30 posts

ll

@llfamsec

Red Team & Linux

Katılım Eylül 2023

375 Takip Edilen101 Takipçiler

ll@llfamsec·1d

Verified on a top cloud provider. Rest to share after fixes😃

Azrael@azraelxuemo

NVIDIA’s probably pretty Pwn2Own-friendly. You never have to stress about your bugs getting patched before the contest.🤣We @llfamsec sent them a few vulnerabilities last month. Three separate full-chain container escapes in the NV Container Toolkit — still haven’t been patched.

English

312

ll retweetledi

sam4k@sam4k1·8 May

here's a technical write-up i wrote on one of the kernel bugs we've found :)

bynario@bynar_io

In the first of a three-part series, @sam4k1 does a technical deep dive on CVE-2026-31532: a race condition in the Linux kernel's SocketCAN subsystem discovered, validated, and patched by our pipeline. bynar.io/blog/discovery…

English

10.5K

ll retweetledi

Minions@Minions·8 May

here's looking at you, buddies. See Minions & Monsters, only in theaters July 1.

English

431

2.2K

77.2K

ll@llfamsec·31 Mar

It’s not easy to keep grinding on a side project after work🫠

English

ll retweetledi

Qualys@qualys·13 Mar

Qualys Threat Research Unit (TRU) discovered CrackArmor: 9 AppArmor flaws impacting 12M+ Linux systems since 2017. These enable root access & container breakouts. Patch your kernels now! Details: bit.ly/4s2c3O4 #Linux #Cybersecurity #CrackArmor"

English

7.4K

ll retweetledi

Azrael@azraelxuemo·30 Oca

RCE video demo of cve-2026-24747

English

3.8K

ll retweetledi

V4bel@v4bel·2 Haz

@_qwerty_po and I exploited a VSock 1-day in Google kernelCTF back in *February*, securing $71,337 🥳 (CVE-2025-21756, exp237/exp249) And I’ve just published the write-up: github.com/google/securit… A kernel developer reviewing a patch for a separate VSock bug I submitted accidentally discovered this vulnerability, and we were the first to exploit it. PoC 💻: root on Ubuntu 24.04

English

209

15.7K

ll retweetledi

h0mbre@h0mbre_·30 May

this is so insane. kCTF has a first-come-first-serve policy when it comes to 0day bounties when an instance releases. this team hand crafted a proof of work solver with avx-512 instructions to beat everyone else with an 0day to the flag: anemato.de/blog/kctf-vdf

English

233

14K

ll retweetledi

Slava Moskvin | Path Cybersec@slava_moskvin_·30 May

My network fuzzer net-shredder found a remote NULL pointer dereference in the Linux kernel's SMB server (ksmbd) slavamoskvin.com/zdi-25-310-rem…

English

5.3K

ll retweetledi

Slava Moskvin | Path Cybersec@slava_moskvin_·29 May

Slides and fuzzer code from the Fuzzing Linux kernel modules stream are now live: github.com/sl4v/hfsplus-k… Thanks again to @Steph3nSims for hosting!

Stephen Sims@Steph3nSims

Fantastic demonstration from @slava_moskvin_ for those looking to get into fuzzing the Linux Kernel. Thanks for all of your preparation. You can watch the recorded version here: youtube.com/live/uCcsZrXyL…

English

6.3K

ll@llfamsec·24 May

@XHackerx007 @StandoffBB See you next time!!

English

Abdullah Nawaf (HackerX007)🇯🇴@XHackerx007·24 May

@llfamsec @StandoffBB It was my pleasure to meet you guys !!

English

276

ll@llfamsec·23 May

Really enjoyed in Moscow! Thank @StandoffBB

Standoff Bug Bounty@StandoffBB

Today, Lei Lu and Xin Guo, independent researchers, gave a presentation on several commonly overlooked vulnerable iteration patterns in file system images. Thanks for the talk — waiting for the next time!

English

1.3K

ll@llfamsec·24 May

@amoshkov @StandoffBB @pyn3rd Nice party🍻 See you next time!

English

Alex Moshkov@amoshkov·24 May

@llfamsec @StandoffBB Guys, I was happy to meet you here! Thank you for those great days together) cheers @pyn3rd 😉 and hopefully see you soon!

English

146

ll@llfamsec·24 May

@HusseiN98D @phdays Green drink!

English

208

Hussein Daher@HusseiN98D·24 May

I spoke at @phdays – what a great event! Thanks for having me Moscow, see you next time. I'll publish the slides of my talk next week, stay tuned.

English

4.5K

ll retweetledi

Sean Heelan@seanhn·22 May

I wrote-up how I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation. Link to the blog post below 👇

English

181

911

98.9K

ll retweetledi

Alex Moshkov@amoshkov·22 May

Another part of the #PHDays speaker gang has landed! Welcome to Russia 🇷🇺❤️ @GodfatherOrwa @HusseiN98D @Zigoo0 @BlueEye46572843 @bhavukjain1 @XHackerx007 @llfamsec and Xin! More are joining us in the coming days 😄 Feeling overexcited)

English

127

11.2K

ll@llfamsec·17 May

@azraelxuemo ddw🥹

ll retweetledi

Linux Kernel Security@linkersec·12 May

Linux Kernel Exploitation series Awesome series of articles by @ri5255 that outlines many commonly-used modern exploitation techniques. r1ru.github.io/categories/lin…

English

159

673

33.5K

ll retweetledi

sam4k@sam4k1·7 May

with offensivecon around the corner, i figured id write another post on linux kernel exploitation techniques - this time i cover the world of page table exploitation! enjoy 🤓 sam4k.com/page-table-ker…

English

296

16.7K

ll retweetledi

Sean Heelan@seanhn·30 Nis

Bug 3 github.com/torvalds/linux… Fun fact: I found this one using o3 as a backend when evaluating if it was able to find a previous bug I had found. In ~100 runs it showed up twice. Afterwards I checked if Sonnet 3.7 could find it, and it can, but with 2.5x more false positives.

Sean Heelan@seanhn

Week 2 bug 2 was another remote UAF in ksmbd. This one is post-auth, although guest accounts can hit it. It's a straightforward "You forgot to null the reference" in the kerberos auth path. See commit message for details. github.com/smfrench/smb3-…

English

14.1K

Keşfet

@_qwerty_po @Steph3nSims @XHackerx007 @StandoffBB @amoshkov @pyn3rd @HusseiN98D @phdays