dmnk
@dmnk.bsky.social
【DΞCOMPILΞ NΣVΞR】
Android Red Team @google
Fuzzing @aflplusplus.bsky.social
CTF @enoflag
(opinions my own)
Android Red Team @google
Fuzzing @aflplusplus.bsky.social
CTF @enoflag
(opinions my own)
"You are a smart and handsome software engineer"
Prompt engineering is just drag for computers 💅
Prompt engineering is just drag for computers 💅
November 10, 2025 at 2:38 PM
"You are a smart and handsome software engineer"
Prompt engineering is just drag for computers 💅
Prompt engineering is just drag for computers 💅
Reposted by dmnk
Some more cool JS Engine bugs found by Big Sleep were fixed in yesterday's Apple security updates: support.apple.com/en-us/125632
Technical details will be available soon at issuetracker.google.com/issues?q=com...
Technical details will be available soon at issuetracker.google.com/issues?q=com...
About the security content of iOS 26.1 and iPadOS 26.1 - Apple Support
This document describes the security content of iOS 26.1 and iPadOS 26.1.
support.apple.com
November 4, 2025 at 5:10 PM
Some more cool JS Engine bugs found by Big Sleep were fixed in yesterday's Apple security updates: support.apple.com/en-us/125632
Technical details will be available soon at issuetracker.google.com/issues?q=com...
Technical details will be available soon at issuetracker.google.com/issues?q=com...
Reposted by dmnk
support.apple.com/en-us/125632
the name "big sleep" feels a lot more insulting now that its really threatening to take our jobs
the name "big sleep" feels a lot more insulting now that its really threatening to take our jobs
About the security content of iOS 26.1 and iPadOS 26.1 - Apple Support
This document describes the security content of iOS 26.1 and iPadOS 26.1.
support.apple.com
November 4, 2025 at 5:19 PM
support.apple.com/en-us/125632
the name "big sleep" feels a lot more insulting now that its really threatening to take our jobs
the name "big sleep" feels a lot more insulting now that its really threatening to take our jobs
What is my purpose
You provide entropy
Oh
You provide entropy
Oh
November 4, 2025 at 5:37 PM
What is my purpose
You provide entropy
Oh
You provide entropy
Oh
Neat idea: Snapshot fuzzing from a certain point deeper in the target (with +- complex state), then use an AI Agent to trigger that point. Fuzzer goes brrr
Gaetano's paper on Scaling Security Testing by Adressing the Reachability Gap has been accepted at #ICSE26!
📝 gpsapia.github.io/files/ICSE_2...
🧑💻 github.com/GPSapia/Reac...
How to scale automatic security testing to arbitrary systems?
📝 gpsapia.github.io/files/ICSE_2...
🧑💻 github.com/GPSapia/Reac...
How to scale automatic security testing to arbitrary systems?
November 4, 2025 at 1:04 AM
Neat idea: Snapshot fuzzing from a certain point deeper in the target (with +- complex state), then use an AI Agent to trigger that point. Fuzzer goes brrr
Reposted by dmnk
We derestricted crbug.com/382005099 today which might just be my favorite bug of the last few years: bad interaction between WebAudio changing the CPU's handling of floats and V8 not expecting that. See crbug.com/382005099#co... for a PoC exploit. Also affected other browsers
October 29, 2025 at 2:27 PM
We derestricted crbug.com/382005099 today which might just be my favorite bug of the last few years: bad interaction between WebAudio changing the CPU's handling of floats and V8 not expecting that. See crbug.com/382005099#co... for a PoC exploit. Also affected other browsers
Reposted by dmnk
TLDR; The PSF has made the decision to put our community and our shared diversity, equity, and inclusion values ahead of seeking $1.5M in new revenue. Please read and share. pyfound.blogspot.com/2025/10/NSF-...
🧵
🧵
The official home of the Python Programming Language
www.python.org
October 27, 2025 at 2:47 PM
TLDR; The PSF has made the decision to put our community and our shared diversity, equity, and inclusion values ahead of seeking $1.5M in new revenue. Please read and share. pyfound.blogspot.com/2025/10/NSF-...
🧵
🧵
Get Low though.. 🔥
Born Too Slow on the NFS:Underground OST was a cultural reset
open.spotify.com/playlist/1Qr...
open.spotify.com/playlist/1Qr...
Need for Speed: Underground
open.spotify.com
October 26, 2025 at 3:17 AM
Get Low though.. 🔥
Must-read for fuzzing folks (read: tooling/algorithms/academia) by Addison Crump
addisoncrump.info/research/wha...
addisoncrump.info/research/wha...
What the hell are we doing? · Addison Crump
Homepage for Addison Crump
addisoncrump.info
October 26, 2025 at 3:16 AM
Must-read for fuzzing folks (read: tooling/algorithms/academia) by Addison Crump
addisoncrump.info/research/wha...
addisoncrump.info/research/wha...
Reposted by dmnk
A sandwich is $3000 but if you want meat that's another $1500 and oh if you want lettuce that's another $1500. Mustard? You're not gonna believe this
October 25, 2025 at 7:56 PM
A sandwich is $3000 but if you want meat that's another $1500 and oh if you want lettuce that's another $1500. Mustard? You're not gonna believe this
I prefer Ghidra&Frida, but...
October 25, 2025 at 6:10 PM
I prefer Ghidra&Frida, but...
I might have more cameras than phones at this point lol
October 24, 2025 at 3:18 PM
I might have more cameras than phones at this point lol
Reposted by dmnk
endianness is just a plot by Big Endian to sell more byte swap operations
October 24, 2025 at 12:32 AM
endianness is just a plot by Big Endian to sell more byte swap operations
Reposted by dmnk
Please slides and python scripts for this talk #hacklu #crypto #reverseengineering
github.com/lclevy/d8_or...
github.com/lclevy/d8_or...
October 22, 2025 at 4:07 PM
Please slides and python scripts for this talk #hacklu #crypto #reverseengineering
github.com/lclevy/d8_or...
github.com/lclevy/d8_or...
Reposted by dmnk
Everything I have ever posted is on the record, because it has been slurped up by an LLM and is part of the eternal GenX/Millennial cross-language culture supremacy ideaplex who wrote a majority relevant – especially summarization of it – in high-impact source of machine training.
We are... forever
We are... forever
October 22, 2025 at 3:35 AM
Everything I have ever posted is on the record, because it has been slurped up by an LLM and is part of the eternal GenX/Millennial cross-language culture supremacy ideaplex who wrote a majority relevant – especially summarization of it – in high-impact source of machine training.
We are... forever
We are... forever
Reposted by dmnk
Our @defcon.bsky.social talk is online: youtu.be/FXIScbxJTZw!
Ever wanted to get banned from online games without cheating? We've got you covered! Check out this talk for fun hacks tripping off modern anticheats.
Joined work with Sam Collins and Tom Chothia.
More Info: game-research.github.io
Ever wanted to get banned from online games without cheating? We've got you covered! Check out this talk for fun hacks tripping off modern anticheats.
Joined work with Sam Collins and Tom Chothia.
More Info: game-research.github.io
youtu.be
October 21, 2025 at 9:40 AM
Our @defcon.bsky.social talk is online: youtu.be/FXIScbxJTZw!
Ever wanted to get banned from online games without cheating? We've got you covered! Check out this talk for fun hacks tripping off modern anticheats.
Joined work with Sam Collins and Tom Chothia.
More Info: game-research.github.io
Ever wanted to get banned from online games without cheating? We've got you covered! Check out this talk for fun hacks tripping off modern anticheats.
Joined work with Sam Collins and Tom Chothia.
More Info: game-research.github.io
Reposted by dmnk
tired: it's always DNS
inspired: ICANN feel it coming in the air tonight
inspired: ICANN feel it coming in the air tonight
September 29, 2025 at 11:02 AM
tired: it's always DNS
inspired: ICANN feel it coming in the air tonight
inspired: ICANN feel it coming in the air tonight
Reposted by dmnk
For those of you who are wondering, the most important opsec lesson to take from the First Wap story is that if your threat model includes a government, do not take your cell phone with you to locations or meetings you don't want them to know about.
October 20, 2025 at 5:36 PM
For those of you who are wondering, the most important opsec lesson to take from the First Wap story is that if your threat model includes a government, do not take your cell phone with you to locations or meetings you don't want them to know about.
Reposted by dmnk
Reposted by dmnk
So what names form Ubuntu
![First announced on August 16, 1993, Debian was founded by lan Murdock, who initially called the system "the Debian Linux Release". [14][15] The word
"Debian" was formed as a portmanteau of the first name of his then-girlfriend (later ex-wife) Debra Lynn and his own first name. 16] Before Debian's release,
the Softlanding Linux System (SLS) had been a](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:xraomsuf6pvh7r2cqtdwhkvm/bafkreiawh3nz4ixrqavuhvca2gng5n6ipakskzxhg3bmicr45kdgxidwfi@jpeg)
October 19, 2025 at 9:57 PM
So what names form Ubuntu
Reposted by dmnk
October 15, 2025 at 3:13 PM