Jon Williams
@br4inde4d.bsky.social
Vulnerability Researcher at Bishop Fox
Just published a new blog about using LLMs to accelerate patch diffing! We developed a semi-automated analysis workflow and benchmarked four high-impact vulns using a few different Claude models. Check out how they performed!
Vulnerability Discovery with LLM-Powered Patch Diffing
Read our most recent research to see how LLMs can assist in scaling patch diffing workflows, saving valuable time in a crucial race against attackers.
bishopfox.com
August 16, 2025 at 4:54 PM
Just published a new blog about using LLMs to accelerate patch diffing! We developed a semi-automated analysis workflow and benchmarked four high-impact vulns using a few different Claude models. Check out how they performed!
I made SonicWall’s hall of fame for this one. Patch your firewalls (again), folks!
bishopfox.com/blog/sonicwa...
bishopfox.com/blog/sonicwa...
SonicWall Sonicos Versions 7.1.x and 8.0.x
Blog describes how Bishop Fox staff identified a vulnerability in SonicWall SonicOS 7.1.x and 8.0.x in the SSL VPN service and solutions for customers.
bishopfox.com
April 25, 2025 at 1:53 AM
I made SonicWall’s hall of fame for this one. Patch your firewalls (again), folks!
bishopfox.com/blog/sonicwa...
bishopfox.com/blog/sonicwa...
The DistrictCon talk @noperator.bsky.social and I gave on decrypting SonicWall NSv firmware is up on YouTube now: www.youtube.com/watch?v=FIYK...
DistrictCon 2025 Day 1 Talk 3 - Reverse Engineering Sonicwall Firmware Jon Williams, Caleb Gross
YouTube video by DistrictCon - Live stream Here for day 2
www.youtube.com
March 19, 2025 at 2:55 PM
The DistrictCon talk @noperator.bsky.social and I gave on decrypting SonicWall NSv firmware is up on YouTube now: www.youtube.com/watch?v=FIYK...
Reposted by Jon Williams
Don’t miss @br4inde4d.bsky.social and @noperator.bsky.social presenting: “Tearing Down (Sonic)Walls: Reverse-Engineering SonicOSX Firmware Encryption” at @districtcon.bsky.social Feb 21 at 1:30p.m. And stop by our Coffee Cart for ☕️ & convo! More: bishopfox.com/events/bisho...
#SonicWall #firewall
#SonicWall #firewall
February 17, 2025 at 4:12 PM
Don’t miss @br4inde4d.bsky.social and @noperator.bsky.social presenting: “Tearing Down (Sonic)Walls: Reverse-Engineering SonicOSX Firmware Encryption” at @districtcon.bsky.social Feb 21 at 1:30p.m. And stop by our Coffee Cart for ☕️ & convo! More: bishopfox.com/events/bisho...
#SonicWall #firewall
#SonicWall #firewall
They got me on camera to talk about my recent SonicWall exploit 😄
SonicWall CVE-2024-53704: SSL VPN Session Hijacking
YouTube video by Bishop Fox
youtube.com
February 11, 2025 at 11:55 PM
They got me on camera to talk about my recent SonicWall exploit 😄
As promised, our blog post on CVE-2024-53704, a session hijacking vulnerability affecting the SSL VPN component of SonicWall firewalls, has been updated to include full exploitation details. Check it out!
SonicWall CVE-2024-53704: SSL VPN Session Hijacking
Security researchers have exploited CVE-2024-53704, an authentication bypass affecting the SSL VPN component of unpatched SonicWall firewalls. Watch demo!
bishopfox.com
February 10, 2025 at 8:24 PM
As promised, our blog post on CVE-2024-53704, a session hijacking vulnerability affecting the SSL VPN component of SonicWall firewalls, has been updated to include full exploitation details. Check it out!
Successfully exploited SonicWall CVE-2024-53704, allowing active SSL VPN sessions to be hijacked on affected firewalls. We'll be withholding details for a while because there are still thousands of vulnerable appliances on the public internet.
January 17, 2025 at 6:15 PM
Successfully exploited SonicWall CVE-2024-53704, allowing active SSL VPN sessions to be hijacked on affected firewalls. We'll be withholding details for a while because there are still thousands of vulnerable appliances on the public internet.