ทวีตที่ปักหมุด
Electrovolt Security
43 posts
Electrovolt Security
@ElectrovoltSec
Powering Web Security, Research and Audits ⚡️ partners with @cure53berlin | Hacktron AI Lab https://t.co/DEb1WbyO0r
เข้าร่วม Temmuz 2022
20 กำลังติดตาม1.2K ผู้ติดตาม
Electrovolt Security รีทวีตแล้ว
Whilst most companies launch with buzzwords. @HacktronAI launches with bugs.
Co-founders Zayne, Mohan and Harsh present Hacktron: their first AI-powered pentest.
Hacktron’s tagline is PoC || GTFO, anything else would be noise.
Full intro and pentest report in link below.
English
Electrovolt Security รีทวีตแล้ว
Securing @gumroad with Hacktron AI
Three months ago, Hacktron was still early. @HacktronAI and @rootxharsh were finding 0-days targeting specific vulnerabilities on OSS software.
Then we ran a full pentest-style scan on a big open-source project. The results were insane. 🧵
English
Electrovolt Security รีทวีตแล้ว
DM us if you're looking for pentesting gigs, but only if you’ve got ctf writeups, blogs, or some solid bugs to back it up.
English
Electrovolt Security รีทวีตแล้ว
🧵 Tracking vulnerabilities reported using Hacktron.AI 🧵
1. a few clean SQL injections Hacktron uncovered effortlessly
English
Electrovolt Security รีทวีตแล้ว
I am starting a new company.
We will be exploring LLM capabilities in software security and sharing our work publicly in our blog.
So far, we created a benchmark and found multiple 0 days with the help of LLMs, and will be sharing once they are fixed.
English
Electrovolt Security รีทวีตแล้ว
I've created benchmark to test LLM capabilities.
HackBench tests LLMs' cybersecurity skills using CTF challenges modeled on real-world vulnerabilities. Starting with 16 Security Intern-level tasks, it scales as models improve proving real skill even with test-set contamination
github.com/ElectrovoltSec…
hackbench.ai
English
We are looking for interns to work on AI and security projects. DM us with your profiles.
English
Check our latest blog post.
s1r1us (mohan)@S1r1u5_
Mind the v8 patch gap: Electron's Context Isolation is insecure Electron uses V8 isolates for context isolation, but the v8 patch gap allows bypassing it. Apps rarely update to the latest electron version, leaving context isolation useless. More here: s1r1us.ninja/posts/electron…
English
Electrovolt Security รีทวีตแล้ว
CVE-2024-35242: Multiple command injections via malicious git/hg branch names
That was a fruitful start and a great project! thank you @cure53berlin @ElectrovoltSec ⚡🚀🙏
Packagist@packagist
Composer 2.7.7 is out 🚀 - Please update immediately! - Contains multiple security fixes resulting from a security audit performed by @cure53berlin and funded by #alphaomega at the @linuxfoundation - Details on our blog blog.packagist.com/composer-2-7-7/ #composerphp #phpc
English
Any, Indian CTF players out there looking for a web security gig? DM us with profiles/blog links.
English
CTFers DM us, if you are looking for pentesting gig :)
English
Electrovolt Security รีทวีตแล้ว
Electrovolt Security รีทวีตแล้ว
Live bug hunting at @nullconGoa 2023: Anticipation builds for Airtel-Fractal competition (by me) blog.nullcon.net/2023/09/14/liv…
English
Electrovolt Security รีทวีตแล้ว
Thanks for playing corCTF 2023!
I made writeups for all my challenges!
One challenge had you finding an nginx misconfiguration to create a difficult XS-Leak, and another had you hack a chess engine to let you promote pawns to kings!
check it out ;)
brycec.me/posts/corctf_2…
English
We are thrilled to announce that Electrovolt is joining forces with the Cure53 to provide a variety of application security services.
Learn More at volt.cure53.de
English