFox@cyberestro·25 Ara

@yetone windows,windows,windows,重要的事情说三遍

中文

558

yetone@yetone·25 Ara

我今天给大家测一下这个 workflow

BadUncle@BadUncleX

群友说反重力antigravity的opus4.5很耐用，约等于claude code 50刀的额度。既然Opus 4.5量大，既然alma ( alma[dot]now via @yetone ) 可以把服务代理拦截出来，那可以测试一下alma导出的反代拿到cc里用。适合cc被封的兄弟。这事很久以前我用github copilot的sonnet测试过，可惜当时ithub的量并不足。（我未测试，不包熟）

中文

150

39.7K

ZheFox@cyberestro·24 Ara

@tjbecker Thank you for your answer. It's crazy. congratulations!

English

Tim Becker@tjbecker·24 Ara

@cyberestro Our entry was for redis authenticated RCE Here is the redis setup from the competition github.com/wiz-sec-public…

English

Tim Becker@tjbecker·11 Ara

We just debuted Xint Code, our new code analysis tool building on work from on our AIxCC submission in August. With zero human intervention, it found critical 0day RCE bugs in Redis, PostgreSQL, and MariaDB – sweeping the database category and beating out every human team.

Wiz@wiz_io

Final day at zeroday.cloud was W1LD.🧑‍💻 Today’s successful exploits >> RCEs in Redis (x2), PostgreSQL, and MariaDB - all demonstrated live on stage. Congrats to XINT Code for being the zeroday.cloud CHAMPIONS!

English

25.7K

ZheFox@cyberestro·15 Ara

@yetone waiting

English

yetone@yetone·13 Ara

12 月份突发高亮

日本語

11.5K

ZheFox@cyberestro·5 Ara

good work

maple3142@maple3142

A POC for CVE-2025-55182 gist.github.com/maple3142/48bc…

English

341

ZheFox@cyberestro·4 Kas

vibe coding wrote a little toy that might help understand the inference output of large models. github.com/zhefox/logprob…

English

177

ZheFox@cyberestro·7 Ağu

@danis_jiang ppt sir, Can't wait,lol

English

741

Danis Jiang@danis_jiang·7 Ağu

Had another VMware VM escape talk at BlackHat today. Hope you found it interesting😉. I’ll let you know when the slides are available. #BHUSA #BlackHatEvent #VMware

English

359

21.8K

ZheFox@cyberestro·18 Tem

@vv474172261 @msftsecresponse @guhe120 @XiaoWei___ Good news: Guhe left the list, bad news: wkai took over the first place. lol

English

195

VictorV@vv474172261·18 Tem

Good news, score updated higher😄 Honoured to be #2😆, Huge thx to @msftsecresponse for the support & to @guhe120 and @XiaoWei___ for their guidance and sharing & to friends' help🤗 Congrats to everyone on the board! 🎉

Microsoft Security Response Center@msftsecresponse

Our previously published Most Valuable Researchers (MVR) leaderboard contained inaccuracies due to technical issues on our end. We apologize for the error and have since resolved the issue. We’re now sharing a fully refreshed and accurate leaderboard. The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers by discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. We are excited to recognize this year’s Most Valuable Researchers (MVRs), based on the total number of points earned for each valid report. Please join us in celebrating this year’s MVRs, including our top 10: 1. 🥇wkai 2. 🥈VictorV (@vv474172261) 3. 🥉Suresh Chelladurai 4. Anonymous 5. Brad Schlintz (@nmdhkr ) 6. @0x140ce 7. Anonymous 8. Dhiral Patel (@dhiralpatel94) 9. Nan Wang (@eternalsakura13) and Ziling Chen 10. Adnan (@adnanthekhan) See the full list of this year’s MVRs, in addition to our Azure, Office, Windows, and Dynamics 365 leaderboards: msft.it/6019sBjyU #bugbounty

English

6.8K

ZheFox@cyberestro·16 Tem

@vv474172261 @msftsecresponse @guhe120 @XiaoWei___ Congrats!

English

162

VictorV@vv474172261·16 Tem

Honored to hit #1 😁 Huge thx to @msftsecresponse for the support & to my friends for the lifts 🚀 Thanks to @guhe120 and @XiaoWei___ for their guidance and sharing🤗 Congrats to everyone on the board! 🎉

Microsoft Security Response Center@msftsecresponse

The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers by discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s 100 Most Valuable Researchers (MVRs), based on the total number of points earned for each valid report. Please join us in celebrating this year’s MVRs, including our top 10: 1. 🥇 VictorV (@vv474172261) 2. 🥈 wkai 3. 🥉 Suresh Chelladurai 4. Anonymous 5. Adnan (@adnanthekhan) 6. Dhiral Patel (@dhiralpatel94) 7. Nan Wang (@eternalsakura13) and Ziling Chen 8. Anonymous 9. @0x140ce 10. Azure Yang (@4zure9) See the full list of this year’s 100 MVRs, in addition to our Azure, Office, Windows, and Dynamics 365 leaderboards: msft.it/6011s6KxU #bugbounty

English

5.6K

ZheFox@cyberestro·11 Haz

@mortiest_ricky 已经上线了吗，好家伙，刚体验了一下，这套渲染做的有点意思，很丝滑

中文

129

Transistor@mortiest_ricky·10 Haz

如果你的产品从上线就开始收费，你会收获一堆付费用户有以及每天源源不断的收款通知；但如果你想做做慈善免费推广，那可就不妙辣，你就会遇到图中这种傻逼，不仅要白嫖逆向你的接口，还要骑你脸上拉屎。

中文

3.2K

ZheFox@cyberestro·29 May

@seanhn I attempted to reproduce this on kernel version 5.19. It appears the trigger point is somewhat different, and the underlying cause also differs from what the AI described. lol

English

Sean Heelan@seanhn·22 May

I wrote-up how I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation. Link to the blog post below 👇

English

181

911

98.8K

ZheFox@cyberestro·24 May

@Steph3nSims @AdmVonSchneider Thx!

139

Stephen Sims@Steph3nSims·24 May

Thanks to @AdmVonSchneider and @cyberestro and possibly others for continuing to maintain BinDiff support for IDA Pro! The amount of work that is often taken for granted is appreciated. github.com/google/bindiff github.com/google/bindiff…

English

2.1K

Keşfet

@Lakr233 @dom_scholz @yetone @tjbecker @elonmusk @BarackObama @taylorswift13 @cristiano