Shielder
@shielder.com
InfoSec boutique.
Owning things since 2014.
We love to go for the extra mile, where we usually find the best 🦟🐞🪲🪳🐛🐜🕷 the others miss.
Web: https://www.shielder.com
Twitter: @ShielderSec
Fediverse: @shielder.infosec.exchange
Owning things since 2014.
We love to go for the extra mile, where we usually find the best 🦟🐞🪲🪳🐛🐜🕷 the others miss.
Web: https://www.shielder.com
Twitter: @ShielderSec
Fediverse: @shielder.infosec.exchange
Attending #theSAS25? Meet @paupu.bsky.social for his PAM pwnage talk!
It won't be recorded and it might *wink wink* contain a cool drop you don't want to miss 👀
It won't be recorded and it might *wink wink* contain a cool drop you don't want to miss 👀
October 26, 2025 at 3:56 PM
Attending #theSAS25? Meet @paupu.bsky.social for his PAM pwnage talk!
It won't be recorded and it might *wink wink* contain a cool drop you don't want to miss 👀
It won't be recorded and it might *wink wink* contain a cool drop you don't want to miss 👀
Reposted by Shielder
👋🏿 Hackers!
Are you a Red Teaming Wizard 🧙🏿 looking for a new challenge? @shielder.com is hiring a Red Teaming Lead to join our crew!
More info ⬇️ (share appreciated) #hiring #redteaming
romhack.io/job-opportun...
Are you a Red Teaming Wizard 🧙🏿 looking for a new challenge? @shielder.com is hiring a Red Teaming Lead to join our crew!
More info ⬇️ (share appreciated) #hiring #redteaming
romhack.io/job-opportun...
RomHack - Job opportunities
Check for RomHack sponsor's job opportunities
romhack.io
August 7, 2025 at 7:38 PM
👋🏿 Hackers!
Are you a Red Teaming Wizard 🧙🏿 looking for a new challenge? @shielder.com is hiring a Red Teaming Lead to join our crew!
More info ⬇️ (share appreciated) #hiring #redteaming
romhack.io/job-opportun...
Are you a Red Teaming Wizard 🧙🏿 looking for a new challenge? @shielder.com is hiring a Red Teaming Lead to join our crew!
More info ⬇️ (share appreciated) #hiring #redteaming
romhack.io/job-opportun...
Reposted by Shielder
In partnership with @aswf.io, OSTIF and @shielder.com worked on audits of MaterialX and OpenEXR. Our deepest gratitude for this opportunity to work with incredible maintainers and cool projects such as these- read about them at our blogs: ostif.org/materialx-au..., ostif.org/openexr-audi...
July 31, 2025 at 4:03 PM
In partnership with @aswf.io, OSTIF and @shielder.com worked on audits of MaterialX and OpenEXR. Our deepest gratitude for this opportunity to work with incredible maintainers and cool projects such as these- read about them at our blogs: ostif.org/materialx-au..., ostif.org/openexr-audi...
🚨 New Open Source Audit Alert! 🚨
Shielder, with @ostifofficial.bsky.social & ASWF audited OpenEXR and MaterialX:
🔍 11 issues found (1 critical, 3 still to be published)
✔️ Most fixed, others planned
🗣️ ndaprela @smaury.bsky.social @suidpit.bsky.social @thezero.org
Full details in the blog post ⬇️🧵
Shielder, with @ostifofficial.bsky.social & ASWF audited OpenEXR and MaterialX:
🔍 11 issues found (1 critical, 3 still to be published)
✔️ Most fixed, others planned
🗣️ ndaprela @smaury.bsky.social @suidpit.bsky.social @thezero.org
Full details in the blog post ⬇️🧵
July 31, 2025 at 3:09 PM
🚨 New Open Source Audit Alert! 🚨
Shielder, with @ostifofficial.bsky.social & ASWF audited OpenEXR and MaterialX:
🔍 11 issues found (1 critical, 3 still to be published)
✔️ Most fixed, others planned
🗣️ ndaprela @smaury.bsky.social @suidpit.bsky.social @thezero.org
Full details in the blog post ⬇️🧵
Shielder, with @ostifofficial.bsky.social & ASWF audited OpenEXR and MaterialX:
🔍 11 issues found (1 critical, 3 still to be published)
✔️ Most fixed, others planned
🗣️ ndaprela @smaury.bsky.social @suidpit.bsky.social @thezero.org
Full details in the blog post ⬇️🧵
Last week Apple released MacOS 13.4 which contains a fix for a vulnerability @suidpit.bsky.social exploited to escape the Sandbox.
Update now and stay tuned for the technical details!
Ref: support.apple.com/en-us/122373
Update now and stay tuned for the technical details!
Ref: support.apple.com/en-us/122373
April 7, 2025 at 8:58 AM
Last week Apple released MacOS 13.4 which contains a fix for a vulnerability @suidpit.bsky.social exploited to escape the Sandbox.
Update now and stay tuned for the technical details!
Ref: support.apple.com/en-us/122373
Update now and stay tuned for the technical details!
Ref: support.apple.com/en-us/122373
In Lausanne for @1ns0mn1h4ck.bsky.social? Don’t miss the chance to meet our very own @not4nhacker.bsky.social! If you're into cursed OAuth hacking techniques or breaking mobile apps, find a comfy spot -- you might be there for a while!
March 13, 2025 at 9:43 AM
In Lausanne for @1ns0mn1h4ck.bsky.social? Don’t miss the chance to meet our very own @not4nhacker.bsky.social! If you're into cursed OAuth hacking techniques or breaking mobile apps, find a comfy spot -- you might be there for a while!
Reposted by Shielder
Ship happens- and that's why security audits are an important part of security efforts. We facilitated work on #Karmada thanks to support from the @cncf.io and with auditing performed by @shielder.com. You can now sea the impact of an audit for yourself at ostif.org/karmada-audi...
January 17, 2025 at 5:29 PM
Ship happens- and that's why security audits are an important part of security efforts. We facilitated work on #Karmada thanks to support from the @cncf.io and with auditing performed by @shielder.com. You can now sea the impact of an audit for yourself at ostif.org/karmada-audi...
🚨 New Open Source Audit Alert! 🚨
Shielder, with @ostifofficial.bsky.social & @cncf.io, audited karmada-io:
🔍 6 issues found (1 high, 1 medium, 2 low, 2 info)
✔️ Most fixed, others planned.
🗣️ to @suidpit.bsky.social and @thezero.org
Full details in the blog post!
www.shielder.com/blog/2025/01...
Shielder, with @ostifofficial.bsky.social & @cncf.io, audited karmada-io:
🔍 6 issues found (1 high, 1 medium, 2 low, 2 info)
✔️ Most fixed, others planned.
🗣️ to @suidpit.bsky.social and @thezero.org
Full details in the blog post!
www.shielder.com/blog/2025/01...
Shielder - Karmada Security Audit
Karmada Security Audit, sponsored by the CNCF (Cloud Native Computing Foundation), facilitated by Open Source Technology Improvement Fund (OSTIF) and performed by Shielder.
www.shielder.com
January 16, 2025 at 4:01 PM
🚨 New Open Source Audit Alert! 🚨
Shielder, with @ostifofficial.bsky.social & @cncf.io, audited karmada-io:
🔍 6 issues found (1 high, 1 medium, 2 low, 2 info)
✔️ Most fixed, others planned.
🗣️ to @suidpit.bsky.social and @thezero.org
Full details in the blog post!
www.shielder.com/blog/2025/01...
Shielder, with @ostifofficial.bsky.social & @cncf.io, audited karmada-io:
🔍 6 issues found (1 high, 1 medium, 2 low, 2 info)
✔️ Most fixed, others planned.
🗣️ to @suidpit.bsky.social and @thezero.org
Full details in the blog post!
www.shielder.com/blog/2025/01...
Reposted by Shielder
The best infosec swag in town.
@shielder.com
@shielder.com
November 10, 2024 at 11:28 PM
The best infosec swag in town.
@shielder.com
@shielder.com
Attending #TheSASCon2024 in the beautiful Bali🏝️?
Make sure not to miss @suidpit.bsky.social's talk about his novel research on the macOS 🍎 sandbox and how to bypass it.
🗓️ Wednesday, October 23 - 15:10
Make sure not to miss @suidpit.bsky.social's talk about his novel research on the macOS 🍎 sandbox and how to bypass it.
🗓️ Wednesday, October 23 - 15:10
October 22, 2024 at 11:02 AM
Attending #TheSASCon2024 in the beautiful Bali🏝️?
Make sure not to miss @suidpit.bsky.social's talk about his novel research on the macOS 🍎 sandbox and how to bypass it.
🗓️ Wednesday, October 23 - 15:10
Make sure not to miss @suidpit.bsky.social's talk about his novel research on the macOS 🍎 sandbox and how to bypass it.
🗓️ Wednesday, October 23 - 15:10
For the weekend, we gift you with not one, but TWO ways to escalate `sudo iptables` (+ a couple other boring preconditions) into a r00t shell - read how @smaury.bsky.social and @suidpit.bsky.social managed to climb your friendly neighborhood 🔥wall!
www.shielder.com/blog/2024/09...
www.shielder.com/blog/2024/09...
Shielder - A Journey From `sudo iptables` To Local Privilege Escalation
In this post, we demonstrate two techniques allowing a low privileged user to escalate their privileges to root in case they can run iptables and/or iptables-save as
www.shielder.com
September 20, 2024 at 1:42 PM
For the weekend, we gift you with not one, but TWO ways to escalate `sudo iptables` (+ a couple other boring preconditions) into a r00t shell - read how @smaury.bsky.social and @suidpit.bsky.social managed to climb your friendly neighborhood 🔥wall!
www.shielder.com/blog/2024/09...
www.shielder.com/blog/2024/09...
Our very own @suidpit.bsky.social will present his novel #macOS research at #TheSAS2024 - if you want to learn more about the macOS sandbox and how to escape it make sure to be in Bali 🏝️ from Oct 22 to Oct 25!
Learn more here: thesascon.com
Learn more here: thesascon.com
August 29, 2024 at 8:53 AM
Our very own @suidpit.bsky.social will present his novel #macOS research at #TheSAS2024 - if you want to learn more about the macOS sandbox and how to escape it make sure to be in Bali 🏝️ from Oct 22 to Oct 25!
Learn more here: thesascon.com
Learn more here: thesascon.com
During a recent engagement Mindless hacked his way through Vtiger CRM which led to discover a privilege escalation and a SQL injection.
Learn more in the dedicated advisories:
- CVE-2024-42994 #sqli www.shielder.com/advisories/v...
- CVE-2024-42995 #privesc www.shielder.com/advisories/v...
Learn more in the dedicated advisories:
- CVE-2024-42994 #sqli www.shielder.com/advisories/v...
- CVE-2024-42995 #privesc www.shielder.com/advisories/v...
August 28, 2024 at 10:19 AM
During a recent engagement Mindless hacked his way through Vtiger CRM which led to discover a privilege escalation and a SQL injection.
Learn more in the dedicated advisories:
- CVE-2024-42994 #sqli www.shielder.com/advisories/v...
- CVE-2024-42995 #privesc www.shielder.com/advisories/v...
Learn more in the dedicated advisories:
- CVE-2024-42994 #sqli www.shielder.com/advisories/v...
- CVE-2024-42995 #privesc www.shielder.com/advisories/v...
Back in December 2023 our researchers @thezero.org @suidpit.bsky.social and Mindless performed an audit sponsored by AWS and facilitated by OSTIF on boost.
It resulted in 7 findings and 15 new fuzzers.
The report is now public, check the details here: www.shielder.com/blog/2024/05...
It resulted in 7 findings and 15 new fuzzers.
The report is now public, check the details here: www.shielder.com/blog/2024/05...
Shielder - Boost Security Audit
Boost Security Audit, sponsored by Amazon Web Services (AWS), facilitated by Open Source Technology Improvement Fund (OSTIF) and performed by Shielder.
www.shielder.com
May 22, 2024 at 3:01 PM
Back in December 2023 our researchers @thezero.org @suidpit.bsky.social and Mindless performed an audit sponsored by AWS and facilitated by OSTIF on boost.
It resulted in 7 findings and 15 new fuzzers.
The report is now public, check the details here: www.shielder.com/blog/2024/05...
It resulted in 7 findings and 15 new fuzzers.
The report is now public, check the details here: www.shielder.com/blog/2024/05...
In early 2023 we (@thezero.org & @smaury.bsky.social) collaborated with SecureDrop to start designing and prototyping the #E2EE messaging protocol for a future version of SecureDrop.
📄 blog post: securedrop.org/news/introdu...
💻 poc code: github.com/freedomofpre...
📄 blog post: securedrop.org/news/introdu...
💻 poc code: github.com/freedomofpre...
Introducing SecureDrop Protocol
This blog post is a part of a series about our research toward the next generation of the SecureDrop whistleblowing …
securedrop.org
May 7, 2024 at 10:54 AM
In early 2023 we (@thezero.org & @smaury.bsky.social) collaborated with SecureDrop to start designing and prototyping the #E2EE messaging protocol for a future version of SecureDrop.
📄 blog post: securedrop.org/news/introdu...
💻 poc code: github.com/freedomofpre...
📄 blog post: securedrop.org/news/introdu...
💻 poc code: github.com/freedomofpre...
Exciting news! We've just released a new blog post on mobile app security, where @suidpit.bsky.social and @thezero.org used their intent-fu to discover vulnerabilities (CVE-2024-26131, CVE-2024-26132) in Element, a @matrix.org client for Android. #writeup #CVE
www.shielder.com/blog/2024/04...
www.shielder.com/blog/2024/04...
Shielder - Element Android CVE-2024-26131, CVE-2024-26132 - Never Take Intents From Strangers
A writeup about two intent-based Android vulnerabilities CVE-2024-26131 and CVE-2024-26132 in Element (Matrix).
www.shielder.com
April 18, 2024 at 9:29 AM
Exciting news! We've just released a new blog post on mobile app security, where @suidpit.bsky.social and @thezero.org used their intent-fu to discover vulnerabilities (CVE-2024-26131, CVE-2024-26132) in Element, a @matrix.org client for Android. #writeup #CVE
www.shielder.com/blog/2024/04...
www.shielder.com/blog/2024/04...
We recently partnered with the Open Source Technology Improvement Fund (OSTIF) to perform a security audit sponsored by AWS on Bref. The audit resulted in 5 findings promptly addresses by @mnapoli.bsky.social.
The report is now public, check the details here: www.shielder.com/blog/2024/03...
The report is now public, check the details here: www.shielder.com/blog/2024/03...
Shielder - Bref Security Audit
Bref Security Audit, sponsored by Amazon Web Services (AWS), facilitated by Open Source Technology Improvement Fund (OSTIF) and performed by Shielder.
www.shielder.com
March 29, 2024 at 12:09 PM
We recently partnered with the Open Source Technology Improvement Fund (OSTIF) to perform a security audit sponsored by AWS on Bref. The audit resulted in 5 findings promptly addresses by @mnapoli.bsky.social.
The report is now public, check the details here: www.shielder.com/blog/2024/03...
The report is now public, check the details here: www.shielder.com/blog/2024/03...
Hey hackers - attending #Nullcon? Pop to say hi and talk about AppSec and VR!
You can find @smaury.bsky.social @thezero.org @suidpit.bsky.social around 🖖🏿
You can find @smaury.bsky.social @thezero.org @suidpit.bsky.social around 🖖🏿
March 14, 2024 at 8:39 AM
Hey hackers - attending #Nullcon? Pop to say hi and talk about AppSec and VR!
You can find @smaury.bsky.social @thezero.org @suidpit.bsky.social around 🖖🏿
You can find @smaury.bsky.social @thezero.org @suidpit.bsky.social around 🖖🏿
During a recent Red Team Assessment @thezero.org and @smaury.bsky.social discovered a vulnerability in PostgreSQL's #PgAdmin which in the worst case allows unauthenticated attackers to run arbitrary server-side code.
Check out the #RCE advisory and patch now!
www.shielder.com/advisories/p...
Check out the #RCE advisory and patch now!
www.shielder.com/advisories/p...
Shielder - pgAdmin (<=8.3) Path Traversal in Session Handling Leads to Unsafe Deserialization and Remote Code Execution (RCE)
pgAdmin <= 8.3 is affected by a path-traversal vulnerability while deserializing user's session in the session handling code. If the server is running on Windows, an unauthenticated attacker can load ...
www.shielder.com
March 8, 2024 at 1:55 PM
During a recent Red Team Assessment @thezero.org and @smaury.bsky.social discovered a vulnerability in PostgreSQL's #PgAdmin which in the worst case allows unauthenticated attackers to run arbitrary server-side code.
Check out the #RCE advisory and patch now!
www.shielder.com/advisories/p...
Check out the #RCE advisory and patch now!
www.shielder.com/advisories/p...
Hey hackers! Are you attending @fosdem.bsky.social?
If you want to talk about open-source software and hardware security make sure to hit up @smaury.bsky.social and @thezero.org!
If you want to talk about open-source software and hardware security make sure to hit up @smaury.bsky.social and @thezero.org!
February 3, 2024 at 4:32 AM
Hey hackers! Are you attending @fosdem.bsky.social?
If you want to talk about open-source software and hardware security make sure to hit up @smaury.bsky.social and @thezero.org!
If you want to talk about open-source software and hardware security make sure to hit up @smaury.bsky.social and @thezero.org!
Ever wondered how to binary diff router firmwares to write n-day exploits? Learn how @thezero.org and @suidpit.bsky.social combined unblob, binexport, ghidra, Qiling, and an Asus router to write an exploit for CVE-2023-39238. The outcome was unexpected ... 1/7 www.shielder.com/blog/2024/01...
Shielder - Hunting for ~~Un~~authenticated n-days in Asus Routers
Notes on patch diffing, reverse engineering and exploiting CVE-2023-39238, CVE-2023-39239, and CVE-2023-39240.
www.shielder.com
January 30, 2024 at 1:47 PM
Ever wondered how to binary diff router firmwares to write n-day exploits? Learn how @thezero.org and @suidpit.bsky.social combined unblob, binexport, ghidra, Qiling, and an Asus router to write an exploit for CVE-2023-39238. The outcome was unexpected ... 1/7 www.shielder.com/blog/2024/01...
Ever wondered how to binary diff router firmwares to write n-day exploits? Learn how @Th3Zer0 and @suidpit combined unblob, binexport, ghidra, Qiling, and an Asus router to write an exploit for CVE-2023-39238. The outcome was unexpected ... 1/7 www.shielder.com/blog/2024/01...
Shielder - Hunting for ~~Un~~authenticated n-days in Asus Routers
Notes on patch diffing, reverse engineering and exploiting CVE-2023-39238, CVE-2023-39239, and CVE-2023-39240.
www.shielder.com
January 30, 2024 at 1:47 PM
Ever wondered how to binary diff router firmwares to write n-day exploits? Learn how @Th3Zer0 and @suidpit combined unblob, binexport, ghidra, Qiling, and an Asus router to write an exploit for CVE-2023-39238. The outcome was unexpected ... 1/7 www.shielder.com/blog/2024/01...
Hey hackers - attending NoHat?
Pop at the boot in the entrance for some swag and to chat about crazy 🦋🦗🐞🐝🐜🦟🪲!
#nohat2023
Pop at the boot in the entrance for some swag and to chat about crazy 🦋🦗🐞🐝🐜🦟🪲!
#nohat2023
October 21, 2023 at 6:44 AM
Hey hackers - attending NoHat?
Pop at the boot in the entrance for some swag and to chat about crazy 🦋🦗🐞🐝🐜🦟🪲!
#nohat2023
Pop at the boot in the entrance for some swag and to chat about crazy 🦋🦗🐞🐝🐜🦟🪲!
#nohat2023
Reposted by Shielder
A vulnerability I've reported to Google was recently made public.
TL;DR: Chrome implements credentialless iframes which should have a dedicated ephemeral cookie jar - I've found a way to break outside of it using ServiceWorkers to access long lived cookies.
bugs.chromium.org/p/chromium/i...
TL;DR: Chrome implements credentialless iframes which should have a dedicated ephemeral cookie jar - I've found a way to break outside of it using ServiceWorkers to access long lived cookies.
bugs.chromium.org/p/chromium/i...
1420885 -
chromium -
An open-source project to help move the web forward. -
Monorai...
bugs.chromium.org
August 30, 2023 at 8:45 PM
A vulnerability I've reported to Google was recently made public.
TL;DR: Chrome implements credentialless iframes which should have a dedicated ephemeral cookie jar - I've found a way to break outside of it using ServiceWorkers to access long lived cookies.
bugs.chromium.org/p/chromium/i...
TL;DR: Chrome implements credentialless iframes which should have a dedicated ephemeral cookie jar - I've found a way to break outside of it using ServiceWorkers to access long lived cookies.
bugs.chromium.org/p/chromium/i...