A guide on how to do fuzzing with AFL++ in an attempt to rediscover the libwebp vulnerability CVE-2023-4863 that was used to hack iPhones.
Watch webp Part 1: https://www.youtube.com/watch?v=lAyhKaclsPM
Grab the code: 2024-01-22 14:26:34 +0000 UTC
View Post
Citizenlab discovered BLASTPASS, a 0day being actively exploited in the image format WebP. Known as CVE-2023-4863 and CVE-2023-41064, an issue in webp's build huffman table function can lead to a heap buffer overflow. This vulnerability is very interesting and I'm excited to share with you what I learned.
2023-12-21 15:58:33 +0000 UTC
View Post

Around 6 months ago I explained to you why I decided to create an paid online training platform. If you missed this, checkout this video: 2023-11-25 13:23:15 +0000 UTC
View Post
Not every security issues can be fixed. There exist (what I call) "unfixable" bugs, where you can always argue and shift the goal posts. The idea is to only report these kind of issues to create an endless stream of bug bounty money!
2023-10-17 12:34:56 +0000 UTC
View Post
Let me explain to you what you can learn from these tweets. Did you know the name trick?
Quote Tweet: https://twitter.com/avlidienbrunn/status/1697869590569582932
Original Tweet: https://twitte...
2023-09-19 12:31:31 +0000 UTC
View Post
Let's explore the "most exciting" CPU vulnerability affecting Zen2 CPUs from AMD.
In case you missed it, here is part 1 about fuzzing CPUs: https://www.youtube.com/watch?v=neWc0H1k2Lc
2023-08-29 15:36:54 +0000 UTC
View Post
How did Tavis Ormandy fuzz CPUs to discover Zenbleed? In this video we learn about the techniques to make this work!
https://security.googleblog.com/2023/08/downfall-and-zenbleed-googlers-helping.html
Watch me go out of my comfort zone and talk to strangers O.O...
I attended droidcon Berlin 2023 and interviewed some developers about what they know about Android security. Thanks again to everybody who answered my questions, and thanks Egidijus for the dcbln23 ticket!
2023-08-01 13:46:55 +0000 UTC
View Post
Let's talk about a "security flaw in hospital software that allows full access to medical devices". This issue was disclosed on LinkedIn and included a full exploit code. Let's use this app as an example on how to find a macOS privilege escalation and learn how local root exploits can work.
Print BINGO sheet: 2023-07-22 14:04:59 +0000 UTC
View Post
Sergey Toshin tells us the story of how he became a top Android bug hunter and how he finds critical vulnerabilities. He also shows us a really cool vulnerability found in the Google Android Snapseed app. I didn't know this crazy attack vector exists!
2023-07-13 14:53:08 +0000 UTC
View Post
I stumbled over a weird HTML behavior on Twitter and started to investigate it. Did I just stumble over a generic HTML Sanitizer bypass?
Every year Google celebrates the best security issues found in Google Cloud. This year we take a look at the 7 winners to see if we could have found these issues too. Will I regret not having hacked Google last year?
2023-06-22 16:16:43 +0000 UTC
View Post
I stumbled over some WordPress code involving caching. Immediately I had this idea about MD5 collision and how this could affect the implemented logic. I started going down a rabbit hole exploring the feasibility and eventually setting up a PHP debug environment. Only to realize that the idea was flawed from the start. So while this ends up being failed security research, we still learn a lot a...
2023-06-11 15:05:56 +0000 UTC
View Post
Lots of #bugbountytips get posted on twitter, but some of them are ... weird. Let's explore the technical details of one tweet to understand where this tip came from, why this tip was wrong, and eventually learn about the real underlaying vulnerability. This is a surprising turn of events!
The #bugbountytips tweet:
2023-05-31 13:39:50 +0000 UTC
View Post
In this video I show you my YouTube financials and tell you about a new project I have been working on: hextree.io
FYI to all Patreon members, I have not charged you for this video because it's just a channel update.
2023-05-22 14:15:52 +0000 UTC
View Post
After we explored attacking LLMs, in this video we finally talk about defending against prompt injections. Is it even possible?
Watch the complete series: https://www.youtube.com/playlist?list=PLhixgUqwRTjzerY4bJgwpxCLyfqNYwDVB
Language Models are Few-Shot Learners:
2023-05-11 21:08:24 +0000 UTC
View Post
In this video we explore various prompt tricks to manipulate the AI to respond in ways we want, even when the system instructions want something else. This can help us better understand the limitations of LLMs.
Video Part 1: https://www.youtube.com/watch?v=Sv5OLj2nVAQ
The OpenAI API cost is pre...
2023-04-27 15:49:21 +0000 UTC
View Post
How will the easy access to powerful APIs like GPT-4 affect the future of IT security? Keep in mind LLMs are new to this world and things will change fast. But I don't want to fall behind, so let's start exploring some thoughts on the security of LLMs.
2023-04-14 17:01:19 +0000 UTC
View Post
Copilot, ChatGPT and other AI models become a threat to hackers. We rely on insecure code, but when all developers moved over to code generated by AI, we will lose our job. We need to act fast!
This is an april fools project about how threat actors could start manipulating AI for the future.
2023-04-01 08:32:40 +0000 UTC
View Post
In the news, cybercrime is often mentioned in connection to "hacking". Also when accounts get stolen, people say "my account got hacked". But is this really hacking? How does cybercrime actually look like?
2023-03-20 17:20:47 +0000 UTC
View Post
While auditing a VSCode Extension + Language Server I noticed something interesting. This turned into the research question "can we attack the extension from the browser?". After a bit of preliminary research I decided to do it again on stream, and eventually made this video. This is how security research can look like.
Full Live Stream: 2023-03-11 17:07:14 +0000 UTC
View Post
There exists a pretty cool teleport hack that I couldn't discover myself. So I decided to steal it and share it with you all!
2023-03-03 18:56:38 +0000 UTC
View Post
What is a secure "tunnel"? When I started to learn about computers the name confused me. I couldn't imagine how it works on a technical level. In this video we build upon knowledge from the previous videos, to develop an intuition for what a tunnel, VPN or proxy is.
1. Server Explained: https://www.youtube.com...
2023-02-17 15:13:09 +0000 UTC
View Post
In this video we investigate the comments' claims that there exists an arbitrary velocity exploit in Minecraft. We look into the code and see if that is true.
2023-01-31 15:24:12 +0000 UTC
View Post
In this video I try to explain computer networking with pieces of paper. This hopefully explains why in some universities the OSi layer model is taught. While I find the OSI model kinda useless, "thinking in layers" is extremely important. Blackboxes of layers allow us to focus on what matters, and ignore anything else.
2023-01-01 17:30:10 +0000 UTC
View Post
Everybody told me the cat coordinate exploit/leak was already known. However this does not seem to be true, I tested it by logging packets.
2022-12-23 14:47:39 +0000 UTC
View Post
The term "protocol" can be really confusing. In this video I try to explain to my former self what it means to have a protocol.
2022-12-13 16:33:01 +0000 UTC
View Post
Let's talk about how we can implement a reach hack in minecraft. After knowing how it works, it seems so obvious. But it took me over 14h to figure out myself :D
2022-11-28 15:35:26 +0000 UTC
View Post
I tried to hide a new base far away, but players quickly found it. Let me tell you how they did it.
2022-11-20 16:23:56 +0000 UTC
View Post