Eugene Rodionov

1.1K posts

Eugene Rodionov

@vxradius

Security Researcher

Katılım Eylül 2010

1.1K Takip Edilen5.4K Takipçiler

Sabitlenmiş Tweet

Eugene Rodionov@vxradius·4 Haz

A big honor to coauthor with @abc_sup and Gulshan the very first blog from Android Red Team on analysis and exploitation of CVE-2023-20938 in Android Binder driver at androidoffsec.withgoogle.com/posts/attackin… 🔥 The slide-deck presented at @offensive_con is available at androidoffsec.withgoogle.com/posts/attackin…

English

13.9K

Eugene Rodionov retweetledi

Alexander Popov@a13xp0p0v·2 Eyl

My new article: "Kernel-hack-drill and a new approach to exploiting CVE-2024-50264 in the Linux kernel"⚡️ I tell a bug collision story and introduce my pet project kernel-hack-drill, which helped me to exploit the hard bug that received @PwnieAwards 2025 a13xp0p0v.github.io/2025/09/02/ker…

English

260

33.9K

Eugene Rodionov retweetledi

Alexander Popov@a13xp0p0v·15 Ara

Slides for my talk at @h2hconference 2024: Diving into Linux kernel security 🤿 I described how to learn this complex area and knowingly configure the security parameters of your Linux-based system. And I showed my open-source tools for that purpose! a13xp0p0v.github.io/img/Alexander_…

English

261

27.4K

Eugene Rodionov retweetledi

Karsten@gr4yf0x·16 Kas

Custom Linux kernel fuzzing with libFuzzer by @R00tkitSMM r00tkitsmm.github.io/fuzzing/2024/0…

English

105

Eugene Rodionov retweetledi

dmnk.bsky.social@domenuk·15 Kas

Slides for my @ekoparty talk "Advanced Fuzzing With LibAFL" - > docs.google.com/presentation/d…

English

348

40.7K

Eugene Rodionov retweetledi

Alex Rebert@ayper·15 Kas

Excited to share our latest post on memory safety! We're tackling spatial safety in our massive C++ codebase by hardening libc++ *by default*. It adds bounds checks to things like std::vector, preventing a fair bit of out-of-bounds vulnerabilities: security.googleblog.com/2024/11/retrof…

English

249

76.9K

Eugene Rodionov retweetledi

spaceraccoon | Eugene Lim@spaceraccoon·11 Kas

“Break into the world of vulnerability research... and become a zero-day hunter.” I have a new book with @nostarch! Behind the curtain of zero-day research, there are fundamental building blocks you can learn. In early access now and out in Spring 2025! nostarch.com/zero-day

English

135

620

40.9K

Eugene Rodionov retweetledi

Andrey Konovalov@andreyknvl·11 Kas

Getting made fun of because you cover laptop webcam with a sticker? 😭 Here are materials from my talk about controlling ThinkPad X230 webcam LED over USB presented at POC by @POC_Crew 😎 Use these as a comeback 😁 Slides: docs.google.com/presentation/d… Code: github.com/xairy/lights-o…

English

137

397

51.1K

Eugene Rodionov retweetledi

Rodrigo Branco@bsdaemon·2 Kas

A while ago I've given a talk on how to build exceptional security research teams: github.com/rrbranco/Prese… - I continue convinced that is all that is needed. The adage "Great people leave managers, not companies" continues to be true.

English

126

13K

Eugene Rodionov retweetledi

dmnk.bsky.social@domenuk·1 Kas

Project Zero blog: LLMs find 0days now! 👀 And: our fuzzer setup did *not* reproduce it! googleprojectzero.blogspot.com/2024/10/from-n…

English

150

608

62.2K

Eugene Rodionov retweetledi

Andy Nguyen@theflow0·24 Eki

LibRaw RCE vulnerabilities found by @polict_ from our team: - github.com/google/securit… - github.com/google/securit…

English

193

29.7K

Eugene Rodionov retweetledi

Rodrigo@Flipacholas·23 Eki

As promised, here is a new article: PlayStation Vita (Part 1). Enjoy! copetti.org/writings/conso…

English

354

21.3K

Eugene Rodionov retweetledi

Oliver Chang@halbecaf·21 Eki

CVE-2024-9143 (openssl-library.org/news/secadv/20…) was disclosed recently, which was found by OSS-Fuzz-Gen! This is a pretty proud example of our team showing the promise of leveraging LLMs enable more fuzzing coverage.

English

122

46.7K

Eugene Rodionov retweetledi

Klecko@klecko0·21 Eki

I've written a post on SELinux and some public bypasses for Android kernel exploitation. It's especially relevant for Samsung and Huawei devices due to their use of hypervisors. Check it out here: klecko.github.io/posts/selinux-…

English

127

415

37.4K

Eugene Rodionov retweetledi

dmnk.bsky.social@domenuk·2 Eki

Excited to give this talk 🔥🔥🔥

Ekoparty | Hacking everything@ekoparty

English

3.4K

Eugene Rodionov retweetledi

Alex Matrosov@matrosov·1 Eki

IDAlib is the first idiomatic Rust bindings library for @HexRaysSA IDA SDK, helping go beyond C/C++ or Python in RE automation. Huge thanks to @xorpse for making it happen! Binarly team ❤️ Rust 🙌 🛠️use idalib::idb::*; 🦀crates.io/crates/idalib

BINARLY🔬@binarly_io

Our REsearch team is thrilled about the new IDA v9.0! #efiXplorer is fully compatible with v9.0 and still supports IDA v8.4🚀 🔬github.com/binarly-io/efi… We are thrilled to announce IDAlib — idiomatic Rust bindings for the IDA SDK 🎉 Kudos to @xorpse! ⚙️github.com/binarly-io/ida…

English

11.1K

Eugene Rodionov retweetledi

Alex Matrosov@matrosov·27 Eyl

💥PoC is now public! target = "https://{ip_address}/cgi/login.cgi" command = "touch /tmp/BRLY" libc = 0x76283000 # we try to guess gadget1 = 0x000D8874 # pop {r0, r1, r2, r3, fp, pc}; gadget2 = 0x001026D4 # mov r0, sp; blx r3; system = 0x0003C4D4 github.com/binarly-io/Too…

BINARLY🔬@binarly_io

🚨New! "CVE-2024-36435 Deep-Dive: The Year’s Most Critical BMC Security Flaw." 🔥Classic buffer overflow vulnerabilities resurface in BMCs, remotely opening the gates from the castle. 🏆Kudos to @AlexTereshkin for the initial discovery and disclosure! binarly.io/blog/cve-2024-…

English

269

60.4K

Eugene Rodionov retweetledi

dmnk.bsky.social@domenuk·27 Eyl

We have cleaned up the #LibAFL example fuzzers! This makes things easier to find and understand. Thanks to @rmalmain Take a look 👀👀 github.com/AFLplusplus/Li…

English

118

11.2K

Eugene Rodionov retweetledi

Jeff Vander Stoep@jeffvanderstoep·25 Eyl

I’m super excited about this blogpost. The approach is so counterintuitive, and yet the results are so much better than anything else that we’ve tried for memory safety. We finally understand why. security.googleblog.com/2024/09/elimin…

English

276

54.6K

Eugene Rodionov@vxradius·25 Eyl

Exciting story on collaboration between Google Android Offsec and ARM product security on proactively securing Mali GPU attack surface in Android and beyond. Among proactively identified and mitigated issues is CVE-2024-0153 in GPU firmware.

Royal Hansen@royalhansen

We teamed up with @Arm to boost GPU security on #Android! Fuzzing, firmware analysis, and close collaboration led to key vulnerability discoveries and a stronger #Android ecosystem. Read more in our joint blog: security.googleblog.com/2024/09/google…

English

2.6K

Eugene Rodionov@vxradius·21 Eyl

Continuing the series on exploiting Android Binder with Binder internals blog androidoffsec.withgoogle.com/posts/binder-i… Deep dive into Binder driver by @abc_sup and Gulshan. We also release github.com/androidoffsec/… -- tiny lib featuring how to do IPC via Binder driver. Happy Binder hacking!

English

4.9K

Eugene Rodionov@vxradius·4 Haz

English

13.9K

Keşfet

@PwnieAwards @h2hconference @R00tkitSMM @ekoparty @nostarch @POC_Crew @polict_ @HexRaysSA