Sign in with Twitter

Username:

Security Researcher | @RPISEC Alumnus | Hacker-In-Residence @NYUTandon

577 Following   4,607 Followers   2,665 Tweets

Joined Twitter 11/25/15


@Calaquendi44 Day 2 @_kernelcon_ Keynote It's 2020. Do you know the backdoors into your hardware? #Kernelcon https://t.co/oSyfdjL5fL
Retweeted by Alexei BulazelBSides Knoxville COVID-19 announcement TL;DR - we're not postponing or cancelling, we're going virtual - we're ref… https://t.co/rpu3wLLeMX
Retweeted by Alexei Bulazel
3/28
2020
That’s to bad... still, I will give my deobfuscation training virtually than https://t.co/TyH2h1g66c
Retweeted by Alexei BulazelHow does strace and ltrace work internally? https://t.co/MFgCAPPe5u https://t.co/27VUrw4Aky
Retweeted by Alexei BulazelAre you an undergrad or grad student in interested in Cyber Security? @ISSAINTL will give you scholarship money tow… https://t.co/3W5C2Cvs9j
Retweeted by Alexei BulazelRemembering a simpler time. @SummerC0n https://t.co/uRlBbssCiv
Retweeted by Alexei BulazelNext video in the vulnerable web app series is out! We built it, now we exploit it! https://t.co/YSMGKHAhia
Retweeted by Alexei BulazelIntel: NOOO YOU CAN'T JUST DECOMPILE OUR SECRET BINARY THAT WE LEFT ALL THE SYMBOLS IN Me: Hahahahahaha Ghidra go v… https://t.co/NiUOU74L96
Retweeted by Alexei Bulazel
3/27
2020
Xrefs are powerful https://t.co/LQO9dXVAdA
Retweeted by Alexei BulazelNew Dates Update: Post-Apocalypse #INFILTRATE20 Training+Conference will take place from October 11th to 16th at th… https://t.co/TJ1j8lM475
Retweeted by Alexei BulazelIf you're interesting in social media bot analysis (or how influence ops work) this presentation is useful: https://t.co/JPeXvn1wFR
Retweeted by Alexei Bulazel
3/26
2020
I have just published the slides for my talk "Half-automatic Compilable Source Code Recovery" for @OPCDE. You can d… https://t.co/4tChV8VyEl
Retweeted by Alexei BulazelUnfortunately due to COVID-19 pandemic, it will not be possible to hold Recon in person in Montreal this year(It co… https://t.co/LDcOiVEYCa
Retweeted by Alexei Bulazel
3/25
2020
I've published the 3rd article in the Applied Reverse Engineering series covering the low-level details of exceptio… https://t.co/IiOCBu5JW5
Retweeted by Alexei Bulazel @silascutler There’s The Untitled RE Podcast Not RE but security - Security Conversations (latest ep with… https://t.co/XvrMJCtKZCReminder: Day 2 of #CrisisCon is about to start soon! Registration is still open: https://t.co/2ap7NAfXrb
Retweeted by Alexei BulazelLooking forward to speaking at CrisisCON today, on the fragmented #CTI debates, in "Intelligence communities in col… https://t.co/p6zP89RYSs
Retweeted by Alexei BulazelGot a binary with a header that lies about the real architecture of the binary? (and you don’t want to have to patc… https://t.co/a6Cx76tU8D
Retweeted by Alexei Bulazel
3/24
2020
In the "HOLY CRAP IT WORKED" department - #CrisisCon Day One was awesome! Thank you to everyone who presented, show… https://t.co/pVDj5Yi3w9
Retweeted by Alexei BulazelNear final cover for my upcoming book "Effective C: An Introduction to Professional C Programming" with @nostarchhttps://t.co/y25PlPhjBu
Retweeted by Alexei BulazelGhidra is such a fantastic project. It works, it is easy to build, it is well documented, it is easy to hack on. Al… https://t.co/KSfEbyIAZ8
Retweeted by Alexei Bulazelhttps://t.co/hueABuX6nu One Team One Parking Lot!
Retweeted by Alexei Bulazel
3/23
2020
H2HC 17th Edition Call for Papers Officially Open (Conference in the end of October)! We cover speaker's travel to… https://t.co/8vqG9EBIUx
Retweeted by Alexei BulazelGoogle has released a free 3-hour technical writing course for engineers. If you are in security you should take… https://t.co/bRgnJIlx26
Retweeted by Alexei BulazelDevil is Virtual: Rveversing Virtual Inheritance in C++ Binaries https://t.co/LveKC0pFO3 < Haven't read this yet, b… https://t.co/fL3bab3rYU
Retweeted by Alexei BulazelDAY FIVE #CrisisCon SCHEDULE AND REGISTRATION IS UP - 27 March, 1400-1600 UTC https://t.co/EoB16hwxYe
Retweeted by Alexei Bulazel @LockheedMartini @BuchananBen Btw @BuchananBen is doing a @BelferCyber talk in two weeks, check it out… https://t.co/YLgY3hcR9w @LockheedMartini @BuchananBen What about cybersecurity researchers who dig through layers of source code? 🙃
3/22
2020
Evidently @BlackHatEvents EU 2019 videos are now online. Good watching while locked down at home. 🎩💻📺👉https://t.co/XdLuJMF7M0
3/21
2020
#CririsCon Day 4 - 26 March 2200-0000 - schedule and registration link now available! https://t.co/EoB16hwxYe
Retweeted by Alexei BulazelI wrote a quick blog post that summarizes an old Twitter thread about the "minimum bar" mitigations should have to… https://t.co/o7WGmay4NJ
Retweeted by Alexei BulazelPart 2 of the CVE-2019-1169 research is now live, with full details of the vulnerability and how to exploit it, at… https://t.co/CrY6VLvxXs
Retweeted by Alexei BulazelSince y'all are sitting at home and bored anyway, the @BlackHatEvents US Call for Papers is still going *wink* *win… https://t.co/DJmGafxplg
Retweeted by Alexei Bulazel
3/20
2020
contemporary processor design https://t.co/vu14bZWkut
Retweeted by Alexei Bulazel"Marketing is a haiku." <-- not sure how this ended up being the most memorable quote from an upcoming podcast wi… https://t.co/jb52SvHNLD
Retweeted by Alexei Bulazel
3/19
2020
Hi all! I realize it's a bit late in the game, but I'm still looking for an internship for this summer. If you know… https://t.co/58DnBD3SZp
Retweeted by Alexei BulazelAttention hackers! OOO has made the difficult decision to postpone @DEFCON 28 #CTF Quals to give teams a chance to… https://t.co/HUWrrpFvtu
Retweeted by Alexei BulazelPlease to see this event come together so quickly. Speaking on day 2 of #CrisisCON, on divergence of newly emerging… https://t.co/4IpnNEehoM
Retweeted by Alexei BulazelWhile taking @itszn13’s Web Browser Exploitation training at @rpi, I drank a lot of EXCELLENT Troy, NY local coffee… https://t.co/q8LN7xCxARJust pushed a blog post on a LPE exploit in VMware Fusion that allows an unprivileged user to run commands as root… https://t.co/SWbf0EnvcC
Retweeted by Alexei Bulazel @FilippoBiga Congratulations!
3/18
2020
DAY ONE OF #CrisisCon IS SET! Schedule posted to https://t.co/CvZyalI89P Discussion starts at 2000 UTC, 23 March… https://t.co/wgEXUyUSLY
Retweeted by Alexei BulazelWrote a blog post on setting up a environment to analyze CVE-2019-1169, an arbitrary kernel info leak in Windows 7,… https://t.co/FGJqYghlkb
Retweeted by Alexei Bulazel#PwnFromHome https://t.co/FJhfC3qosgThreat Brief: Microsoft SMBv3 Wormable Vulnerability CVE-2020-079 https://t.co/lBQlAwFz4G
Retweeted by Alexei Bulazel
3/17
2020
@Delta I just canceled a flight I had booked with you and was charged a $242.79 cancelation fee. When I tried to fi… https://t.co/eGv9YQkdCFIf you're reading through this training material over the next couple of weeks feel free to @ me with questions and… https://t.co/zO5RlIKqJm
Retweeted by Alexei BulazelSo I wanted to announce something I've been working on for a little while: https://t.co/CjLgoky18r
Retweeted by Alexei BulazelWhile you’re locked in at home, here’s a cool long form read about digital ad fraud. Also follow @ian_roos https://t.co/KWGHjAqxCUI hope this is not the last tip :) https://t.co/sZp7oCsCYm
Retweeted by Alexei BulazelDiscover how to use the #BinaryNinja signature system when analyzing statically-linked binaries without symbols ava… https://t.co/Bg3Y6Tr0Aw
Retweeted by Alexei Bulazel @_ringzer0 @Calaquendi44 - you missed the second 4 in the post @junorouse Yep, or Black Hat video and slides https://t.co/v0otkiL0vw // https://t.co/dj3fLso2Oa @junorouse Ahhh, very cool, I get it now. Kind of similar idea to the “AVLeak” work I published a few years ago @gf_256 I made students in my @reconmtl training this past summer use the stack window to calculate BOF offsets. Su… https://t.co/IWstnJa5OaWorking with IDA’s HexRay’s compiler is a skill unto itself that goes much deeper than just hitting F5. Great thr… https://t.co/7yWkfro8sFIDA pro tip: For custom calling convention, many people know __usercall (args / retval). But did you know __spoils… https://t.co/eXxErOeYbt
Retweeted by Alexei Bulazel
3/16
2020
@junorouse @t0nk42 Thanks for the shoutout to my work. But I don't really understand the challenge or solution after reading the writeup...?So cool to see CTFs making challenges around antivirus emulators https://t.co/qwvQMQdlXfwhen do we start trading 0day full chains for toilet paper
Retweeted by Alexei BulazelQuarantined at home and want to learn C++ vulnerability research? 🤧🤒😷🦠 Check out Chris Rohlf’s @chrisrohlf excelle… https://t.co/RCpiRSxuLNIf you want a text supplemental to MBE for more clarification, @mdowd and Alex Sotirov’s paper from BH 2008 provide… https://t.co/qwgC93Kjwy
Retweeted by Alexei BulazelSee you all in October https://t.co/5moMp9o3Gh
Retweeted by Alexei Bulazel @gamozolabs I’ve wanted this so badly for years. For the kernel, I’ve used lk-reducer to get rid of a lot of files,… https://t.co/TtqWk4DHnt
Retweeted by Alexei Bulazel5G Protocol Vulnerabilities and Exploits, by @Rgoestotheshows https://t.co/7pB1GaZWba
Retweeted by Alexei Bulazel @gabe_k I’d like to add you to my professional network.
3/15
2020
. @BSidesSF talk on scripting Ghidra for malware analysis from @byron_roosa, check it out https://t.co/8JaEiKV7zXStuck inside? Learn to pwn, from gets() on the stack to Linux kernel ROPs with @RPISEC's world famous Modern Binary… https://t.co/fNklRcq6GmAll the Shmoocon 2020 talks https://t.co/t4vPhVGViP https://t.co/ZRAATDw9XA
Retweeted by Alexei BulazelThe Sixth IEEE Language-theoretic Security workshop (LangSec2020, May 21) will go virtual, following the decision o… https://t.co/I381TokocD
Retweeted by Alexei BulazelI wrote a short blog post to explain some of the fundamentals behind Isolation Alloc https://t.co/QHSN1P4cFi https://t.co/ihhcbK7Pr2
Retweeted by Alexei BulazelPublished the writeup of our Pwn2Own sqlite exploit here. https://t.co/NUNANhmtIi It is almost as simple as… https://t.co/dA06e6cJqZ
Retweeted by Alexei Bulazel
3/14
2020
Hi everyone, here's a little update on REcon Conference 2020 regarding covid-19. We are't planning any cancellation… https://t.co/NPSahzaxPe
Retweeted by Alexei BulazelI wrote up what I learned to design and develop the type-1 (UEFI-based) hypervisor. This should be helpful to explo… https://t.co/yOg4AVSfu6
Retweeted by Alexei BulazelSo I don't know if you all noticed or not but @shmoocon put up the 2020 videos on https://t.co/Mgebg4iMJK last week… https://t.co/vxtgHIYnJl
Retweeted by Alexei Bulazel
3/13
2020
I discovered/attributed this while at WhiteOps almost a year ago. Great to see it finally get rolled up. https://t.co/aX5t38UG8D
Retweeted by Alexei Bulazel @perribus Quit is C-x C-c @evm_sec My friend @0xeb says "RE is very much like a crossword puzzle". I.e. every solved word, no matter how triv… https://t.co/btUmV8mX7L
Retweeted by Alexei Bulazel
3/12
2020
Check out my new Binary Ninja blog post! It’s about the function signature matching system I created over the cours… https://t.co/BXvYGYdNPI
Retweeted by Alexei Bulazel @perribus @justinschuh After that, you have to get a CPU errataReport is live https://t.co/drvoi1D9W1
Retweeted by Alexei BulazelThe @CyberSolarium report was released today. https://t.co/fihvHz3n60
Retweeted by Alexei BulazelWow - Avast decided to disable their JavaScript interpreter globally! The vulnerability report they mention wasn't… https://t.co/Hpe6JYMhjy
Retweeted by Alexei Bulazel
3/11
2020
Ever wished you could break on a specific PE being loaded by the Windows kernel? Without having to rely on "sxe ld"… https://t.co/FqOnMK4wQy
Retweeted by Alexei BulazelIf someone wrote a new Windows binary fuzzer, which core features would you like it to have? List thus far: (1) Cus… https://t.co/f09tIYXpQ6
Retweeted by Alexei BulazelScared of security conferences getting cancelled? 😱 Watch now (✨CORONA FREE✨) presentations about various IT secur… https://t.co/olhXu0MiqG
Retweeted by Alexei BulazelCheck out @krx__'s latest post on our Hardware Hacking 101 blog post series. He takes apart an Amazon Echo step by… https://t.co/LsgZDBLIWL
Retweeted by Alexei BulazelIf you are interested in developing hypervisors as UEFI modules, MiniVisor is for you: https://t.co/WPW6JwdM7G Als… https://t.co/PrlH3znb2q
Retweeted by Alexei Bulazela new lawfare piece facial recognition is here trending on github https://t.co/Z3DhbNN2Zy
Retweeted by Alexei Bulazel
3/10
2020
This is the sort of stuff I love to see. Harnessing always gives such a huge advantage on targets! https://t.co/eT6ExcMMA9
Retweeted by Alexei Bulazel"Despite being [AVAST] highly privileged & processing untrusted input by design, it is unsandboxed and has poor mit… https://t.co/1MXDqAYu2Y
Retweeted by Alexei BulazelI have something fun for you, I pulled the javascript interpreter out of Avast and ported it to Linux 😆 This runs… https://t.co/UFQCC9wSG8
Retweeted by Alexei BulazelMy slides on Reverse Engineering Windows Defender's JavaScript Engine are now online: https://t.co/798LwnpHSf https://t.co/avTmpXj5a8
Retweeted by Alexei Bulazel @taviso Oooh fun
3/9
2020
Dragon Dance is a plugin for Ghidra to get visualize and manipulate the binary code coverage data… https://t.co/DDKGGNJgTL
Retweeted by Alexei BulazelDo you ever think about how vaccines are virus definition updates
Retweeted by Alexei Bulazel
3/8
2020
@aionescu @BillDemirkapi should submit a talk on this to @reconmtlIncredibly rare footage from 1988. The world sees one of the first viruses which self-propagates. https://t.co/4ZHdWGvuyf
Retweeted by Alexei Bulazel
3/7
2020
Our API is incredibly powerful but we need to do a better job showing examples so I'm publishing a collection of my… https://t.co/RrAbibX1Dc
Retweeted by Alexei Bulazel @RolfRolles @tekwizz123 Or with Ghidra, for each function, find each return instruction, and then do dataflow on th… https://t.co/Zizjn8rI9n
Retweeted by Alexei Bulazel
3/6
2020

0