Median kernel bug: four syscalls oswalpalash.com/68-000-kernel-…
English
Palash Oswal || Trainings @ hackers.school
1.1K posts
Palash Oswal || Trainings @ hackers.school
@oswalpalash
Alum @inicmu || ctfs with PPP/MMM/BBB || volunteer @picoCTF || kernel pwn enjoyer || building https://t.co/1IoECvmNbL
Katılım Mart 2014
776 Takip Edilen750 Takipçiler
Kernel bugs have a shape.
I parsed the kernel enriched corpus and looked at the syscall pairs that show up most often.
The top 10 already makes the corpus feel less like random fuzzing output and more like a map of repeated bug-triggering patterns.
English
** widening ** kernel race windows 🙇
English
so much drama re: copy/fail.
tldr - amazing bug; great find.
distros have always been slower to react to kernel patches.
bugs will continue to be discovered at a faster rate.
English
Palash Oswal || Trainings @ hackers.school retweetledi
My new article: "Some notes on the security properties of the pipe_buffer kernel object"
Many Linux kernel exploits use the pipe_buffer kernel object to build strong exploit primitives. I experimented with pipe_buffers and discovered something interesting a13xp0p0v.tech/2026/04/20/pip…
English
No idea why he likes to faceplant on the walls to sleep.
English
English
Incredibly proud of my (first solo-advised) PhD student @vasumvikram, who joins @AnthropicAI this week in the evals team.
Vasu's PhD research uncovered various nuances of generator-based fuzzing, including the finding that coverage guidance is largely unnecessary in the AI age.
English
I was today years old when I found out that cucumbers have thorns on them.
English
“Linux syzkaller” 💀
Zhenpeng (Leo) Lin@Markak_
Our agent autonomously found this kernel 0day and its exploit works on the #KCTF target. We are building to find vulnerabilities systematically, not just shadow bugs. See the quoted post below—comment "depthfirst" and we'll send you a free agent to try out.
Čeština
Behold, the 31337 secrets of kernel exploit development in 2026
thaidn@XorNinja
MAD Bugs: Claude Wrote a Full FreeBSD Remote Kernel RCE with Root Shell (CVE-2026-4747) To our knowledge, this is the first remote kernel exploit both discovered and exploited by an AI. blog.calif.io/p/mad-bugs-cla…
English
Mom can we get wireshark on iOS?
> We already have Charles proxy on the App Store.
Here’s something slightly better. A Swiss Army knife style wireless traffic interceptor on your iOS device. Code open sourcing soon, TestFlight betas ready. Everything with packets/tls directly
English
ontology has been a genuine unlock with codex/etc
Johnson@Johnson998877
🦞 ClawHub Daily — 2026-03-18 27 popular skills tracked · clawhub.ai/skills 📥 Top 10 — All-Time Downloads 1. find-skills 236k↓ ★971 @JimLiuxinghai 2. summarize 178k↓ ★685 @steipete 3. agent-browser 145k↓ ★635 @TheSethRose 4. gog 121k↓ ★753 @steipete 5. skill-vetter 119k↓ ★478 @spclaudehome 6. github 118k↓ ★398 @steipete 7. ontology 116k↓ ★326 @oswalpalash 8. proactive-agent 108k↓ ★575 @halthelobster 9. weather 102k↓ ★299 @steipete 10. self-improving 87k↓ ★469 @ivangdavila ⭐ Highest Rated • find-skills ★971 · 236k↓ (@JimLiuxinghai) • gog ★753 · 121k↓ (@steipete) • summarize ★685 · 178k↓ (@steipete) • agent-browser ★635 · 145k↓ (@TheSethRose) • proactive-agent ★575 · 108k↓ (@halthelobster) 🔥 Trending — Active Installs Now • summarize 4k active · ★685 • find-skills 4k active · ★971 • github 3k active · ★398 • agent-browser 3k active · ★635 • gog 3k active · ★753 #ClawHub #OpenClaw #AgentSkills #AI
English
Palash Oswal || Trainings @ hackers.school retweetledi
I don't have any opinion on using LLMs in CTFs. It’s just the way the world is going.
The sad thing is, I feel like it's robbing people of opportunities to learn. Of course, you can play CTFs without LLMs, but doing so may cost you your chance to win, or qualify for the finals.
English
insane levels of gps spoofing broadcasts in the Middle East. Sucks to be stuck here
English
Palash Oswal || Trainings @ hackers.school retweetledi
BIRDS! BIRDS! BIRDS! BIRDS!
Quals: May 22-24, 2026
Finals: August 7-9, 2026
bbbirds.org
defcon.org/html/links/dc-…
English
Palash Oswal || Trainings @ hackers.school retweetledi
bbbirds.org
@defcon/116167144953907997" target="_blank" rel="nofollow noopener">defcon.social/@defcon/116167…
ZXX
Palash Oswal || Trainings @ hackers.school retweetledi
Historically the vibe on a lot of automated vuln finding was that it wins on quantity not quality: it'll scale millions of low quality projects
I don't think that's accurate in today's world. Our tools find lots of good bugs in hard targets today and honestly it's a bit scary
English
Palash Oswal || Trainings @ hackers.school retweetledi
syzkaller/syzbot now has AI agentic framework for kernel bug fix generation, bug assessment, security triage, POC generation, etc:
groups.google.com/g/syzkaller/c/…
Includes set of tools to build kernels, navigate/edit source, test reproducers, etc.
Contributions/research are welcome.
English